www.commvault.com Open in urlscan Pro
2a04:fa87:fffd::c000:42d0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Effective URL:
https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&m...
Submission: On July 29 via api (July 29th 2021, 9:01:30 pm UTC) from US

Summary HTTP 278 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 63 IPs in 7 countries across 69 domains to perform 278 HTTP transactions. The main IP is 2a04:fa87:fffd::c000:42d0, located in Ireland and belongs to AUTOMATTIC, US. The main domain is www.commvault.com.
TLS certificate: Issued by R3 on July 3rd 2021. Valid for: 3 months.

This is the only time www.commvault.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	199.15.215.8 199.15.215.8	15224 (OMNITURE) (OMNITURE)
23	2a04:fa87:fff... 2a04:fa87:fffd::c000:42d0	2635 (AUTOMATTIC) (AUTOMATTIC)
5	46.137.132.32 46.137.132.32	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
12	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	2600:9000:219... 2600:9000:2190:5400:1e:d8cf:91c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
8	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	18.168.223.221 18.168.223.221	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 3	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	70.42.76.111 70.42.76.111	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	13.224.89.225 13.224.89.225	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.96 13.224.96.96	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
62	13.224.96.5 13.224.96.5	16509 (AMAZON-02) (AMAZON-02)
1	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
4	54.165.186.74 54.165.186.74	14618 (AMAZON-AES) (AMAZON-AES)
1 3	54.229.143.145 54.229.143.145	16509 (AMAZON-02) (AMAZON-02)
1	151.101.13.131 151.101.13.131	54113 (FASTLY) (FASTLY)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	206.19.49.24 206.19.49.24	7018 (ATT-INTER...) (ATT-INTERNET4)
1 2	52.49.238.187 52.49.238.187	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
6	13.224.96.94 13.224.96.94	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.193.116 13.224.193.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
21	13.224.96.79 13.224.96.79	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.96.71 13.224.96.71	16509 (AMAZON-02) (AMAZON-02)
4	3.223.164.212 3.223.164.212	14618 (AMAZON-AES) (AMAZON-AES)
1	34.222.194.4 34.222.194.4	16509 (AMAZON-02) (AMAZON-02)
1	34.198.176.1 34.198.176.1	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.13.27 151.101.13.27	54113 (FASTLY) (FASTLY)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
17	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
5 9	52.3.52.82 52.3.52.82	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
29	13.224.96.102 13.224.96.102	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 1	209.234.224.22 209.234.224.22	395162 (MOD-PTC) (MOD-PTC)
1 1	52.208.178.181 52.208.178.181	16509 (AMAZON-02) (AMAZON-02)
1 1	18.214.90.16 18.214.90.16	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.220.197.152 54.220.197.152	16509 (AMAZON-02) (AMAZON-02)
1 1	13.224.96.9 13.224.96.9	16509 (AMAZON-02) (AMAZON-02)
1 1	192.139.80.44 192.139.80.44	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	66.81.204.42 66.81.204.42	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC)
1	74.121.140.207 74.121.140.207	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	54.173.185.122 54.173.185.122	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.36.113.45 104.36.113.45	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.201.113.59 35.201.113.59	15169 (GOOGLE) (GOOGLE)
1 1	3.123.143.157 3.123.143.157	16509 (AMAZON-02) (AMAZON-02)
1 1	13.224.193.30 13.224.193.30	16509 (AMAZON-02) (AMAZON-02)
2 2	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	34.209.134.165 34.209.134.165	16509 (AMAZON-02) (AMAZON-02)
1 1	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	52.72.74.246 52.72.74.246	14618 (AMAZON-AES) (AMAZON-AES)
1 1	199.127.206.102 199.127.206.102	26120 (RHYTHMONE) (RHYTHMONE)
1 1	52.48.207.187 52.48.207.187	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.101 13.224.193.101	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:9000:21f... 2600:9000:21f3:9c00:10:8317:ee40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:24:... 2a05:d018:24:b002:2591:850:d183:b9b4	16509 (AMAZON-02) (AMAZON-02)
2	54.172.114.57 54.172.114.57	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
278	63

1 199.15.215.8 (United States)

ASN15224 (OMNITURE, US)

app.discover.commvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)

www.commvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
commvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.137.132.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-132-32.eu-west-1.compute.amazonaws.com

tribl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:5400:1e:d8cf:91c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

pixel.mintigo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.223.221 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-223-221.eu-west-2.compute.amazonaws.com

marketo.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.73.206 (United States)

ASN13335 (CLOUDFLARENET, US)

discover.commvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

10302056.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.76.111 (United States)

ASN13789 (INTERNAP-BLK3, US)

tracker.mrpfd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.89.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-225.zrh50.r.cloudfront.net

d26x5ounzdjojj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-96.zrh50.r.cloudfront.net

consent.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 13.224.96.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-5.zrh50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.165.186.74 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-186-74.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.229.143.145 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.131 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

bddbeb1bec394be790c50af5e47b2319.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN7018 (ATT-INTERNET4, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.238.187 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.96.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-94.zrh50.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-116.fra2.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 13.224.96.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-79.zrh50.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-71.zrh50.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.223.164.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-164-212.compute-1.amazonaws.com

com-thebigwillow-prod1.collector.snplow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.222.194.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-222-194-4.us-west-2.compute.amazonaws.com

tracking.intentsify.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.176.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-176-1.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flow.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.3.52.82 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-52-82.compute-1.amazonaws.com

ad.amgdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 13.224.96.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-102.zrh50.r.cloudfront.net

preferences-mgr.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adssettings.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adssettings.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.234.224.22 (United States) 1 redirects

ASN395162 (MOD-PTC, US)

ad.wsod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.178.181 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.90.16 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-90-16.compute-1.amazonaws.com

my.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.197.152 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-197-152.eu-west-1.compute.amazonaws.com

optout.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.9 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-9.zrh50.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.139.80.44 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.81.204.42 (Virgin Islands (British)) 1 redirects

ASN40034 (CONFLUENCE-NETWORK-INC, VG)

oba.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.207 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)

www.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.185.122 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-185-122.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.53 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.45 (United States)

ASN62713 (AS-PUBMATIC, US)

apps.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.113.59 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 59.113.201.35.bc.googleusercontent.com

optout.mediaforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
optout.nxtck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.143.157 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-143-157.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.30 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-30.fra2.r.cloudfront.net

nai.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.134.165 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-134-165.us-west-2.compute.amazonaws.com

optout.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.246.49 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

privacy.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.74.246 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-74-246.compute-1.amazonaws.com

optout.thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.206.102 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

optout-service.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.207.187 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-207-187.eu-west-1.compute.amazonaws.com

optout.bigsea.weborama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-101.fra2.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

cdn.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:9c00:10:8317:ee40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.amgdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:24:b002:2591:850:d183:b9b4 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

ingest.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.172.114.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-114-57.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com	828 KB
30	truste.com consent.truste.com preferences-mgr.truste.com	27 KB
30	commvault.com app.discover.commvault.com www.commvault.com commvault.com discover.commvault.com	895 KB
28	trustarc.com consent.trustarc.com consent-pref.trustarc.com consent-st.trustarc.com	323 KB
19	drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com flow.api.drift.com	8 KB
12	amgdgt.com 5 redirects ad.amgdgt.com cdn.amgdgt.com	124 KB
11	bizible.com cdn.bizible.com	33 KB
8	doubleclick.net 2 redirects 10302056.fls.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	4 KB
8	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	94 KB
6	google.com 1 redirects adservice.google.com www.google.com adssettings.google.com	2 KB
6	google-analytics.com www.google-analytics.com	20 KB
6	gstatic.com fonts.gstatic.com	97 KB
5	google.de 1 redirects www.google.de adservice.google.de adssettings.google.de	1 KB
5	tribl.io tribl.io	15 KB
4	snplow.net com-thebigwillow-prod1.collector.snplow.net	658 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	stackadapt.com tags.srv.stackadapt.com	7 KB
4	googleapis.com fonts.googleapis.com	2 KB
3	bidr.io 2 redirects match.prod.bidr.io optout.prod.bidr.io	1 KB
3	ml314.com 1 redirects ml314.com	14 KB
2	lijit.com 2 redirects ap.lijit.com	663 B
2	pubmatic.com apps.pubmatic.com cdn.pubmatic.com	5 KB
2	mathtag.com 1 redirects www.mathtag.com pixel.mathtag.com	1 KB
2	turn.com 2 redirects r.turn.com	599 B
2	sentry.io sentry.io	613 B
2	nr-data.net bam.nr-data.net	458 B
2	ubembed.com bddbeb1bec394be790c50af5e47b2319.js.ubembed.com assets.ubembed.com	48 KB
2	techtarget.com trk.techtarget.com apt.techtarget.com	3 KB
2	cloudfront.net d26x5ounzdjojj.cloudfront.net	110 KB
2	mrpfd.com tracker.mrpfd.com	2 KB
2	marketo.net munchkin.marketo.net	6 KB
2	googletagmanager.com www.googletagmanager.com	109 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
1	imgix.net driftt.imgix.net	18 KB
1	tidaltv.com 1 redirects ingest.tidaltv.com	228 B
1	driftcdn.com embeds.driftcdn.com	20 KB
1	weborama.com 1 redirects optout.bigsea.weborama.com	204 B
1	unrulymedia.com 1 redirects optout-service.unrulymedia.com	99 B
1	thrtle.com 1 redirects optout.thrtle.com	186 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	437 B
1	tapad.com 1 redirects privacy.tapad.com	105 B
1	steelhousemedia.com 1 redirects optout.steelhousemedia.com	371 B
1	sharethis.com 1 redirects nai.sharethis.com	314 B
1	w55c.net 1 redirects i.w55c.net	558 B
1	nxtck.com 1 redirects optout.nxtck.com	185 B
1	mediaforge.com 1 redirects optout.mediaforge.com	184 B
1	quantserve.com 1 redirects pixel.quantserve.com	222 B
1	contextweb.com 1 redirects bh.contextweb.com	288 B
1	owneriq.net 1 redirects px.owneriq.net	475 B
1	openx.net 1 redirects u.openx.net	86 B
1	postrelease.com 1 redirects jadserve.postrelease.com	395 B
1	media.net 1 redirects oba.media.net	464 B
1	casalemedia.com 1 redirects casalemedia.com	92 B
1	company-target.com 1 redirects segments.company-target.com	402 B
1	ipredictive.com 1 redirects my.ipredictive.com	123 B
1	thebrighttag.com 1 redirects s.thebrighttag.com	390 B
1	wsod.com 1 redirects ad.wsod.com	383 B
1	twitter.com analytics.twitter.com	279 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	truste-svc.net prefmgr-cookie.truste-svc.net	2 KB
1	intentsify.io tracking.intentsify.io	662 B
1	google.pl www.google.pl	108 B
1	t.co t.co
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	bizibly.com cdn.bizibly.com	190 B
1	clearbit.com marketo.clearbit.com	28 KB
1	mintigo.com pixel.mintigo.com	414 B
278	69

	Domain	Requested by
62	js.driftt.com	app.discover.commvault.com js.driftt.com
29	preferences-mgr.truste.com	app.discover.commvault.com www.mathtag.com cdn.pubmatic.com ad.amgdgt.com
21	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com www.commvault.com prefmgr-cookie.truste-svc.net app.discover.commvault.com
16	www.commvault.com	app.discover.commvault.com www.commvault.com
11	cdn.bizible.com	www.commvault.com cdn.bizible.com
9	ad.amgdgt.com	5 redirects app.discover.commvault.com ad.amgdgt.com
8	dev.visualwebsiteoptimizer.com	www.commvault.com dev.visualwebsiteoptimizer.com cdn.bizible.com
7	commvault.com	www.commvault.com
6	targeting.api.drift.com	js.driftt.com
6	metrics.api.drift.com	js.driftt.com
6	consent.trustarc.com	consent.truste.com www.commvault.com consent-pref.trustarc.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn.bizible.com www.commvault.com
6	discover.commvault.com	www.commvault.com discover.commvault.com
6	fonts.gstatic.com	fonts.googleapis.com
5	tribl.io	www.commvault.com tribl.io app.discover.commvault.com
4	com-thebigwillow-prod1.collector.snplow.net	cdn.bizible.com
4	www.google.com	www.commvault.com
4	tags.srv.stackadapt.com	app.discover.commvault.com tags.srv.stackadapt.com cdn.bizible.com
4	fonts.googleapis.com	www.commvault.com js.driftt.com
3	cdn.amgdgt.com	ad.amgdgt.com
3	bootstrap.api.drift.com	js.driftt.com
3	www.google.de	www.commvault.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	ml314.com	1 redirects app.discover.commvault.com ml314.com
3	10302056.fls.doubleclick.net	1 redirects www.googletagmanager.com www.commvault.com
2	flow.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	ap.lijit.com	2 redirects
2	r.turn.com	2 redirects
2	sentry.io	js.driftt.com
2	bam.nr-data.net	js-agent.newrelic.com cdn.bizible.com
2	stats.g.doubleclick.net	cdn.bizible.com
2	match.prod.bidr.io	1 redirects www.commvault.com
2	px.ads.linkedin.com	2 redirects
2	d26x5ounzdjojj.cloudfront.net	app.discover.commvault.com d26x5ounzdjojj.cloudfront.net
2	tracker.mrpfd.com	app.discover.commvault.com cdn.bizible.com
2	munchkin.marketo.net	app.discover.commvault.com munchkin.marketo.net
2	www.googletagmanager.com	www.commvault.com www.googletagmanager.com
1	driftt.imgix.net	js.driftt.com
1	ingest.tidaltv.com	1 redirects
1	cdn.pubmatic.com	apps.pubmatic.com
1	pixel.mathtag.com	1 redirects
1	embeds.driftcdn.com	js.driftt.com
1	optout.bigsea.weborama.com	1 redirects
1	optout-service.unrulymedia.com	1 redirects
1	optout.thrtle.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	privacy.tapad.com	1 redirects
1	optout.steelhousemedia.com	1 redirects
1	nai.sharethis.com	1 redirects
1	i.w55c.net	1 redirects
1	optout.nxtck.com	1 redirects
1	optout.mediaforge.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	bh.contextweb.com	1 redirects
1	apps.pubmatic.com	app.discover.commvault.com
1	px.owneriq.net	1 redirects
1	u.openx.net	1 redirects
1	jadserve.postrelease.com	1 redirects
1	www.mathtag.com	app.discover.commvault.com
1	oba.media.net	1 redirects
1	casalemedia.com	1 redirects
1	segments.company-target.com	1 redirects
1	optout.prod.bidr.io	1 redirects
1	my.ipredictive.com	1 redirects
1	s.thebrighttag.com	1 redirects
1	ad.wsod.com	1 redirects
1	adssettings.google.de	1 redirects
1	adssettings.google.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	js-agent.newrelic.com	www.commvault.com
1	prefmgr-cookie.truste-svc.net	app.discover.commvault.com
1	tracking.intentsify.io	app.discover.commvault.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	adservice.google.de	adservice.google.com
1	www.google.pl	www.commvault.com
1	assets.ubembed.com	bddbeb1bec394be790c50af5e47b2319.js.ubembed.com
1	adservice.google.com	10302056.fls.doubleclick.net
1	t.co	www.commvault.com
1	apt.techtarget.com	www.commvault.com
1	px4.ads.linkedin.com	www.commvault.com
1	www.linkedin.com	1 redirects
1	bddbeb1bec394be790c50af5e47b2319.js.ubembed.com	www.googletagmanager.com
1	trk.techtarget.com	app.discover.commvault.com
1	static.ads-twitter.com	app.discover.commvault.com
1	consent.truste.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.bizibly.com	www.commvault.com
1	pixel.wp.com	www.commvault.com
1	marketo.clearbit.com	www.commvault.com
1	stats.wp.com	www.commvault.com
1	pixel.mintigo.com	www.commvault.com
1	app.discover.commvault.com
278	94

This site contains links to these domains. Also see Links.

Domain
ma.commvault.com
community.commvault.com
kb.commvault.com
documentation.commvault.com
partners.commvault.com
bit.ly
careers.commvault.com
ir.commvault.com
metallic.io
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
commvault.com R3	`2021-07-03` - `2021-10-01`	3 months	crt.sh
tribl.io R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-30` - `2022-07-05`	a year	crt.sh
*.mintigo.com Amazon	`2021-07-23` - `2022-08-21`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
clearbit.com Amazon	`2020-09-25` - `2021-10-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
discover.commvault.com Cloudflare Inc ECC CA-3	`2021-05-24` - `2022-05-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.mrpfd.com DigiCert SHA2 High Assurance Server CA	`2020-04-21` - `2022-04-19`	2 years	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
trk.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-17` - `2022-05-17`	2 years	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-25` - `2021-10-24`	2 years	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
assets.ubembed.com Amazon	`2021-03-06` - `2022-04-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.pl GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
com-thebigwillow-prod1.collector.snplow.net Amazon	`2021-01-13` - `2022-02-10`	a year	crt.sh
tracking.intentsify.io R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
*.truste-svc.net Go Daddy Secure Certificate Authority - G2	`2020-04-25` - `2022-06-23`	2 years	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-05` - `2022-06-06`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
*.amgdgt.com Amazon	`2020-11-22` - `2021-12-21`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh

This page contains 40 frames:

Primary Page: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Frame ID: 17B6DE194CDA72A8178A9A90F24CEA2F
Requests: 117 HTTP requests in this frame

Frame: https://10302056.fls.doubleclick.net/activityi;dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Frame ID: 93BE2062BB0058AA57A167998948CBD2
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Frame ID: F639DED5A6FC8FDC81F0A750B03E8773
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 56A9CF21F4E2550F4063AB47BB1A1AF9
Requests: 23 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Frame ID: B34A519CB8E949CE82A8530ECBA66CBE
Requests: 1 HTTP requests in this frame

Frame: https://discover.commvault.com/index.php/form/XDFrame
Frame ID: 615E98295CF3B429438AA99CA61ABD30
Requests: 2 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html
Frame ID: E99235166C66BF8C9E914C7070DE78FF
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Frame ID: DE5C5E49F1E4AB10E7AD380B1F49A679
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
Frame ID: F4C44D099959B607F3F719C0AAC73D0B
Requests: 43 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
Frame ID: 536686832AD2FD75F0596D3CCDF05AA1
Requests: 37 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 237263E997CB26E14A51711C764A009D
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/636/2/80458252014835411889/
Frame ID: E93A178644F639749FAA754100F591F7
Requests: 8 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/713/1-2/
Frame ID: 2C1DC2D9C389449834F21C28D0E1F5DE
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/804/2/AFT-j8gAAAAAYQMeI6cHeu56oNX4DmdQHrsS4gtJS-CW/
Frame ID: 2A87D50F720E48FBCF64F11B62747028
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
Frame ID: 00BADE0C0EFE5E53A9A0C529999F3E63
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/519/1/0
Frame ID: DF678D9229C9F6A05D6786E0BE37CB52
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/642/1/adelphic
Frame ID: 11B9F84EB51D5F0A4E31B709175C5902
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/574/2/0b9490d1f38e
Frame ID: 47BD518FF1FF0E973A56A61DC75860D4
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
Frame ID: ABC95EA4564EE3F69A0C3DF55FECB8CB
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/762/1-0/
Frame ID: 0B50F214D306E543845490A1C6173908
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/745/1/mtgOj5dmlrXBYn33ci5wYLCOJ
Frame ID: 1417244FE93ADD19D7EEF73D0C888FF3
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/454/1/AZFXIEUHBQ/
Frame ID: DB7ABB73174D033FD948A07E1CEF8A18
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/807/1-1/tcge0faa9nekpa91vi47oqo071/
Frame ID: C6B806C6B318D3CB9A6CF4B9E3AB843C
Requests: 2 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/755/3/
Frame ID: 6980A11B644A874757E4E926DF343022
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/765/1/1627592475/
Frame ID: 59261349947934AA07622A492E39DB60
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/591/1-1/no-token
Frame ID: CE4478E92E88F0267562BF2A2F05F8D1
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/420/1/qnXXEVRbj460Zvp0ZKTUiuUSGsLHre8WuFEx/
Frame ID: 06E0FD35B38FFD6BA81B3E4D922BB59F
Requests: 3 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/422/1/EArUFSWRzVUq
Frame ID: 22FC01C3948ABEEEDEC9BBA699900AA5
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/806/1-0/O021384551231627592475199/
Frame ID: 6087B5290ED5EE64C3039F5FC6568CD7
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/758/1-0/f07cffc6-0d25-4285-bcd8-3deef26020f8
Frame ID: F663C21D3A491637B950F8741F4E5A0E
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/759/1-0/90ef8a48-ef2d-496e-bd39-dc90cad1a484
Frame ID: 075044145D1CFA3FBC58033CD954AC7D
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/831/1-1/203103427
Frame ID: 448E7FEB773C6DED89C63F1AD8AF8B52
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/835/1/42/
Frame ID: 99884EEB880DAEA7E397BE384EF58354
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/742/1/
Frame ID: 181D7D4F3B07BEB5211B069A0024C488
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/375/1/db061f97-7b19-34ce-9de2-d2ee76676412/
Frame ID: 86921179AFCB137D004F63738C655D4E
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/428/1/44da6e22-99c7-49f6-9a7a-9dc00f498175/
Frame ID: F0ECDACCC69B8C7A7D401011F9A11A56
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/366/1-0/jKfD4zdBdc
Frame ID: 5D47B828B64A4F0E72230167124E602A
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/770/1-0/3cq9
Frame ID: 2FE0E9ABD7E467F5CC15F5E0F9F7EDA4
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
Frame ID: 1CE8BDFCE1E1CF8CF7A352A00AD0FE3E
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/747/1-0/csrf
Frame ID: CD35B6D9C2F72D2DEC034BF43236CE22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nH... Page URL
https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=conn... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /tracker\.js/i

Page Statistics

278
Requests

100 %
HTTPS

29 %
IPv6

69
Domains

94
Subdomains

63
IPs

7
Countries

2878 kB
Transfer

7117 kB
Size

28
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://ma.commvault.com/Account/Login
Title: Support

Search URL Search Domain Scan URL

URL: https://community.commvault.com/?utm_source=www.commvault.com&utm_medium=Menu%20Tracking&utm_campaign=Community%20Referral%20Menu%20Tracking
Title: Community

Search URL Search Domain Scan URL

URL: https://ma.commvault.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://kb.commvault.com/
Title: Knowledge Base

Search URL Search Domain Scan URL

URL: https://documentation.commvault.com/commvault/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://partners.commvault.com/PRM_PartnerHome?inst=1W
Title: Partner Login

Search URL Search Domain Scan URL

URL: https://partners.commvault.com/PRM_Register
Title: Become a partner

Search URL Search Domain Scan URL

URL: https://bit.ly/3jfsbv8
Title: 2021 CSR Report

Search URL Search Domain Scan URL

URL: https://careers.commvault.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://ir.commvault.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://metallic.io/
Title: Metallic™ Backup-as-a-Service

Search URL Search Domain Scan URL

URL: https://ma.commvault.com/Account/Login?ReturnUrl=%2F
Title: Support

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Commvault/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/commvault
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/commvault
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/commvault
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/commvault/
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI= Page URL
https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://10302056.fls.doubleclick.net/activityi;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit HTTP 302
https://10302056.fls.doubleclick.net/activityi;dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8544%2C566553&time=1627592473309&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D8544%252C566553%26time%3D1627592473309%26url%3Dhttps%253A%252F%252Fwww.commvault.com%252Fransomware%252Fbundles%253Futm_source%253Dconnections%2526utm_medium%253Demail%2526utm_campaign%253Dconnections-newsletter%2526mkt_tok%253DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8544%2C566553&time=1627592473309&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=8544%2C566553&time=1627592473309&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&liSync=true&e_ipv6=AQIDh7mv1PPTWwAAAXr0Ej0fMy_cHz6vqsYfEWNgrtXNE-NIZwtqoX75bvRl3bagvzFqpE0N

Request Chain 71

https://match.prod.bidr.io/cookie-sync/tbw HTTP 303
https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1

Request Chain 212

https://ad.amgdgt.com/ads/nai-coop-opt-out?action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201 HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201

Request Chain 213

https://r.turn.com/r/optout?action_id=3&participant_id=713&rd=https://preferences-mgr.truste.com&nocache=0.9351448908073612 HTTP 302
https://preferences-mgr.truste.com/token/713/1-2/

Request Chain 214

https://googleads.g.doubleclick.net/ads/preferences/naioptout?action_id=3&participant_id=804&rd=https://preferences-mgr.truste.com&nocache=0.25661617086233557 HTTP 302
https://adssettings.google.com/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYQMeI6cHeu56oNX4DmdQHrsS4gtJS-CW&aboutads_sess=ACi0TCifN4kDU6v681VQlsYbUpTlPTD65Hte-4ziIHTXxcb9aoptmRzEVhXqTxYC-D9HAR743-PE&status=2 HTTP 302
https://adssettings.google.de/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYQMeI6cHeu56oNX4DmdQHrsS4gtJS-CW&aboutads_sess=ACi0TCifN4kDU6v681VQlsYbUpTlPTD65Hte-4ziIHTXxcb9aoptmRzEVhXqTxYC-D9HAR743-PE&status=2&ipr=y HTTP 302
https://preferences-mgr.truste.com/token/804/2/AFT-j8gAAAAAYQMeI6cHeu56oNX4DmdQHrsS4gtJS-CW/

Request Chain 215

https://ad.wsod.com/coop_api/?action_id=3&participant_id=407&rd=https://preferences-mgr.truste.com/&nocache=0.3127931350743276 HTTP 302
https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/

Request Chain 216

https://s.thebrighttag.com/api/privacy/3fLGmeU/nai?action_id=3&participant_id=519&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6453374273086234 HTTP 307
https://preferences-mgr.truste.com/token/519/1/0

Request Chain 217

https://my.ipredictive.com/optout/aboutads?action_id=3&participant_id=642&rd=https://preferences-mgr.truste.com&nocache=0.9472526346084758 HTTP 302
https://preferences-mgr.truste.com/token/642/1/adelphic

Request Chain 218

https://optout.prod.bidr.io/optout?action_id=3&participant_id=574&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8559045253047648 HTTP 302
https://preferences-mgr.truste.com/token/574/2/0b9490d1f38e

Request Chain 219

https://ml314.com/daaoptout.ashx?action_id=3&participant_id=718&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8272116159343907 HTTP 302
https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/

Request Chain 220

https://segments.company-target.com/dnt?action_id=3&participant_id=762&rd=https://preferences-mgr.truste.com&nocache=0.018352991163515187 HTTP 302
https://preferences-mgr.truste.com/token/762/1-0/

Request Chain 221

https://casalemedia.com/privacy/optout?action_id=3&participant_id=745&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.9023505674976078 HTTP 302
https://preferences-mgr.truste.com/token/745/1/mtgOj5dmlrXBYn33ci5wYLCOJ

Request Chain 222

https://oba.media.net/nai.php?action_id=3&participant_id=454&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.34047993487089157 HTTP 302
https://preferences-mgr.truste.com/token/454/1/AZFXIEUHBQ/

Request Chain 224

https://jadserve.postrelease.com/naioptout?action_id=3&participant_id=755&rd=https://preferences-mgr.truste.com&nocache=0.6263222309880192 HTTP 302
https://preferences-mgr.truste.com/token/755/3/

Request Chain 225

https://u.openx.net/privacy/daa?action_id=3&participant_id=765&rd=https://preferences-mgr.truste.com&nocache=0.06829093920304041 HTTP 302
https://preferences-mgr.truste.com/token/765/1/1627592475/

Request Chain 226

https://px.owneriq.net/nai/optout?action_id=3&participant_id=591&rd=https://preferences-mgr.truste.com&nocache=0.8313142536144285 HTTP 302
https://preferences-mgr.truste.com/token/591/1-1/no-token

Request Chain 228

https://bh.contextweb.com/bh/oba/aboutads/?action_id=3&participant_id=422&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.33741181282854926 HTTP 302
https://preferences-mgr.truste.com/token/422/1/EArUFSWRzVUq

Request Chain 229

https://pixel.quantserve.com/optout?action_id=3&participant_id=806&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.18795234453155785 HTTP 302
https://preferences-mgr.truste.com/token/806/1-0/O021384551231627592475199/

Request Chain 230

https://optout.mediaforge.com/nai/mediaforge/optout?action_id=3&participant_id=758&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.4897444374563291 HTTP 302
https://preferences-mgr.truste.com/token/758/1-0/f07cffc6-0d25-4285-bcd8-3deef26020f8

Request Chain 231

https://optout.nxtck.com/nai/nextperf/optout?action_id=3&participant_id=759&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.3832174760044449 HTTP 302
https://preferences-mgr.truste.com/token/759/1-0/90ef8a48-ef2d-496e-bd39-dc90cad1a484

Request Chain 232

https://i.w55c.net/optout/nai?action_id=3&participant_id=831&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.5473292560066407 HTTP 302
https://preferences-mgr.truste.com/token/831/1-1/203103427

Request Chain 233

https://nai.sharethis.com/?action_id=3&participant_id=835&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.09505652930721231 HTTP 302
https://preferences-mgr.truste.com/token/835/1/42/

Request Chain 234

https://ap.lijit.com/cookie_opt_out?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com&nocache=0.7480865920852773 HTTP 302
https://ap.lijit.com/check_optout_cookie?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com HTTP 302
https://preferences-mgr.truste.com/token/742/1/

Request Chain 235

https://optout.steelhousemedia.com/nai?action_id=3&participant_id=375&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.34269665946636674 HTTP 302
https://preferences-mgr.truste.com/token/375/1/db061f97-7b19-34ce-9de2-d2ee76676412/

Request Chain 236

https://privacy.tapad.com/daa-coop?action_id=3&participant_id=428&rd=https://preferences-mgr.truste.com&nocache=0.05070899648736171 HTTP 303
https://preferences-mgr.truste.com/token/428/1/44da6e22-99c7-49f6-9a7a-9dc00f498175/

Request Chain 237

https://pixel.rubiconproject.com/oba/optout/?action_id=3&participant_id=366&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.012564223476042136 HTTP 302
https://preferences-mgr.truste.com/token/366/1-0/jKfD4zdBdc

Request Chain 238

https://optout.thrtle.com/optout?action_id=3&participant_id=770&rd=https://preferences-mgr.truste.com&nocache=0.6082542634005796 HTTP 302
https://preferences-mgr.truste.com/token/770/1-0/3cq9

Request Chain 239

https://optout-service.unrulymedia.com/opt-out?action_id=3&participant_id=783&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.2173208813837748 HTTP 302
https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/

Request Chain 240

https://optout.bigsea.weborama.com/optout?action_id=3&participant_id=747&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.28682361798162304 HTTP 302
https://preferences-mgr.truste.com/token/747/1-0/csrf

Request Chain 242

https://pixel.mathtag.com/event/img?mt_id=888&mt_nsync&mm_bnc&redir=https%3A%2F%2Fpreferences-mgr.truste.com%2Ftoken%2F807%2F%5BNAI_OPTOUT%5D-1%2Ftcge0faa9nekpa91vi47oqo071%2F HTTP 302
https://preferences-mgr.truste.com/token/807/1-1/tcge0faa9nekpa91vi47oqo071/

Request Chain 250

https://ad.amgdgt.com/ads/opt-out?op=check&src=MST&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D-1014628979%26pf%3Damg%26st%3D HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=-1014628979&pf=amg&st=nt HTTP 302
https://cdn.amgdgt.com/base/pixels/transparent.gif

Request Chain 251

https://r.turn.com/r/optout?src=amobee&type=status&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D3152634554372587520%26pf%3Dturn%26st%3D HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=3152634554372587520&pf=turn&st=t HTTP 302
https://cdn.amgdgt.com/base/pixels/transparent.gif

Request Chain 252

https://ingest.tidaltv.com/opt-out?op=givethestatus&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D-4427505794866479104%26pf%3Dvid%26st%3D HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=-4427505794866479104&pf=vid&st=nt HTTP 302
https://cdn.amgdgt.com/base/pixels/transparent.gif

278 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI= Show response
app.discover.commvault.com/ 565 B
868 B 388ms
361ms Document
text/html 199.15.215.8
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=

Protocol

HTTP/1.1

Server

199.15.215.8 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Apache /

Resource Hash

784b3e56f6d5e1714f8134d3c2fcbe70e2746b025c64a74a492edbde4ca2b7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: app.discover.commvault.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:12 GMT
Server: Apache
Cache-Control: private, no-cache, no-store, max-age=0
Connection: close
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html
Set-Cookie: BIGipServersj_mailtracking_http=!h2t11HkB1OlHqv67iv4ewrP5TPDRs/CPr/D1SPfIRm/20OPXzO3LX4WEip14vHgKGK3sF4Jm7PchoA8=; path=/; Httponly

GET
H2 200 Primary Request bundles Show response
www.commvault.com/ransomware/ 171 KB
39 KB 373ms
373ms Document
text/html 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit

Requested by

Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

22f64a803b2224e6e2d0cecdd0b215e90677133df95247b36e72bcfc7910a1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.commvault.com
:scheme: https
:path: /ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://app.discover.commvault.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://app.discover.commvault.com/

Response headers

server: nginx
date: Thu, 29 Jul 2021 21:01:12 GMT
content-type: text/html; charset=UTF-8
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
x-frame-options: SAMEORIGIN
link: <https://www.commvault.com/wp-json/>; rel="https://api.w.org/" <https://www.commvault.com/wp-json/wp/v2/pages/40927>; rel="alternate"; type="application/json" <https://www.commvault.com/?p=40927>; rel=shortlink
content-encoding: gzip
x-rq: hhn2 0 2 9980
cache-control: max-age=300, must-revalidate
age: 0
x-cache: miss
vary: Accept-Encoding
accept-ranges: bytes
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK h.js Show response
tribl.io/ 2 KB
1 KB 73ms
73ms Script
text/plain 46.137.132.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribl.io/h.js?orgId=qz4QkqkAAAuzYjDnMn2x
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.137.132.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-132-32.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7af50cf95aee25377e0d294dfd490228f7bfa3829a47298137dd3495811cb4c3

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:12 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
ContentType: text/javascript
P3P: CP="Triblio does not have a P3P policy."
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 833

GET
H2 200 tiny-slider.min.css
www.commvault.com/wp-content/plugins/BRG-WordPress-Gutenberg-Slider/build/ 2 KB
853 B 6ms
6ms Stylesheet
text/css 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.commvault.com/wp-content/plugins/BRG-WordPress-Gutenberg-Slider/build/tiny-slider.min.css?m=1627411120g

Requested by

Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2c7a320eaba23618a6c6a4dd8f2915868e429ecdea4fa58cbd4d7e7e4f1fb5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/BRG-WordPress-Gutenberg-Slider/build/tiny-slider.min.css?m=1627411120g
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.commvault.com
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Tue, 27 Jul 2021 18:38:40 GMT
server: nginx
age: 111653
etag: W/"610052b0-849"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 693
expires: Fri, 29 Jul 2022 21:01:12 GMT

GET
H2 200 app.build.js Show response
www.commvault.com/wp-content/plugins/BRG-WordPress-Gutenberg-Slider/build/ 167 KB
35 KB 7ms
6ms Script
application/javascript 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.commvault.com/wp-content/plugins/BRG-WordPress-Gutenberg-Slider/build/app.build.js?m=1627411120g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fa48baa21fedd452bec0791a07799f1df9bf50b15fd1d4137d099f2194ec513f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/BRG-WordPress-Gutenberg-Slider/build/app.build.js?m=1627411120g
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.commvault.com
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Tue, 27 Jul 2021 18:38:40 GMT
server: nginx
age: 111653
etag: W/"610052b0-29c10"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 35533
expires: Fri, 29 Jul 2022 21:01:12 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
525 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24508b82a87ed41e1dbec0e55a404055cab488d5417d0a0352adb1551ff98aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 20:55:15 GMT
server: ESF
date: Thu, 29 Jul 2021 21:01:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jul 2021 21:01:12 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 55ms
54ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D3F) /
Resource Hash: de22a1f465480545ea9595d61c16ad21ad40e6b2509cca0e76d2601980e52988

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 22:19:03 GMT
server: ECS (lcy/1D3F)
age: 83567
etag: "1724d993477fd71:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32240

GET
H2 200 mintigo_pixel.png
pixel.mintigo.com/ 68 B
414 B 13ms
11ms Image
image/png 2600:9000:2190:5400:1e:d8cf:91c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mintigo.com/mintigo_pixel.png?pixel_cid=d307c50538
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5400:1e:d8cf:91c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85394914807c18a79c9cd90140f3c494888d2cd9689d68835bdfe830545b2e36

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 23:40:02 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
etag: "fb204f945bb89bb73d3c1304701d7428"
last-modified: Mon, 19 Mar 2018 21:23:31 GMT
server: AmazonS3
age: 76918
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 68
x-amz-cf-id: mXjBqD59bDeLhdKJU6LSXiTYd83gSnZCU3jVIf10ZXqxy4wrxWECRA==

GET
H2 200 side-arrow.svg
commvault.com/wp-content/uploads/2021/07/ 2 KB
995 B 7ms
5ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commvault.com/wp-content/uploads/2021/07/side-arrow.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e35a14e5f53bac72c9f61d2dc74b2f7e2e84f2bc67ee4ab7bd3020d1440415f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
x-rq: hhn2 109 83 443
last-modified: Tue, 27 Jul 2021 17:40:34 GMT
server: nginx
etag: W/"ca9a394ab45f9989"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
expires: Thu, 28 Jul 2022 17:01:01 GMT

GET
H2 200 chart-arrow-1.svg
commvault.com/wp-content/uploads/2021/07/ 2 KB
1 KB 7ms
6ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commvault.com/wp-content/uploads/2021/07/chart-arrow-1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

28e921bafa5c49687bc830cafd01213f5df3b010491c01c08c45805ab9b91976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
x-rq: hhn2 109 196 443
last-modified: Tue, 27 Jul 2021 17:57:35 GMT
server: nginx
etag: W/"d985572b08e53cbd"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
expires: Thu, 28 Jul 2022 17:01:01 GMT

GET
H2 200 group-of-people.svg
commvault.com/wp-content/uploads/2021/07/ 3 KB
1 KB 7ms
6ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commvault.com/wp-content/uploads/2021/07/group-of-people.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

990e7b339281a351d6313922516a2fd02adaa37d8cc42894cd68cd49a4dacd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
x-rq: hhn2 109 200 443
last-modified: Tue, 27 Jul 2021 17:44:52 GMT
server: nginx
etag: W/"6bbfeb5546dd1d87"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
expires: Thu, 28 Jul 2022 17:01:01 GMT

GET
H/1.1 200
OK footer.js Show response
tribl.io/ 2 KB
2 KB 73ms
72ms Script
text/plain 46.137.132.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribl.io/footer.js?orgId=qz4QkqkAAAuzYjDnMn2x
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.137.132.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-132-32.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 48c9dac830d941a37b04621bfd4e7874dc8185c18a7380f57d73ad18e4e684c2

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:12 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
ContentType: text/javascript
P3P: CP="Triblio does not have a P3P policy."
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 1058

GET
H2 200 / Show response
www.commvault.com/_static/ 166 KB
53 KB 8ms
6ms Script
application/javascript 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.commvault.com/_static/??/wp-content/themes/commvault/dist/js/frontend.js,/wp-includes/js/wp-embed.min.js?m=1627480307j

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3919f34c3a95cde7637d96dd9197de60f872aec7685dcfad94cef33fd8bbbb53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /_static/??/wp-content/themes/commvault/dist/js/frontend.js,/wp-includes/js/wp-embed.min.js?m=1627480307j
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.commvault.com
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Wed, 28 Jul 2021 13:51:47 GMT
server: nginx
age: 102073
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 54333

GET
H2 200 e-202130.js Show response
stats.wp.com/ 9 KB
3 KB 43ms
42ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202130.js
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 17 Jul 2022 22:24:31 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.commvault.com/wp-includes/js/ 18 KB
5 KB 8ms
7ms Script
application/javascript 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.commvault.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.commvault.com
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Fri, 23 Jul 2021 20:02:00 GMT
server: nginx
age: 102072
etag: W/"60fb2038-4705"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4998
expires: Fri, 29 Jul 2022 21:01:12 GMT

GET
H3-29 200 css2
fonts.googleapis.com/ 4 KB
514 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13749f5c9699919bdb871c3d5084a838e1aa64867a65e3ab58d87e4401c2c0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 20:50:24 GMT
server: ESF
date: Thu, 29 Jul 2021 21:01:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jul 2021 21:01:12 GMT

GET
H2 200 style.css
www.commvault.com/wp-content/themes/commvault/dist/css/ 356 KB
46 KB 8ms
7ms Stylesheet
text/css 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

77e3ec7dd3563b1285140be8908f738bf22d6c93ce83c799fe0a64646f484489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/commvault/dist/css/style.css?v=1906
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.commvault.com
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Wed, 28 Jul 2021 13:51:47 GMT
server: nginx
age: 102072
etag: W/"610160f3-58fb3"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 46980
expires: Fri, 29 Jul 2022 21:01:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 410 KB
71 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KRLQJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2255185879f426470581e641aa204a86291a4094d8415c840337a2625ed218d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73004
x-xss-protection: 0
expires: Thu, 29 Jul 2021 21:01:12 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 13 KB
4 KB 61ms
60ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=506570&u=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&f=1&r=0.30304370535174874
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 343b6b76c4eaf490723878ae86c83a87f6326a8917dc58c5eb7275bbb73bdc02

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 21:01:12 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 search.svg
www.commvault.com/wp-content/themes/commvault/assets/svg/ 303 B
387 B 7ms
6ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.commvault.com/wp-content/themes/commvault/assets/svg/search.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f567f6c3304eed48c3eaa58c53b95eb31f2488ccd23f2430070e26481e068b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/commvault/assets/svg/search.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.commvault.com
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
x-rq: hhn2 0 2 9980
last-modified: Tue, 27 Jul 2021 18:38:41 GMT
server: nginx
age: 64
etag: "610052b1-12f"
vary: X-Mobile-Class, Accept-Encoding
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 303
expires: Fri, 29 Jul 2022 21:01:12 GMT

GET
H2 200 global.svg
www.commvault.com/wp-content/themes/commvault/assets/svg/ 701 B
466 B 8ms
6ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.commvault.com/wp-content/themes/commvault/assets/svg/global.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21342775ea918aa6ffecb96b21e137546fbb8a40b547e980afdf171f69a9ca9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/commvault/assets/svg/global.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.commvault.com
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Tue, 27 Jul 2021 18:38:41 GMT
server: nginx
age: 64
etag: "610052b1-2bd"
vary: X-Mobile-Class, Accept-Encoding
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 418
expires: Fri, 29 Jul 2022 21:01:12 GMT

GET
H2 200 contact.svg
www.commvault.com/wp-content/themes/commvault/assets/svg/ 240 B
287 B 8ms
7ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.commvault.com/wp-content/themes/commvault/assets/svg/contact.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7ec488c1b6360586de32c3dbf411e9648a2121daec9027a3599eb91ab2e21e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/commvault/assets/svg/contact.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.commvault.com
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
x-rq: hhn2 0 2 9980
last-modified: Tue, 27 Jul 2021 18:38:41 GMT
server: nginx
age: 64
etag: "610052b1-f0"
vary: X-Mobile-Class, Accept-Encoding
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 240
expires: Fri, 29 Jul 2022 21:01:12 GMT

GET
H2 200 circle-with-arrows.svg
commvault.com/wp-content/uploads/2021/07/ 4 KB
1 KB 6ms
5ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commvault.com/wp-content/uploads/2021/07/circle-with-arrows.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5a72340c7914517e45231367dfc3b1f6d7bea9bee4fafa6e139f2cf0a46014b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
x-rq: hhn2 109 200 443
last-modified: Tue, 27 Jul 2021 17:40:05 GMT
server: nginx
etag: W/"0c8f6b4be15f7bfb"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
expires: Thu, 28 Jul 2022 17:01:01 GMT

GET
H2 200 ransomware-bundle-1.png
commvault.com/wp-content/uploads/2021/07/ 29 KB
29 KB 6ms
6ms Image
image/png 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commvault.com/wp-content/uploads/2021/07/ransomware-bundle-1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f2d533dd62be1778213380be645e8baa46fab10f03a8b408b9dd0dcaf06b7c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
x-rq: hhn2 109 83 443
last-modified: Tue, 27 Jul 2021 17:42:11 GMT
server: nginx
etag: "de85437c26a0263a"
strict-transport-security: max-age=31536000
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 29610
expires: Thu, 28 Jul 2022 17:01:01 GMT

GET
H2 200 Screen-Shot-2021-07-19-at-4.48.27-PM.png
commvault.com/wp-content/uploads/2021/07/ 376 KB
377 KB 7ms
6ms Image
image/png 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commvault.com/wp-content/uploads/2021/07/Screen-Shot-2021-07-19-at-4.48.27-PM.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

04f707eda2c5beec54340f9c04f49c9d125930d510e603aa5b89683bd54f8367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
x-rq: hhn2 109 140 443
last-modified: Tue, 27 Jul 2021 17:40:28 GMT
server: nginx
etag: "6c5d6990e958fc26"
strict-transport-security: max-age=31536000
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 385412
expires: Thu, 28 Jul 2022 17:01:01 GMT

GET
H2 200 advanced-image-ransomware.png
commvault.com/wp-content/uploads/2021/07/ 154 KB
154 KB 7ms
6ms Image
image/png 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commvault.com/wp-content/uploads/2021/07/advanced-image-ransomware.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f035e691d8d6bc66d831df7b4bab4405f9f17bb32da301a753f8dd5771dcc9b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
x-rq: hhn2 109 86 443
last-modified: Wed, 28 Jul 2021 12:09:11 GMT
server: nginx
etag: "a20ddf8d0b36d291"
strict-transport-security: max-age=31536000
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 157828
expires: Thu, 28 Jul 2022 17:01:01 GMT

GET
H2 200 forms.js Show response
marketo.clearbit.com/assets/v1/marketo/ 27 KB
28 KB 216ms
215ms Script
application/javascript 18.168.223.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://marketo.clearbit.com/assets/v1/marketo/forms.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.223.221 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-223-221.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

4063e72c353fcac556ca10a2d6d26666e4b486aaefaa1872585b3f9e88b91adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 20:21:57 GMT
server: envoy
content-length: 28086
content-type: application/javascript;charset=utf-8

GET
H/1.1 200
OK firm_tracking.js Show response
tribl.io/ 9 KB
3 KB 78ms
78ms Script
text/plain 46.137.132.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribl.io/firm_tracking.js?orgId=qz4QkqkAAAuzYjDnMn2x
Requested by: Host: tribl.io
URL: https://tribl.io/footer.js?orgId=qz4QkqkAAAuzYjDnMn2x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.137.132.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-132-32.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: af0c018e8d1b0a543039bba1392de0a0f5ec6daed39fc2b111559ec3d215d797

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:12 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
ContentType: text/javascript
P3P: CP="Triblio does not have a P3P policy."
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 3055

GET
H/1.1 200
OK analytics-f.js Show response
tribl.io/ 25 KB
8 KB 79ms
79ms Script
application/javascript 46.137.132.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribl.io/analytics-f.js
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.137.132.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-132-32.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 43709d7764d2c0cecb40c69144da5ff053bafa5fe1978521412589e31a8d64b4

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jul 2021 02:09:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"60e50cc4-6203"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v6/ 18 KB
18 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Hp2ywxg089UriCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

951a3b8ec1c6a0ae2767a3bb90ba6995397c5d13bd7ff79ea0bc87529b8024ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.commvault.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 09:36:39 GMT
x-content-type-options: nosniff
age: 213873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18076
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:00:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 09:36:39 GMT

GET
H2 200 rP2Cp2ywxg089UriAWCrCBimCw.woff2
fonts.gstatic.com/s/dmsans/v6/ 18 KB
18 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriAWCrCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.commvault.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 13:52:06 GMT
x-content-type-options: nosniff
age: 198546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18296
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:00:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 13:52:06 GMT

GET
H3-29 200 rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v6/ 18 KB
18 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriASitCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.commvault.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 04:57:51 GMT
x-content-type-options: nosniff
age: 230601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18244
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:00:14 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 04:57:51 GMT

GET
H2 200 chevron-right-red.svg
www.commvault.com/wp-content/themes/commvault/assets/svg/ 286 B
393 B 6ms
5ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.commvault.com/wp-content/themes/commvault/assets/svg/chevron-right-red.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4da13fee9fdd70e43b89815664cdc7ad3d0f405c203384b31be3455656d012be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/commvault/assets/svg/chevron-right-red.svg
pragma: no-cache
cookie: _biz_uid=a230632db28b430186fd583ae7a86b44; _biz_sid=1f1c50; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttp%253A%252F%252Fapp.discover.commvault.com%252F%26_biz_h%3D-1906410348%26_biz_u%3Da230632db28b430186fd583ae7a86b44%26_biz_s%3D1f1c50%26_biz_l%3Dhttps%253A%252F%252Fwww.commvault.com%252Fransomware%252Fbundles%253Futm_source%253Dconnections%2526utm_medium%253Demail%2526utm_campaign%253Dconnections-newsletter%2526mkt_tok%253DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit%26_biz_t%3D1627592472938%26_biz_i%3DRansomware%2520Bundles%2520%257C%2520Commvault%2520Ransomware%26_biz_n%3D0%26rnd%3D786681%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.commvault.com
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
x-rq: hhn2 0 2 9980
last-modified: Tue, 27 Jul 2021 18:38:41 GMT
server: nginx
age: 62
etag: "610052b1-11e"
vary: X-Mobile-Class, Accept-Encoding
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 286
expires: Fri, 29 Jul 2022 21:01:12 GMT

GET
H2 200 forms2.min.js Show response
discover.commvault.com/js/forms2/js/ 204 KB
68 KB 67ms
67ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discover.commvault.com/js/forms2/js/forms2.min.js

Requested by

Host: www.commvault.com
URL: https://www.commvault.com/_static/??/wp-content/themes/commvault/dist/js/frontend.js,/wp-includes/js/wp-embed.min.js?m=1627480307j

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 18 Jun 2021 20:07:07 GMT
server: cloudflare
age: 2154
etag: "10089a-33187-5c50fde38d0c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 676947fc5a2e41a2-AMS
expires: Fri, 30 Jul 2021 01:01:13 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
97 B 43ms
42ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.8.1&blog=163800328&post=40927&tz=0&srv=www.commvault.com&host=www.commvault.com&ref=http%3A%2F%2Fapp.discover.commvault.com%2F&fcp=571&rand=0.8354979490371464
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
166 B 55ms
55ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=http%3A%2F%2Fapp.discover.commvault.com%2F&_biz_h=-1906410348&_biz_u=a230632db28b430186fd583ae7a86b44&_biz_s=1f1c50&_biz_l=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&_biz_t=1627592472938&_biz_i=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&_biz_n=0&rnd=786681&cdn_o=a&_biz_z=1627592472998
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D2F) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
last-modified: Wed, 28 Jul 2021 15:57:52 GMT
server: ECS (lcy/1D2F)
age: 104601
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
190 B 55ms
54ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=a230632db28b430186fd583ae7a86b44&_biz_s=1f1c50&_biz_l=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&_biz_t=1627592473000&_biz_i=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&rnd=657559&cdn_o=a&_biz_z=1627592473000
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D26) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
last-modified: Thu, 29 Jul 2021 04:25:19 GMT
server: ECS (lcy/1D26)
age: 59754
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H3-29 200 tag-26aee43f4d7d6fca54a567a22064af80.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 159 KB
45 KB 48ms
48ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-26aee43f4d7d6fca54a567a22064af80.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=506570&u=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&f=1&r=0.30304370535174874
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 510403f36d77cf2e8d8dc92c332d9e8cbd786bd5e97d542681e3f1afd50e78fd

Request headers

Origin: https://www.commvault.com
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: br
last-modified: Thu, 29 Jul 2021 12:44:14 GMT
server: gfra1
etag: "6102a29e-b440"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46144
via: 1.1 google

GET
H3-29 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 134ms
134ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=506570&d=commvault.com&u=D7B11A576A137143A04D432D90F32F0B7&h=4bfeb0dc32903a74f50e8e3ceb15d25f&t=false&r=0.9305979230510726

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 chevron-right-red.svg
www.commvault.com/wp-content/themes/commvault/dist/svg/ 286 B
381 B 6ms
5ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.commvault.com/wp-content/themes/commvault/dist/svg/chevron-right-red.svg

Requested by

Host: www.commvault.com
URL: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4da13fee9fdd70e43b89815664cdc7ad3d0f405c203384b31be3455656d012be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/commvault/dist/svg/chevron-right-red.svg
pragma: no-cache
cookie: _biz_uid=a230632db28b430186fd583ae7a86b44; _biz_sid=1f1c50; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttp%253A%252F%252Fapp.discover.commvault.com%252F%26_biz_h%3D-1906410348%26_biz_u%3Da230632db28b430186fd583ae7a86b44%26_biz_s%3D1f1c50%26_biz_l%3Dhttps%253A%252F%252Fwww.commvault.com%252Fransomware%252Fbundles%253Futm_source%253Dconnections%2526utm_medium%253Demail%2526utm_campaign%253Dconnections-newsletter%2526mkt_tok%253DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit%26_biz_t%3D1627592472938%26_biz_i%3DRansomware%2520Bundles%2520%257C%2520Commvault%2520Ransomware%26_biz_n%3D0%26rnd%3D786681%22%5D; _vwo_uuid_v2=D7B11A576A137143A04D432D90F32F0B7|4bfeb0dc32903a74f50e8e3ceb15d25f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.commvault.com
referer: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
x-rq: hhn2 0 2 9980
last-modified: Wed, 28 Jul 2021 13:24:51 GMT
server: nginx
age: 61
etag: "61015aa3-11e"
vary: X-Mobile-Class, Accept-Encoding
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 286
expires: Fri, 29 Jul 2022 21:01:13 GMT

GET
H2 200 search.svg
www.commvault.com/wp-content/themes/commvault/dist/svg/ 303 B
375 B 6ms
5ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.commvault.com/wp-content/themes/commvault/dist/svg/search.svg

Requested by

Host: www.commvault.com
URL: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f567f6c3304eed48c3eaa58c53b95eb31f2488ccd23f2430070e26481e068b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/commvault/dist/svg/search.svg
pragma: no-cache
cookie: _biz_uid=a230632db28b430186fd583ae7a86b44; _biz_sid=1f1c50; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttp%253A%252F%252Fapp.discover.commvault.com%252F%26_biz_h%3D-1906410348%26_biz_u%3Da230632db28b430186fd583ae7a86b44%26_biz_s%3D1f1c50%26_biz_l%3Dhttps%253A%252F%252Fwww.commvault.com%252Fransomware%252Fbundles%253Futm_source%253Dconnections%2526utm_medium%253Demail%2526utm_campaign%253Dconnections-newsletter%2526mkt_tok%253DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit%26_biz_t%3D1627592472938%26_biz_i%3DRansomware%2520Bundles%2520%257C%2520Commvault%2520Ransomware%26_biz_n%3D0%26rnd%3D786681%22%5D; _vwo_uuid_v2=D7B11A576A137143A04D432D90F32F0B7|4bfeb0dc32903a74f50e8e3ceb15d25f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.commvault.com
referer: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
x-rq: hhn2 0 2 9980
last-modified: Wed, 28 Jul 2021 13:24:51 GMT
server: nginx
age: 61
etag: "61015aa3-12f"
vary: X-Mobile-Class, Accept-Encoding
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 303
expires: Fri, 29 Jul 2022 21:01:13 GMT

GET
H2 200 global.svg
www.commvault.com/wp-content/themes/commvault/dist/svg/ 701 B
468 B 6ms
6ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.commvault.com/wp-content/themes/commvault/dist/svg/global.svg

Requested by

Host: www.commvault.com
URL: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21342775ea918aa6ffecb96b21e137546fbb8a40b547e980afdf171f69a9ca9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/commvault/dist/svg/global.svg
pragma: no-cache
cookie: _biz_uid=a230632db28b430186fd583ae7a86b44; _biz_sid=1f1c50; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttp%253A%252F%252Fapp.discover.commvault.com%252F%26_biz_h%3D-1906410348%26_biz_u%3Da230632db28b430186fd583ae7a86b44%26_biz_s%3D1f1c50%26_biz_l%3Dhttps%253A%252F%252Fwww.commvault.com%252Fransomware%252Fbundles%253Futm_source%253Dconnections%2526utm_medium%253Demail%2526utm_campaign%253Dconnections-newsletter%2526mkt_tok%253DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit%26_biz_t%3D1627592472938%26_biz_i%3DRansomware%2520Bundles%2520%257C%2520Commvault%2520Ransomware%26_biz_n%3D0%26rnd%3D786681%22%5D; _vwo_uuid_v2=D7B11A576A137143A04D432D90F32F0B7|4bfeb0dc32903a74f50e8e3ceb15d25f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.commvault.com
referer: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Wed, 28 Jul 2021 13:24:51 GMT
server: nginx
age: 61
etag: "61015aa3-2bd"
vary: X-Mobile-Class, Accept-Encoding
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 418
expires: Fri, 29 Jul 2022 21:01:13 GMT

GET
H2 200 contact.svg
www.commvault.com/wp-content/themes/commvault/dist/svg/ 240 B
299 B 6ms
6ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.commvault.com/wp-content/themes/commvault/dist/svg/contact.svg

Requested by

Host: www.commvault.com
URL: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7ec488c1b6360586de32c3dbf411e9648a2121daec9027a3599eb91ab2e21e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/commvault/dist/svg/contact.svg
pragma: no-cache
cookie: _biz_uid=a230632db28b430186fd583ae7a86b44; _biz_sid=1f1c50; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttp%253A%252F%252Fapp.discover.commvault.com%252F%26_biz_h%3D-1906410348%26_biz_u%3Da230632db28b430186fd583ae7a86b44%26_biz_s%3D1f1c50%26_biz_l%3Dhttps%253A%252F%252Fwww.commvault.com%252Fransomware%252Fbundles%253Futm_source%253Dconnections%2526utm_medium%253Demail%2526utm_campaign%253Dconnections-newsletter%2526mkt_tok%253DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit%26_biz_t%3D1627592472938%26_biz_i%3DRansomware%2520Bundles%2520%257C%2520Commvault%2520Ransomware%26_biz_n%3D0%26rnd%3D786681%22%5D; _vwo_uuid_v2=D7B11A576A137143A04D432D90F32F0B7|4bfeb0dc32903a74f50e8e3ceb15d25f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.commvault.com
referer: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
x-rq: hhn2 0 2 9980
last-modified: Wed, 28 Jul 2021 13:24:51 GMT
server: nginx
age: 61
etag: "61015aa3-f0"
vary: X-Mobile-Class, Accept-Encoding
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 240
expires: Fri, 29 Jul 2022 21:01:13 GMT

GET
H2 200 bullet.svg
www.commvault.com/wp-content/themes/commvault/dist/svg/ 424 B
495 B 6ms
5ms Image
image/svg+xml 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.commvault.com/wp-content/themes/commvault/dist/svg/bullet.svg

Requested by

Host: www.commvault.com
URL: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2515f2f551001962d9194fc3df4ae3b40b0ca9f9e5fd0b067e7c50a7dcb0dd29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/commvault/dist/svg/bullet.svg
pragma: no-cache
cookie: _biz_uid=a230632db28b430186fd583ae7a86b44; _biz_sid=1f1c50; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttp%253A%252F%252Fapp.discover.commvault.com%252F%26_biz_h%3D-1906410348%26_biz_u%3Da230632db28b430186fd583ae7a86b44%26_biz_s%3D1f1c50%26_biz_l%3Dhttps%253A%252F%252Fwww.commvault.com%252Fransomware%252Fbundles%253Futm_source%253Dconnections%2526utm_medium%253Demail%2526utm_campaign%253Dconnections-newsletter%2526mkt_tok%253DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit%26_biz_t%3D1627592472938%26_biz_i%3DRansomware%2520Bundles%2520%257C%2520Commvault%2520Ransomware%26_biz_n%3D0%26rnd%3D786681%22%5D; _vwo_uuid_v2=D7B11A576A137143A04D432D90F32F0B7|4bfeb0dc32903a74f50e8e3ceb15d25f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.commvault.com
referer: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/wp-content/themes/commvault/dist/css/style.css?v=1906
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
x-rq: hhn2 0 2 9980
last-modified: Wed, 28 Jul 2021 13:24:51 GMT
server: nginx
age: 365
etag: "61015aa3-1a8"
vary: X-Mobile-Class, Accept-Encoding
x-cache: grace
content-type: image/svg+xml
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 424
expires: Fri, 29 Jul 2022 21:01:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KRLQJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 1910
date: Thu, 29 Jul 2021 20:29:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 29 Jul 2021 22:29:23 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 57ms
56ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KRLQJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
server: cafe
etag: 8154934153164151798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Jul 2021 21:01:13 GMT

GET
H3-29

200

activityi;dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Frans... Show response
10302056.fls.doubleclick.net/ Frame 93BE
Redirect Chain

https://10302056.fls.doubleclick.net/activityi;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fr...
https://10302056.fls.doubleclick.net/activityi;dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=h...

751 B
605 B

53ms
52ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10302056.fls.doubleclick.net/activityi;dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KRLQJ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

8b1cde8728d81dbecdb552749f3634b7cb3b78f10d5b51092da49ae10041b085

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10302056.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jul 2021 21:01:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 580
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Jul-2021 21:16:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jul 2021 21:01:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10302056.fls.doubleclick.net/activityi;dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KRLQJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=28309
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H/1.1 200
OK munchkin-beta.js Show response
munchkin.marketo.net/ 1 KB
1 KB 65ms
64ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin-beta.js
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ab041c9c625633155ea7f9eba22f96e40b4102c3286214e54c5a5d17e8c0bf78

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Apr 2021 01:05:09 GMT
Server: AkamaiNetStorage
ETag: "78268ff3ba8cffd688d6ab0b58e671e6:1617325509.205315"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H/1.1 200
OK tracker.js Show response
tracker.mrpfd.com/ 2 KB
2 KB 130ms
130ms Script
text/html 70.42.76.111
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.mrpfd.com/tracker.js
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 70.42.76.111 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: / Express
Resource Hash: 9602f449056d417899555bd6be3cb75936c2ea1c615c0c580db550ae7e0ed1fe

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:13 GMT
Access-Control-Request-Method: *
X-Powered-By: Express
ETag: W/"8a6-tEc0Hs6TjXJAmSlYQjIaotLrmb8"
ntCoent-Length: 2214
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Headers: Set-Cookie, *
Content-Length: 1124

GET
H/1.1 200
OK tbw_analytics_v1.0.js Show response
d26x5ounzdjojj.cloudfront.net/tbw/ 12 KB
12 KB 52ms
52ms Script
application/javascript 13.224.89.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?23
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-225.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09fdb2959efa7f317724a5762ad6dd73d941613bfd3764ed8be04ddbc4338b4b

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:47:35 GMT
Via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
Last-Modified: Tue, 24 Mar 2020 04:06:51 GMT
Server: AmazonS3
Age: 47623
ETag: "463d5912885bbaf6257aaac2e9d8935e"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 11917
X-Amz-Cf-Id: UlSE6Vc5dQbiY7VUG9KNWIovu0wFTAUBzZqOMUrE0H5CkDf8IlQzIg==

GET
H2 200 notice Show response
consent.truste.com/ 9 KB
4 KB 88ms
87ms Script
text/javascript 13.224.96.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.truste.com/notice?domain=commvault.com&c=teconsent&text=true&js=bb&noticeType=bb

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KRLQJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-96.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

33abda5c2c78c9960286bf2504b6f01dd3decd8b9e1b7302bf7bb7530c38e2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: PL
content-length: 3584
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=3600
cloudfront-viewer-country-region: 14
x-amz-cf-id: rj7KSwX9Ep8BpiIIN_tzfJGOG5j28QFnIVe0mZ3Hh8gZk1bi8Pe85A==
expires: Thu, 29 Jul 2021 22:01:13 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 42ms
42ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
via: 1.1 varnish
last-modified: Mon, 12 Jul 2021 21:25:31 GMT
age: 75243
etag: "65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1627592473.160957,VS0,VE0
x-served-by: cache-fra19173-FRA

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-796461472

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KRLQJ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b70264d4ea73277942a2d9ed530d64fd520ffcbcf4e1f810099515400b18d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38721
x-xss-protection: 0
expires: Thu, 29 Jul 2021 21:01:13 GMT

GET
H2 200 6mv9d8mhh2p7.js Show response
js.driftt.com/include/1627592700000/ 214 KB
61 KB 171ms
171ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1627592700000/6mv9d8mhh2p7.js

Requested by

Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a74658bf5343a652a1c98487e3a622b1254a40442fd5d9b9b887ee99470cfae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7On8cCa.HKDec3O8aMmwKRLwh8Jw4dlS
content-encoding: gzip
etag: W/"bd1db63f3079b20cb4d0be86d2fa7b5d"
x-amz-cf-pop: ZRH50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 29 Jul 2021 19:35:46 GMT
server: nginx
date: Thu, 29 Jul 2021 21:01:13 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EZe4b-vC4_bC4IPYEUnL56eAxSaCxuF7GNp3K5caOuYmbyR_xQElVg==

GET
H/1.1 200
OK tracking.js Show response
trk.techtarget.com/ 4 KB
2 KB 43ms
43ms Script
text/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2019 20:11:17 GMT
Server: PWS/8.3.1.0.8
Age: 532
X-Ws-Request-Id: 61031719_PSdgflkfFRA1bc9_24092-59527
Content-Type: text/javascript
Via: 1.1 PSmgnyNY2no188:0 (W), 1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA1eq94:13 (W)
Cache-Control: max-age=600
X-Px: ht PSdgflkfFRA1eq94FRA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1711
Expires: Thu, 29 Jul 2021 21:02:21 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 13 KB
5 KB 191ms
190ms Script
text/javascript 54.165.186.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.186.74 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-186-74.compute-1.amazonaws.com
Software: /
Resource Hash: f798a81dba19f4306286b4116fe2102152868fc7967a4dc9103333277be90d0f

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 29 Jul 2021 21:01:13 GMT
Content-Encoding: gzip
Cache-Control: max-age=30
Content-Length: 4440
Connection: keep-alive
Content-Type: text/javascript

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 28 KB
13 KB 84ms
83ms Script
application/javascript 54.229.143.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?296
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.143.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 22:32:36 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=5483
Connection: keep-alive
Content-Length: 12574
Expires: Thu, 29 Jul 2021 22:32:36 GMT

GET
H2 200 / Show response
bddbeb1bec394be790c50af5e47b2319.js.ubembed.com/ 8 KB
2 KB 46ms
46ms Script
application/json 151.101.13.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bddbeb1bec394be790c50af5e47b2319.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KRLQJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.131 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 02d1d89dc88a1fe5cc26fb3ccb67719974af93a40bef218306d8bafe00a76ce7

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 3015
etag: 14b6aed2aff32e6f3d0b25fb2becaa08-v0.179.0
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: none
x-amz-apigw-id: DP60-Hm9DoEFlIA=

GET
H2 200 activityi;register_conversion=1;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbun...
10302056.fls.doubleclick.net/ 0
0 50ms
50ms Image
text/html 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10302056.fls.doubleclick.net/activityi;register_conversion=1;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit?
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
456 B 152ms
151ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=a230632db28b430186fd583ae7a86b44&_biz_h=-1906410348&cdn_o=a&jsVer=4.21.06.25
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D3D) /
Resource Hash: 7d35eba870f50886a6a0813fcbcc005c0a5cd952c3e4c407980854b33c64fe8b

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: gzip
server: ECS (lcy/1D3D)
etag: 6D1A19A2
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 218

GET
H3-29 200 tag-90f7ad34a20d16e567f35cfeab8cf938.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 90 KB
23 KB 47ms
47ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-90f7ad34a20d16e567f35cfeab8cf938.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-26aee43f4d7d6fca54a567a22064af80.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: d53579d075f3e05299f0e771827e8c701f75966ff410ecbd47265a037d75f289

Request headers

Origin: https://www.commvault.com
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: br
last-modified: Thu, 29 Jul 2021 12:44:14 GMT
server: gfra1
etag: "6102a29e-5bec"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23532
via: 1.1 google

POST
H3-29 200 l.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 136ms
136ms Ping
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=164&account_id=506570&cu=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&combination=1&s=1&sId=1627592472&u=D7B11A576A137143A04D432D90F32F0B7&ed=%7B%22tO%22%3A%22-2%22%2C%22lt%22%3A%221627592473225%22%2C%22r%22%3A%22http%3A%2F%2Fapp.discover.commvault.com%2F%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&vn=7.0.151&vns=undefined&vno=undefined&_ru=http%3A%2F%2Fapp.discover.commvault.com%2F&eTime=1627592472226&random=0.8606598561432872

Requested by

Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-26aee43f4d7d6fca54a567a22064af80.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:12 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 kvp
cdn.bizible.com/m/ 43 B
84 B 57ms
57ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/kvp?data=%7B%22ABTest%22%3A%5B%7B%22Exp%22%3A%7B%22Name%22%3A%22Sitewide%3A%20Request%20demo%20vs.%20Experience%20a%20demo%22%2C%22Id%22%3A%22164%22%7D%2C%22Var%22%3A%7B%22Name%22%3A%22Control%3A-Request-demo%22%2C%22Id%22%3A%221%22%7D%2C%22U%22%3A%22D7B11A576A137143A04D432D90F32F0B7%22%7D%5D%7D&_biz_u=a230632db28b430186fd583ae7a86b44&_biz_s=1f1c50&_biz_l=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&_biz_t=1627592473235&_biz_i=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&_biz_n=1&rnd=937082&cdn_o=a&_biz_z=1627592473236
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D47) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
last-modified: Fri, 23 Jul 2021 06:57:49 GMT
server: ECS (lcy/1D47)
age: 569004
x-cache: HIT
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H3-29 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 62 KB
8 KB 58ms
58ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=506570&settings_type=1&vn=7.0&r=0.9210911805206166&exc=3|4|9|10|57|157|158|164
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-26aee43f4d7d6fca54a567a22064af80.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: c43c886bf61b4893422782d4b1cf52e0f5eece2bed4fbc1ef7572e0d3dc0908d

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H3-29 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 138ms
138ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=506570&u=D7B11A576A137143A04D432D90F32F0B7&s=1627592472&p=1&tags={%22si%22:{%22164%22:%221%22}}&update=1&cq=0&vn=7.0.151&vns=undefined&vno=undefined&_cu=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dco&_ru=http%3A%2F%2Fapp.discover.commvault.com%2F&eTime=1627592472266&random=0.16473772284419574

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:12 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 kvp
cdn.bizible.com/m/ 43 B
84 B 60ms
59ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/kvp?data=%7B%22ABTest%22%3A%5B%7B%22Exp%22%3A%7B%22Name%22%3A%22Sitewide%3A%20Request%20demo%20vs.%20Experience%20a%20demo%22%2C%22Id%22%3A%22164%22%7D%2C%22Var%22%3A%7B%22Name%22%3A%22Control%3A-Request-demo%22%2C%22Id%22%3A%221%22%7D%2C%22U%22%3A%22D7B11A576A137143A04D432D90F32F0B7%22%7D%5D%7D&_biz_u=a230632db28b430186fd583ae7a86b44&_biz_s=1f1c50&_biz_l=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&_biz_t=1627592473271&_biz_i=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&_biz_n=2&rnd=404192&cdn_o=a&_biz_z=1627592473271
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D47) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
last-modified: Fri, 23 Jul 2021 06:57:49 GMT
server: ECS (lcy/1D47)
age: 569004
x-cache: HIT
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 kvp
cdn.bizible.com/m/ 43 B
84 B 60ms
59ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/kvp?data=%7B%22ABTest%22%3A%5B%7B%22Exp%22%3A%7B%22Name%22%3A%22Sitewide%3A%20Request%20demo%20vs.%20Experience%20a%20demo%22%2C%22Id%22%3A%22164%22%7D%2C%22Var%22%3A%7B%22Name%22%3A%22Control%3A-Request-demo%22%2C%22Id%22%3A%221%22%7D%2C%22U%22%3A%22D7B11A576A137143A04D432D90F32F0B7%22%7D%5D%7D&_biz_u=a230632db28b430186fd583ae7a86b44&_biz_s=1f1c50&_biz_l=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&_biz_t=1627592473272&_biz_i=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&_biz_n=3&rnd=935557&cdn_o=a&_biz_z=1627592473272
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D47) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
last-modified: Fri, 23 Jul 2021 06:57:49 GMT
server: ECS (lcy/1D47)
age: 569004
x-cache: HIT
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 marketo.1ca58da0f50111442728.js Show response
www.commvault.com/wp-content/themes/commvault/dist/js/ 10 KB
4 KB 7ms
6ms Script
application/javascript 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.commvault.com/wp-content/themes/commvault/dist/js/marketo.1ca58da0f50111442728.js

Requested by

Host: www.commvault.com
URL: https://www.commvault.com/_static/??/wp-content/themes/commvault/dist/js/frontend.js,/wp-includes/js/wp-embed.min.js?m=1627480307j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

37d8b20dd28c024cdbd047c8b7485d66a4ff8baf2db1f9cb6672268aa868646e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/commvault/dist/js/marketo.1ca58da0f50111442728.js
pragma: no-cache
cookie: _biz_uid=a230632db28b430186fd583ae7a86b44; _biz_sid=1f1c50; _vwo_uuid_v2=D7B11A576A137143A04D432D90F32F0B7|4bfeb0dc32903a74f50e8e3ceb15d25f; _gcl_au=1.1.36974826.1627592473; _biz_flagsA=%7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%7D; _biz_pendingA=%5B%5D; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _vwo_uuid=D7B11A576A137143A04D432D90F32F0B7; _vwo_ds=3%241627592472%3A78.39585147%3A%3A; _vwo_sn=0%3A1%3A%3A%3A1; _vis_opt_exp_164_combi=1; _biz_nA=4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.commvault.com
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Wed, 28 Jul 2021 13:51:47 GMT
server: nginx
age: 102073
etag: W/"610160f3-2929"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4086
expires: Fri, 29 Jul 2022 21:01:13 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8544%2C566553&time=1627592473309&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D8544%252C566553%26time%3D1627592473309%26url%3Dhttps%253A%252F%252Fwww.commvault....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8544%2C566553&time=1627592473309&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=8544%2C566553&time=1627592473309&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm...

0
63 B

149ms
149ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=8544%2C566553&time=1627592473309&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&liSync=true&e_ipv6=AQIDh7mv1PPTWwAAAXr0Ej0fMy_cHz6vqsYfEWNgrtXNE-NIZwtqoX75bvRl3bagvzFqpE0N
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:14 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: T8jUVbtelhYQKU6dOCsAAA==

Redirect headers

date: Thu, 29 Jul 2021 21:01:13 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=8544%2C566553&time=1627592473309&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&liSync=true&e_ipv6=AQIDh7mv1PPTWwAAAXr0Ej0fMy_cHz6vqsYfEWNgrtXNE-NIZwtqoX75bvRl3bagvzFqpE0N
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: Ee04S7telhbgXmyglSsAAA==

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 20:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1556
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Thu, 29 Jul 2021 21:35:17 GMT

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
464 B 133ms
133ms Image
image/gif 206.19.49.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=1239469&version=2.0&ref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&r=1627592473365
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:13 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
ETag: "2b-5850384029cff"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 43

GET
H/1.1

200
OK

tbw Show response
match.prod.bidr.io/cookie-sync/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/tbw
https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1

44 B
656 B

76ms
75ms

Script
application/javascript

52.49.238.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.238.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-238-187.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e713fb1806415485c8740f6cfcf9bbf8e88ecd4a3cd2984d14120ae1167b3263

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:13 GMT
x-content-type-options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 44
strict-transport-security: max-age=2592000; includeSubDomains
content-type: application/javascript

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1
Date: Thu, 29 Jul 2021 21:01:13 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/708573988/ 3 KB
1 KB 60ms
59ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708573988/?random=1627592473368&cv=9&fst=1627592473368&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&ref=http%3A%2F%2Fapp.discover.commvault.com%2F&tiba=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b9700d90d62905b603251007235395438461d017bb4a5353a0580dafc4375a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1215
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/160/ 11 KB
5 KB 66ms
66ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/160/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin-beta.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 02:54:38 GMT
Server: AkamaiNetStorage
ETag: "19a9335fd71267d56e65bc19390f3100:1613703278.138281"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4811
Expires: Sat, 06 Nov 2021 21:01:13 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 82ms
82ms Script
application/javascript 54.229.143.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=59979&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&pv=1627592473376_75jgxub97&bl=en-us&cb=6515825&return=&ht=&d=&dc=&si=1627592473376_75jgxub97&cid=&s=1600x1200&rp=http%3A%2F%2Fapp.discover.commvault.com%2F
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?296
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.143.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 21:01:12 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H3-29 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 47ms
46ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:12 GMT
content-encoding: br
last-modified: Thu, 29 Jul 2021 12:44:14 GMT
server: gfra1
etag: "6102a29e-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H2 200 kvp
cdn.bizible.com/m/ 43 B
84 B 60ms
58ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/kvp?data=%7B%22ABTest%22%3A%5B%7B%22Exp%22%3A%7B%22Name%22%3A%22Sitewide%3A%20Request%20demo%20vs.%20Experience%20a%20demo%22%2C%22Id%22%3A%22164%22%7D%2C%22Var%22%3A%7B%22Name%22%3A%22Control%3A-Request-demo%22%2C%22Id%22%3A%221%22%7D%2C%22U%22%3A%22D7B11A576A137143A04D432D90F32F0B7%22%7D%5D%7D&_biz_u=a230632db28b430186fd583ae7a86b44&_biz_s=1f1c50&_biz_l=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&_biz_t=1627592473391&_biz_i=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&_biz_n=4&rnd=248124&cdn_o=a&_biz_z=1627592473392
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D47) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
last-modified: Fri, 23 Jul 2021 06:57:49 GMT
server: ECS (lcy/1D47)
age: 569004
x-cache: HIT
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 kvp
cdn.bizible.com/m/ 43 B
84 B 60ms
58ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/kvp?data=%7B%22ABTest%22%3A%5B%7B%22Exp%22%3A%7B%22Name%22%3A%22Sitewide%3A%20Request%20demo%20vs.%20Experience%20a%20demo%22%2C%22Id%22%3A%22164%22%7D%2C%22Var%22%3A%7B%22Name%22%3A%22Control%3A-Request-demo%22%2C%22Id%22%3A%221%22%7D%2C%22U%22%3A%22D7B11A576A137143A04D432D90F32F0B7%22%7D%5D%7D&_biz_u=a230632db28b430186fd583ae7a86b44&_biz_s=1f1c50&_biz_l=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&_biz_t=1627592473394&_biz_i=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&_biz_n=5&rnd=356054&cdn_o=a&_biz_z=1627592473395
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D47) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
last-modified: Fri, 23 Jul 2021 06:57:49 GMT
server: ECS (lcy/1D47)
age: 569004
x-cache: HIT
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 kvp
cdn.bizible.com/m/ 43 B
84 B 60ms
59ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/kvp?data=%7B%22ABTest%22%3A%5B%7B%22Exp%22%3A%7B%22Name%22%3A%22Sitewide%3A%20Request%20demo%20vs.%20Experience%20a%20demo%22%2C%22Id%22%3A%22164%22%7D%2C%22Var%22%3A%7B%22Name%22%3A%22Control%3A-Request-demo%22%2C%22Id%22%3A%221%22%7D%2C%22U%22%3A%22D7B11A576A137143A04D432D90F32F0B7%22%7D%5D%7D&_biz_u=a230632db28b430186fd583ae7a86b44&_biz_s=1f1c50&_biz_l=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&_biz_t=1627592473398&_biz_i=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&_biz_n=6&rnd=878226&cdn_o=a&_biz_z=1627592473398
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D47) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
last-modified: Fri, 23 Jul 2021 06:57:49 GMT
server: ECS (lcy/1D47)
age: 569004
x-cache: HIT
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 kvp
cdn.bizible.com/m/ 43 B
84 B 60ms
59ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/kvp?data=%7B%22ABTest%22%3A%5B%7B%22Exp%22%3A%7B%22Name%22%3A%22Sitewide%3A%20Request%20demo%20vs.%20Experience%20a%20demo%22%2C%22Id%22%3A%22164%22%7D%2C%22Var%22%3A%7B%22Name%22%3A%22Control%3A-Request-demo%22%2C%22Id%22%3A%221%22%7D%2C%22U%22%3A%22D7B11A576A137143A04D432D90F32F0B7%22%7D%5D%7D&_biz_u=a230632db28b430186fd583ae7a86b44&_biz_s=1f1c50&_biz_l=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&_biz_t=1627592473401&_biz_i=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&_biz_n=7&rnd=834725&cdn_o=a&_biz_z=1627592473401
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D47) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
last-modified: Fri, 23 Jul 2021 06:57:49 GMT
server: ECS (lcy/1D47)
age: 569004
x-cache: HIT
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 kvp
cdn.bizible.com/m/ 43 B
84 B 57ms
56ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/kvp?data=%7B%22ABTest%22%3A%5B%7B%22Exp%22%3A%7B%22Name%22%3A%22Sitewide%3A%20Request%20demo%20vs.%20Experience%20a%20demo%22%2C%22Id%22%3A%22164%22%7D%2C%22Var%22%3A%7B%22Name%22%3A%22Control%3A-Request-demo%22%2C%22Id%22%3A%221%22%7D%2C%22U%22%3A%22D7B11A576A137143A04D432D90F32F0B7%22%7D%5D%7D&_biz_u=a230632db28b430186fd583ae7a86b44&_biz_s=1f1c50&_biz_l=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&_biz_t=1627592473403&_biz_i=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&_biz_n=8&rnd=436902&cdn_o=a&_biz_z=1627592473403
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D47) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
last-modified: Fri, 23 Jul 2021 06:57:49 GMT
server: ECS (lcy/1D47)
age: 569004
x-cache: HIT
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 v1.7-8690 Show response
consent.trustarc.com/asset/notice.js/v/ 72 KB
23 KB 59ms
58ms Script
text/javascript 13.224.96.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-8690
Requested by: Host: consent.truste.com
URL: https://consent.truste.com/notice?domain=commvault.com&c=teconsent&text=true&js=bb&noticeType=bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-94.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: fdd650406adae0fb686277bda711756d1e219ae4f4e2569892661e6578689d2a

Request headers

Origin: https://www.commvault.com
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 20:16:47 GMT
content-encoding: gzip
age: 2666
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Mon, 14 Jun 2021 03:17:50 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: M9lEZwi3UV8uxxbJYkjKsGSlhbraovrS5XdjDvWqSJJ9daqi6H_3Ug==
expires: Sat, 28 Aug 2021 20:16:47 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
381 B 107ms
107ms Image
image/gif 13.224.96.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/log?domain=commvault.com&country=pl&state=&behavior=expressed&c=7988
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-94.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: VfTdLcf5js1FYr1jjFo4RGSbjFUfaXN6kyBO1FdEBlr_b16ns_Saog==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 0
0 156ms
154ms Image
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=nvg1l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/796461472/ 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/796461472/?random=1627592473426&cv=9&fst=1627592473426&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&ref=http%3A%2F%2Fapp.discover.commvault.com%2F&tiba=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

500fde27032e0b51f18ebde6f93a6ac500a0bcfc86090861020c0a4a0f6924ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 0 Show response
tracker.mrpfd.com/ 0
559 B 128ms
127ms XHR
text/html 70.42.76.111
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.mrpfd.com/0?href=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&origin=https%3A%2F%2Fwww.commvault.com&protocol=https%3A&host=www.commvault.com&hostname=www.commvault.com&port&pathname=%2Fransomware%2Fbundles&search=%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&hash&a=Linux%20x86_64&b=Netscape&c=en-US&d=1200&e=1600&f=http%3A%2F%2Fapp.discover.commvault.com%2F&j=false&l
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 70.42.76.111 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:13 GMT
Access-Control-Request-Method: *
X-Powered-By: Express
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Set-Cookie, *
Content-Length: 0

GET
H2 200 getForm Show response
discover.commvault.com/index.php/form/ 9 KB
2 KB 82ms
81ms Script
application/javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discover.commvault.com/index.php/form/getForm?munchkinId=097-UGL-749&form=9925&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles&callback=jQuery112409630855910746638_1627592473281&_=1627592473282
Requested by: Host: discover.commvault.com
URL: https://discover.commvault.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b1fd843d82679f2ab6e46679f464d7af2241a4b0f02613281b290a35e14e4a9

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 676947ff5e1f41a2-AMS
cached: true

GET
H2 200 dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fb... Show response
adservice.google.com/ddm/fls/i/ Frame F639 750 B
649 B 41ms
41ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit

Requested by

Host: 10302056.fls.doubleclick.net
URL: https://10302056.fls.doubleclick.net/activityi;dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f7949c48e923e309d41a6f4821aa9a95cb9981156a4038acc9a3c4b2974798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10302056.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10302056.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jul 2021 21:01:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 579
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 83 B
310 B 135ms
135ms Stylesheet
text/css 54.165.186.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.186.74 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-186-74.compute-1.amazonaws.com
Software: /
Resource Hash: f297d86ba48bf8d3e53ecf98069f478077172686502a601fb79c6ac17ef7e96f

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 29 Jul 2021 21:01:13 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 83
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 130ms
130ms Fetch
image/jpeg 54.165.186.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.186.74 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-186-74.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 29 Jul 2021 21:01:13 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=834367414&t=pageview&_s=1&dl=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&dr=http%3A%2F%2Fapp.discover.commvault.com%2F&ul=en-us&de=UTF-8&dt=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAAC~&jid=694645023&gjid=1060984436&cid=452186092.1627592473&tid=UA-2378635-1&_gid=1886509706.1627592473&_r=1&gtm=2wg7s05KRLQJ&z=1065660937

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.commvault.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=834367414&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&dr=http%3A%2F%2Fapp.discover.commvault.com%2F&ul=en-us&de=UTF-8&dt=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEAjBAAAAC~&jid=2134740986&gjid=666096662&cid=452186092.1627592473&tid=UA-2378635-1&_gid=1886509706.1627592473&_r=1&_slc=1&cd13=N%2FA&cd12=M%20247%20Ltd%20Warsaw%20Infrastructure&cd17=N%2FA&z=1203164092

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.commvault.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.0/ 162 KB
46 KB 48ms
48ms Script
application/javascript 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.0/bundle.js
Requested by: Host: bddbeb1bec394be790c50af5e47b2319.js.ubembed.com
URL: https://bddbeb1bec394be790c50af5e47b2319.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 03:34:38 GMT
content-encoding: gzip
last-modified: Wed, 16 Dec 2020 18:50:36 GMT
server: AmazonS3
age: 15182796
etag: W/"5989757bd8ad29a05f48a0b643993aae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 3raewJF3lMrYJGGPHCHbrBbV4Mje1YblLcvrQF5R_Lot4rxmNxJczg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-2378635-1&cid=452186092.1627592473&jid=694645023&gjid=1060984436&_gid=1886509706.1627592473&_u=aGBAAEAiAAAAAC~&z=1344514956

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 29 Jul 2021 21:01:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.commvault.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/708573988/ 42 B
108 B 17ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/708573988/?random=1627592473368&cv=9&fst=1627592400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&ref=http%3A%2F%2Fapp.discover.commvault.com%2F&tiba=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&async=1&fmt=3&is_vtc=1&random=119020745&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.pl/pagead/1p-user-list/708573988/ 42 B
108 B 18ms
17ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pl/pagead/1p-user-list/708573988/?random=1627592473368&cv=9&fst=1627592400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&ref=http%3A%2F%2Fapp.discover.commvault.com%2F&tiba=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&async=1&fmt=3&is_vtc=1&random=119020745&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=834367414&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&dr=http%3A%2F%2Fapp.discover.commvault.com%2F&ul=en-us&de=UTF-8&dt=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Error&ea=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&el=Script%20error.0&_u=aGDACEAjBAAAAC~&jid=&gjid=&cid=452186092.1627592473&tid=UA-2378635-1&_gid=1886509706.1627592473&gtm=2wg7s05KRLQJ&z=1433148485

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 08:23:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/796461472/ 42 B
108 B 17ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/796461472/?random=1627592473426&cv=9&fst=1627592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&ref=http%3A%2F%2Fapp.discover.commvault.com%2F&tiba=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&async=1&fmt=3&is_vtc=1&random=716543873&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/796461472/ 42 B
154 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/796461472/?random=1627592473426&cv=9&fst=1627592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&ref=http%3A%2F%2Fapp.discover.commvault.com%2F&tiba=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&async=1&fmt=3&is_vtc=1&random=716543873&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame 56A9 5 KB
2 KB 52ms
51ms Document
text/html 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-8690

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 29 Jul 2021 09:16:55 GMT
server: nginx
etag: W/"5147-1622097400000"
last-modified: Thu, 27 May 2021 06:36:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: KsXlVp7cTpqephCYK-4iuu9m7Gq-JVAh_qS4oHdOr2VI2jGrkVWUOw==
age: 42258

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
503 B 88ms
88ms Image
image/gif 13.224.96.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=commvault.com&behavior=expressed&country=pl&language=en&rand=0.04741997007530996

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-94.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
timing-allow-origin: *
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: PL
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
cloudfront-viewer-country-region: 14
x-amz-cf-id: o2gUfUwUS_X4NUgVac4RNK7Z0h6Ypo0s_hS6Cu40Gp_oUL6Zfe2XeA==
expires: Thu, 29 Jul 2021 22:01:13 GMT

GET
H2 200 forms2.css
discover.commvault.com/js/forms2/css/ 13 KB
3 KB 68ms
67ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discover.commvault.com/js/forms2/css/forms2.css

Requested by

Host: discover.commvault.com
URL: https://discover.commvault.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2153
content-length: 2623
last-modified: Fri, 18 Jun 2021 20:07:07 GMT
server: cloudflare
etag: "19a0248-3437-5c50fde38d0c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 67694800b80741a2-AMS
expires: Fri, 30 Jul 2021 01:01:13 GMT

GET
H2 200 forms2-theme-plain.css
discover.commvault.com/js/forms2/css/ 828 B
323 B 67ms
67ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discover.commvault.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: discover.commvault.com
URL: https://discover.commvault.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2153
content-length: 246
last-modified: Fri, 18 Jun 2021 20:07:07 GMT
server: cloudflare
etag: "19a024b-33c-5c50fde38d0c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 67694800b80a41a2-AMS
expires: Fri, 30 Jul 2021 01:01:13 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 29ms
14ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-2378635-1&cid=452186092.1627592473&jid=2134740986&gjid=666096662&_gid=1886509706.1627592473&_u=aGDACEAjBAAAAC~&z=2038148419

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 29 Jul 2021 21:01:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.commvault.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fb... Show response
adservice.google.de/ddm/fls/i/ Frame B34A 194 B
265 B 43ms
42ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CPrhzrmWifICFdC81QoddvYNjw;src=10302056;type=comm;cat=gener00;ord=1797303738694;gtm=2wg7s0;auiddc=36974826.1627592473;u1=undefined;ps=1;~oref=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jul 2021 21:01:13 GMT
expires: Thu, 29 Jul 2021 21:01:13 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
72 B 20ms
19ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-2378635-1&cid=452186092.1627592473&jid=694645023&_u=aGBAAEAiAAAAAC~&z=1383980154

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 16ms
15ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-2378635-1&cid=452186092.1627592473&jid=694645023&_u=aGBAAEAiAAAAAC~&z=1383980154

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
72 B 19ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-2378635-1&cid=452186092.1627592473&jid=2134740986&_u=aGDACEAjBAAAAC~&z=2011997009

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-2378635-1&cid=452186092.1627592473&jid=2134740986&_u=aGDACEAjBAAAAC~&z=2011997009

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 21:01:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pista.js Show response
d26x5ounzdjojj.cloudfront.net/2.14.0/ 98 KB
98 KB 53ms
52ms Script
application/javascript 13.224.89.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26x5ounzdjojj.cloudfront.net/2.14.0/pista.js
Requested by: Host: d26x5ounzdjojj.cloudfront.net
URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?23
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-225.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10deca523f2d7d41a77738b61b503fb9ec9f7c8e5f96d34b4e760f7ab807983a

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 00:30:59 GMT
Via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
Last-Modified: Thu, 06 Aug 2020 17:08:18 GMT
Server: AmazonS3
Age: 73815
ETag: "8f4885b5f0517e98f2ecf6c734d1decd"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 100013
X-Amz-Cf-Id: BihVbFZzg0S3PMUnCiu8pRwaHNiYQ1QurDrP-GEOd-4akitoRzpzcA==

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 56A9 5 KB
2 KB 106ms
105ms Script
application/javascript 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-79.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: e93699f0fb07453e6dfe98f37601dc3b78790020a52b828641f51c235d16d6a0

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 06:36:58 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
etag: W/"4867-1622097418000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: U4pRXT50HoD-nQ63mN19yJ90Qqd8Hse4S0XBk7tZlzwTpHYazOmE6Q==
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
expires: Thu, 29 Jul 2021 21:01:12 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame 56A9 20 KB
5 KB 52ms
51ms Script
text/javascript 13.224.96.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-71.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 10 Jul 2021 15:49:03 GMT
content-encoding: gzip
server: nginx
age: 1660330
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: vwMfChqUTCMWwGixFIZG90nDa-yIXJx4LQ9_yaZ_-qwIDKS-CX8zWg==
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Mon, 09 Aug 2021 15:49:03 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 56A9 3 KB
3 KB 51ms
50ms Image
image/gif 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:43:05 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 06:36:40 GMT
server: nginx
age: 73115
etag: W/"2608-1622097400000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 2608
x-xss-protection: 1; mode=block
x-amz-cf-id: 0rOQmPSJ3xg6QBBIOwnawlIETRAlklNdYP7-2NW2R87Hi5C2R0kUew==

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 188 B
494 B 137ms
137ms XHR
text/plain 54.165.186.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=XAydE5Zcy04YedG7FQp7nw&is_js=true&landing_url=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&t=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&host=https://www.commvault.com&sa_conv_data_css_value=%20%220-f7af2c5c-7c87-46d9-6a43-d96fe4729244%24ip%2437.120.211.124%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd90964b7c189124a1a4dbf5eeaa5abe5f22578d37c
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.186.74 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-186-74.compute-1.amazonaws.com
Software: /
Resource Hash: 9d058101cbffa6400719e6c7b3d58b72f715532332d6694d41a787a0ca99fc84

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:13 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.commvault.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 188

OPTIONS
H2 200 tp2
com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 0
0 132ms
131ms Preflight 3.223.164.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Server: 3.223.164.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-164-212.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.commvault.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
content-length: 0
access-control-allow-origin: https://www.commvault.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

POST
H2 200 tp2 Show response
com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ 2 B
329 B 143ms
143ms XHR
text/plain 3.223.164.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.164.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-164-212.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.commvault.com
date: Thu, 29 Jul 2021 21:01:14 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2 200 XDFrame Show response
discover.commvault.com/index.php/form/ Frame 615E 2 KB
852 B 216ms
215ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discover.commvault.com/index.php/form/XDFrame

Requested by

Host: discover.commvault.com
URL: https://discover.commvault.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c70b3de4e0117b2aec63f29a08bb190d680fb70b87816687b4dedeb7959043ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: discover.commvault.com
:scheme: https
:path: /index.php/form/XDFrame
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _biz_uid=a230632db28b430186fd583ae7a86b44; _biz_sid=1f1c50; _vwo_uuid_v2=D7B11A576A137143A04D432D90F32F0B7|4bfeb0dc32903a74f50e8e3ceb15d25f; __cf_bm=0855fb984b95995238e2746b824b4cb249a97733-1627592473-1800-AehGGXlfUSYOsKwVB8A81ZN59/y8iFyQCT/Trcte3cBfaQt5ra5TMMwbWZVN6DxiP7mAIDmfMz/TCpsSli+X3O8=; _gcl_au=1.1.36974826.1627592473; _biz_pendingA=%5B%5D; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _vwo_uuid=D7B11A576A137143A04D432D90F32F0B7; _vwo_sn=0%3A1%3A%3A%3A1; _vis_opt_exp_164_combi=1; _ga=GA1.2.452186092.1627592473; _gid=GA1.2.1886509706.1627592473; _vwo_ds=3%3At_0%2Ca_0%3A0%241627592472%3A78.39585147%3A%3A20_0%2C5_0%2C4_0%3A4_0%2C3_0%3A0; _biz_nA=9; _biz_flagsA=%7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D; _gat_UA-2378635-1=1; _gat=1; _biz_ABTestA=%5B1513314%2C1513314%2C1513314%2C1513314%2C1513314%2C1513314%2C1513314%2C1513314%5D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit

Response headers

date: Thu, 29 Jul 2021 21:01:14 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
x-content-type-options: nosniff
vary: Accept-Encoding
set-cookie: BIGipServersj16web-nginx-app_https=!RctPnrN+/Kix1Z+7iv4ewrP5TPDRs25rKZH2raXVMj2xGJzrujEs8CqJaZtUd/582LrVO4XLX9Zh2L4=;Path=/;Version=1;Secure;Httponly
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67694801991141a2-AMS
content-encoding: gzip

GET
H2 200 A6C9AB4BABD0AA264932340B351BAFB2.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame E992 140 KB
46 KB 52ms
52ms Document
text/html 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-79.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 1894442bd6d6f164b8daa1cd0901ed86f73d88efceb3dba89e568691311d0351

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 14 Jun 2021 01:39:03 GMT
server: nginx
etag: W/"143078-1622097418000"
last-modified: Thu, 27 May 2021 06:36:58 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: vV6hua9CNMMNGz7x0czgkdwNAPIDveiH5US5kX0SOGwnXZXkX-P7mg==
age: 3957730

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 56A9 969 B
825 B 119ms
118ms XHR
application/json 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A6C9AB4BABD0AA264932340B351BAFB2
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 29 Jul 2021 21:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 465
x-xss-protection: 1; mode=block
x-amz-cf-id: k_zvU72XDA2HKWVLJr9t16UVjieLanUmznzooc3LNlKgSwDYGpqh-w==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 56A9 48 B
390 B 110ms
110ms XHR
application/json 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

fa6055bbc555e30f542c41bd7e5733a3c759f1ea7d1921196d03427af7d24a41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A6C9AB4BABD0AA264932340B351BAFB2
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 29 Jul 2021 21:01:13 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
content-disposition: attachment
content-length: 48
x-xss-protection: 1; mode=block
x-amz-cf-id: oKTOHXbGZj5MtTrogxr4RAq7tobeE9I2oGSvMkSySE_cA62eMOV2eQ==

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 56A9 27 KB
7 KB 105ms
105ms Stylesheet
text/css 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-79.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:14 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 06:36:40 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
etag: W/"27745-1622097400000"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: 3zqFnhV1JdqBoh6eT4l2QHGMBK8XiQFz2LSaVx2jifT3eHH-eJw6hw==
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
expires: Thu, 29 Jul 2021 21:01:13 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A6C9AB4BABD0AA264932340B351BAFB2/ Frame 56A9 243 KB
84 KB 51ms
51ms XHR
application/javascript 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A6C9AB4BABD0AA264932340B351BAFB2/10.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-79.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 7cbd17cfdf0413b4b9cd51616ba542bcb43bff184d80dabec77f6da7b24411c8

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:39:14 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 06:36:58 GMT
server: nginx
age: 3957720
etag: W/"248555-1622097418000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: CJkuqLFnP19YHqEOn2K_lNIe585FljzXWTy91yTV3EabUIMm8BXKpQ==
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 forms2.min.js Show response
discover.commvault.com/js/forms2/js/ Frame 615E 204 KB
68 KB 68ms
68ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discover.commvault.com/js/forms2/js/forms2.min.js

Requested by

Host: discover.commvault.com
URL: https://discover.commvault.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://discover.commvault.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 18 Jun 2021 20:07:07 GMT
server: cloudflare
age: 2155
etag: "10089a-33187-5c50fde38d0c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 676948030ace41a2-AMS
expires: Fri, 30 Jul 2021 01:01:14 GMT

POST
H2 200 tp2 Show response
com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ 2 B
329 B 144ms
144ms XHR
text/plain 3.223.164.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.164.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-164-212.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.commvault.com
date: Thu, 29 Jul 2021 21:01:14 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 tp2
com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 0
0 130ms
130ms Preflight 3.223.164.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Server: 3.223.164.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-164-212.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.commvault.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 29 Jul 2021 21:01:14 GMT
content-length: 0
access-control-allow-origin: https://www.commvault.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A6C9AB4BABD0AA264932340B351BAFB2/ Frame 56A9 19 KB
8 KB 52ms
51ms XHR
application/javascript 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A6C9AB4BABD0AA264932340B351BAFB2/1.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-79.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 75f939280b5dd72557c69b742c4a10298be8a9852a403e22d28a7bf85ad4b92a

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:39:25 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 06:36:58 GMT
server: nginx
age: 3957709
etag: W/"19432-1622097418000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: DJbA540h_DtquQW4nPQ55fHZPwbCGJx7elw5VhGPTzvzI8qvGFqnsg==
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOj... Show response
tracking.intentsify.io/page-tracking/intentsify-commvault/ 2 B
662 B 207ms
207ms Script
application/json 34.222.194.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.intentsify.io/page-tracking/intentsify-commvault/https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.222.194.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-222-194-4.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 21:01:14 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length: 2
Expires: -1

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame DE5C 5 KB
2 KB 130ms
130ms Document
text/html 34.198.176.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.176.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-176-1.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Request headers

:method: GET
:authority: prefmgr-cookie.truste-svc.net
:scheme: https
:path: /cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

date: Thu, 29 Jul 2021 21:01:14 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
etag: W/"5014-1597208285000"
last-modified: Wed, 12 Aug 2020 04:58:05 GMT
content-encoding: gzip

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 56A9 798 B
718 B 108ms
108ms XHR
application/json 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a0035b45fef84710f720867a1f0b4889741e052d076000a7832d7725fa82f89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A6C9AB4BABD0AA264932340B351BAFB2
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 29 Jul 2021 21:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 358
x-xss-protection: 1; mode=block
x-amz-cf-id: mJYKEI77LRHtUFl364ATvbuPfCaNWIT4pszRRvRlhNrkdcpGR2AahA==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 56A9 14 KB
4 KB 104ms
104ms XHR
application/json 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a53b1b2ec9a929797aef0e5551027b0900a071dd319464c02b8870468e53ff69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A6C9AB4BABD0AA264932340B351BAFB2
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 29 Jul 2021 21:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 3964
x-xss-protection: 1; mode=block
x-amz-cf-id: xO7BIHAGc77soKxFrLNDWQQMRFun_k1MhYtfLrxd-vKAVk7b46a3kg==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 56A9 4 KB
4 KB 51ms
50ms Image
image/png 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:57:42 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 06:36:40 GMT
server: nginx
age: 83016
etag: W/"4197-1622097400000"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 4197
x-xss-protection: 1; mode=block
x-amz-cf-id: JS76VW2v5PwpsgQYP_sYcGg-iundBlA0O00BI0mREttiKQfS-iPL_Q==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 56A9 895 B
845 B 84ms
84ms XHR
application/json 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

b413a73fdf00988d82df4d60171eebfd3854cd7cb3fd975befd39ef1448c3fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A6C9AB4BABD0AA264932340B351BAFB2
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 29 Jul 2021 21:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 485
x-xss-protection: 1; mode=block
x-amz-cf-id: pKAYu70gYob-yPnG-9k2XEyPSLmFpSLzmlhqoaUijwdBebzIZvys-g==

GET
H2 200 core Show response
js.driftt.com/ Frame F4C4 5 KB
2 KB 157ms
157ms Document
text/html 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1627592700000/6mv9d8mhh2p7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

0fa9178d617a871e16de3f9411a3b7e0f1b82b6d70bb10a291a644f870490d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 29 Jul 2021 19:35:34 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: yGcQLljlQN.Lg.iHKXkoBZP7ZTkhBtRw
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 29 Jul 2021 21:01:14 GMT
cache-control: no-cache
etag: W/"ec31a8bcc24928e04d7ed579c14c9052"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: xQ83qVqhEpfOM97uW6UzGf0KS5GdbF3IgBpuTzH4A_5iafOknQ33oQ==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 5366 5 KB
2 KB 156ms
156ms Document
text/html 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1627592700000/6mv9d8mhh2p7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

0fa9178d617a871e16de3f9411a3b7e0f1b82b6d70bb10a291a644f870490d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 29 Jul 2021 19:35:34 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: yGcQLljlQN.Lg.iHKXkoBZP7ZTkhBtRw
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 29 Jul 2021 21:01:14 GMT
cache-control: no-cache
etag: W/"ec31a8bcc24928e04d7ed579c14c9052"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ZhK7yKCDyKrzfU9EyWbAlRvtA8Cyapt-wRivYX3FMoX6LFUfkJyVbA==

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 141ms
47ms Script
application/javascript 151.101.13.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: www.commvault.com
URL: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: H89KM1RV4S7TFTBC
x-cache: HIT
content-length: 11781
x-amz-id-2: 2X4DcPAuUiE6Foymon7Mxx0ETD5vM2d6Ih31P/Gs/3u8xfRvjERnC1m/KQrm7GW45yv3YDNKCwU=
x-served-by: cache-fra19161-FRA
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1627592474.496798,VS0,VE0
date: Thu, 29 Jul 2021 21:01:14 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1591

GET
H/1.1 200
OK _t.gif
tribl.io/ 42 B
547 B 79ms
78ms Image
image/gif 46.137.132.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tribl.io/_t.gif?i=qz4QkqkAAAuzYjDnMn2x&s=e7e&u=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&h=www.commvault.com&bw=1600&bh=1200&t=0&ref=http%3A%2F%2Fapp.discover.commvault.com%2F&rnd=4311383468701
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.137.132.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-132-32.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 21:01:14 GMT
Server: nginx/1.18.0 (Ubuntu)
P3P: CP="Triblio does not have a P3P policy."
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
279 B 152ms
152ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=nvg1l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 29 Jul 2021 21:01:14 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: a5a4d29af325af30f34100a3b26f0979b02130495910cc41136d679177271861
x-transaction: c35d0c689b7b0821
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 runtime~main.87ffda71.js Show response
js.driftt.com/core/assets/js/ Frame 5366 5 KB
3 KB 52ms
50ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

19ba46a737c4ea068c02cc67c28881e49b08ef9806c7ec97cc2cc6574f8e8ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 19:35:33 GMT
content-encoding: gzip
age: 5141
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 29 Jul 2021 18:33:33 GMT
server: nginx
etag: W/"88cda15087c029b8bfd0e402a9f9c085"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QfGmiDuC2R2IGReEGDPMmH8N79NqosH8
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uldaoJrSmhIbiii8gvpIXDChNJGqNtNSr7KEU8CdStaPOBYA_0eXUQ==

GET
H2 200 41.5ac1924a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 44 KB
13 KB 53ms
50ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 1144961
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:29 GMT
server: nginx
etag: W/"27492691be2f532304605f9b1f52707d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fjHErLkQGuw8KCHe6nsXBZY1ZP6a0E9m
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZvO4GEjgLJg0UxGBrYzOV6QhW7x2YbPFZbw9lnHSC6yhEYJ_DfebJA==

GET
H2 200 16.053b05ea.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 44 KB
13 KB 53ms
51ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.053b05ea.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

fb7b878ca8be327909d9dbbaf8f2920ca3e81cda6c3ecc9dc041b725bb323203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 1144961
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:28 GMT
server: nginx
etag: W/"add22d65f550ec9b2387cf62556eeb85"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: G7hp.OeARWkkm6DrU2wibDWIlT9ooQA7
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 52A_kOQvIB4Q16D5iMF4gZgbOqvrgL75ecNDK-Qz9QdOfG0AG2vDbg==

GET
H2 200 20.c8bfaace.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 76 KB
23 KB 54ms
50ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.c8bfaace.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a196eb5557b9a8bd1752f3d901342a766f0faac96c67a062c468fc41e89f024c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"05fb3a19322fe33456695700b22ca4e2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XrcMsqvGZTNer7Z.KNWB8MIL9me2aaW4
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7DiezWYFjy2SIODqJANSofAb_kwpirUpshPKMUnqYeUH8xYlKO3D_A==

GET
H2 200 14.d3d002d2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 16 KB
17 KB 55ms
52ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.d3d002d2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

203e4390dc46f359cded845d3340733a2bcbb487bf740e00876c28dc72cc1dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 16842
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: "623891dd85333e1266f748ec25173f58"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4CVN_HgdOmbq_dGfaSpUmJSbudwDZyhV
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YKiru6Isw0ZkP3pnX904r6tkAjUNOZwb0iOrqBUuiCTd-w7YxMm70A==

GET
H2 200 33.2c426dc0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 15 KB
6 KB 56ms
53ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.2c426dc0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

108cdfbbaf23107b7237a8db701db0fa3f324a9710533aee39b3196bf039ca9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"69d70b55b949b7cd8bccc9cd1cbc9472"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _1M1o3WCiGZ0qmy1UCRBmPw1fh2L1rrk
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oXLeCi7qcbkCqU-f4JKnzbcLVnEj9VKYy6peIKg7E6XtTUKn-JHXQA==

GET
H2 200 21.cef624a1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 49 KB
15 KB 58ms
54ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.cef624a1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

df9eec77780d071a2def5665a05435c4e19664cf3c4ded0f0c3ad44b568c4a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"0b114875bf85f5dd5e70982e9a34db7f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FBGyBlSBcINm9YYkEklzCtlqnGwoP5xl
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ITFfDjVEnCtQ-0m92xvPgfGlIGmqUnWcmStKE4t3XFoRWVHM7216lw==

GET
H2 200 12.744a3ffe.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 44 KB
44 KB 59ms
55ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.744a3ffe.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

548cbb31ad32a5038c9cf9f2440ec5da8f2ad8f8c17ced1c9c85a310ed6d175b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 44752
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: "2bf45f1f1322f108d1ae12847ce1be35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: F9h2FvsHmB4lYvfLUyfzNGYjSOv6XNZT
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yrC50HpSC_g5Rb0Jt6n4a-fsJFQ8eRwrjuojlRYfOhrxEyK6jeKh3g==

GET
H2 200 11.1e60125c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 25 KB
7 KB 81ms
77ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.1e60125c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6e318fbd317db76a531e8e0c6e47f3e7c332ead501516090878e3352c591c250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"ecad5ea4d5adea93b258b77317b364f3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4nyc0RtLALHBygnzvqMmY59PpRjihEAU
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Vo6k9ExCavp3FLtiAeO_OjVk2SaZiqstE_n70qTgGmofhjOHZSbiFA==

GET
H2 200 32.a09dc9c3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 25 KB
9 KB 81ms
78ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.a09dc9c3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6e0cef5f730514ce810a9071373e2f7d98f5c0577fb6ba720840fb94254ebcbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"11468efba479c18522bb9d2b65da22a4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q9MFp7oNNzkLvvU_J3YW1ywErHeUAICE
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UIu_diWlBFMGkonnZDr6QwCaiQYzzArQQNyO6HAA_RxQtR2bp-DPoQ==

GET
H2 200 17.4af8d397.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 125 KB
39 KB 82ms
79ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.4af8d397.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

273d5708bde5ff46c08e2a3befb04ef8b8ed4b718d93d6e560e58577e9a9cf00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"2cd82a6eb20e3bddad173874c9fe7fdf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zADY6K9Aqe2nr8_M3TTPRHQY4TSKPAxh
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qnsxx-HCDJB6sXkfjUE43ANgLE03zaTocX2n7z2xs9fLJMrX_eAing==

GET
H2 200 35.a8afab31.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 52 KB
18 KB 83ms
80ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.a8afab31.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f86e08b2390d477db93fb1f6549ef75530790c121d24a531a6acb0c0b811fceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 01:37:16 GMT
content-encoding: gzip
age: 1538638
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 23:36:00 GMT
server: nginx
etag: W/"e000fed6be2bb9d6650a3d6298820c00"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: H98LAYdjXNCvkM1SoSuAUPssOPUQt4Tt
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Pt6H6PUXfBg-5UlgKZiaH1e87y5xDCe2_frk4D5Ys5Pmr2pKRmUnjg==

GET
H2 200 30.5b748463.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 24 KB
10 KB 83ms
81ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5b748463.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

0ba3abc48830ec83531ca340194c6b625ac66f0500565fbf2ac23ba72cd8224e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"480c37b4c7944b05a252c69d3933fba4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: egX4a_fGKXL4O3c8DqHakvl0iABx61BY
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZDwYvwmDebs5LT_JF6-kweyN7eZIziujAsn33QKUXEOLH15DdHYUGg==

GET
H2 200 15.4694d44f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 14 KB
6 KB 84ms
81ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.4694d44f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

1fd8116c5077210f907d45572f6d6c26864ebf8f1f2f6fb697d960d77e01e049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"9ea9ef7e788d6bd0b0b5cd39f83ed71d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DItkDO5D10.qCJpq7kGUj2H4ciqXe9xL
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u3wvsS4hrJNibYVq1hxZU6aw0hFpE4JCMS5Ni8Sxc9ONpOeroueNQA==

GET
H2 200 7.76d57e6f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 60 KB
21 KB 85ms
82ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.76d57e6f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

0265a290c1953b81daba9d6ca2f03b2c376ba7e2cea3f03304a119a9be4db13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 08:31:11 GMT
content-encoding: gzip
age: 2723403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Dec 2020 15:51:02 GMT
server: nginx
etag: W/"aa4a9ec028f191c0ca1548643eeda4bf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9fUcrcSskDahH0wsV9ouaXswXvOU09r7
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FP2qGKaYht8aR8C7FdTWaU17fzcEn4G2Jv2xrmGHgyiMuwJzKtB87g==

GET
H2 200 main~493df0b3.a5c84022.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 75 KB
23 KB 85ms
83ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.a5c84022.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

52fb5b732e6535f9068566abb3981c26d7c8f47b9447f1f7c29cab7f27001b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:09:14 GMT
content-encoding: gzip
age: 28320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 19:46:52 GMT
server: nginx
etag: W/"dbf5fcc329afc055cc0c833cee046cd9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OmwX35wjLJCrBXVU5WOcgAwjYfYZRLed
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1MdMQIMl30WnDiY57bK-Q-uY4zs-_ZSuxYS7ahxZEUN7jfaOyiZJww==

GET
H2 200 main~50ba91a7.4b29fa7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 67 KB
17 KB 87ms
85ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~50ba91a7.4b29fa7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

3063abd7d75444bd47575536443c8c417b17a537f844130fdcb03d9e50ef2e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:09:14 GMT
content-encoding: gzip
age: 28320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 19:46:52 GMT
server: nginx
etag: W/"ef065777635b62a33afe66f2b2bdc1a0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f3XwjtsvNoYK2QShz8CwGHk8bRPzjRH2
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: m9ApnWpKKaLtY5ATzTxvAwFmyhCGm02i1Wa7hCYb5X_DJLAZTPaHKw==

GET
H2 200 main~89e24786.3aaf0a51.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 68 KB
18 KB 89ms
87ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.3aaf0a51.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

55eab572057d82c21e4b1e4f5ad730776ce165bf9fb7f4c01cef1307fef110c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:09:14 GMT
content-encoding: gzip
age: 28320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 19:46:52 GMT
server: nginx
etag: W/"c12e60ccb7945e332cb82ff480b9bfcb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qxYkGbJgSd7kHuLKWGybDBKlBx7JEla9
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 67RnVwqHQ3waKjWZoEXZtLKguM3VCkYSXhUDhVfGJwbkIebfsk1ptg==

GET
H2 200 main~53ca99a6.6f613f66.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 37 KB
12 KB 89ms
88ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.6f613f66.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f95d88f8b15bd8f3054008f69c0a154882d2612b08148e789680cd27cea57749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 19:35:33 GMT
content-encoding: gzip
age: 5141
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 29 Jul 2021 18:33:33 GMT
server: nginx
etag: W/"698d61fafc05c24f0028b3626f630a6e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2QNH_RIvMeWTd6hvmqfLD60hJJuxUdHF
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G7PkAY_IQRixgx9gq_c04Y_d4FPwblYdByWAeV0_XYJC725TRkUM6Q==

GET
H2 200 main~493df0b3.1c94ee95.chunk.css
js.driftt.com/core/assets/css/ Frame 5366 10 KB
3 KB 83ms
82ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/main~493df0b3.1c94ee95.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

04798a4773dd2ffad6cdfbe9d2380b04c47067a3511f8ab601cd92ec09a180fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:09:14 GMT
content-encoding: gzip
age: 28320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 19:46:49 GMT
server: nginx
etag: W/"fa968b1b5d563c6753b20b59917e19b1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyqB6qtbe.AyT1d3k6VbpQbp3gzNN_q2
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4JZKasdYCMleRC6iXD-y4zCDtDqSZq9BSmF3due-M6Chya6CYGhWtA==

GET
H2 200 runtime~main.87ffda71.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 5 KB
3 KB 86ms
85ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

19ba46a737c4ea068c02cc67c28881e49b08ef9806c7ec97cc2cc6574f8e8ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 19:35:33 GMT
content-encoding: gzip
age: 5141
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 29 Jul 2021 18:33:33 GMT
server: nginx
etag: W/"88cda15087c029b8bfd0e402a9f9c085"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QfGmiDuC2R2IGReEGDPMmH8N79NqosH8
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -1vAs878gJcyJ-eV5GCzu0tdmYzJWZfjkkXMLB8oijNdud5nCVFMig==

GET
H2 200 41.5ac1924a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 44 KB
13 KB 86ms
85ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 1144961
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:29 GMT
server: nginx
etag: W/"27492691be2f532304605f9b1f52707d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fjHErLkQGuw8KCHe6nsXBZY1ZP6a0E9m
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VB4OXjMaRmSUDmRz3jYD1rp1kP0-SEKPEmWKAvY0ucNC8OSnL79w6A==

GET
H2 200 16.053b05ea.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 44 KB
13 KB 87ms
85ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.053b05ea.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

fb7b878ca8be327909d9dbbaf8f2920ca3e81cda6c3ecc9dc041b725bb323203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 1144961
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:28 GMT
server: nginx
etag: W/"add22d65f550ec9b2387cf62556eeb85"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: G7hp.OeARWkkm6DrU2wibDWIlT9ooQA7
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zWo7e-AXlrPQu8alaUuAREc6nRWJW8BJilhRzkJ5CdHLqHAEHzZ1nA==

GET
H2 200 20.c8bfaace.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 76 KB
23 KB 87ms
84ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.c8bfaace.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a196eb5557b9a8bd1752f3d901342a766f0faac96c67a062c468fc41e89f024c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"05fb3a19322fe33456695700b22ca4e2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XrcMsqvGZTNer7Z.KNWB8MIL9me2aaW4
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Tdk4Rv0paHfrMhchKvUD-rynwiKDn1JP7wWpsGEkmQXnWs1p-zn2Kw==

GET
H2 200 14.d3d002d2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 16 KB
17 KB 88ms
84ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.d3d002d2.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

203e4390dc46f359cded845d3340733a2bcbb487bf740e00876c28dc72cc1dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 16842
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: "623891dd85333e1266f748ec25173f58"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4CVN_HgdOmbq_dGfaSpUmJSbudwDZyhV
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VgFgz7XxR32xvTVq0fgvGEwzrnJgF7RNy9WC9QVJRZIB3pz8e4t1Qw==

GET
H2 200 33.2c426dc0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 15 KB
6 KB 88ms
84ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.2c426dc0.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

108cdfbbaf23107b7237a8db701db0fa3f324a9710533aee39b3196bf039ca9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"69d70b55b949b7cd8bccc9cd1cbc9472"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _1M1o3WCiGZ0qmy1UCRBmPw1fh2L1rrk
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _mgJ2xgpDHO1pV82BMkTbPTO3u7AVWuO4nW48AJ7nP4036PoJa2bSQ==

GET
H2 200 21.cef624a1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 49 KB
15 KB 88ms
85ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.cef624a1.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

df9eec77780d071a2def5665a05435c4e19664cf3c4ded0f0c3ad44b568c4a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"0b114875bf85f5dd5e70982e9a34db7f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FBGyBlSBcINm9YYkEklzCtlqnGwoP5xl
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lU4sgzzR-91AqUcuOcDQZk4lgH-mTvrA5hJxI6Ro0u4Xl3T0yh3hgA==

GET
H2 200 12.744a3ffe.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 44 KB
44 KB 89ms
86ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.744a3ffe.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

548cbb31ad32a5038c9cf9f2440ec5da8f2ad8f8c17ced1c9c85a310ed6d175b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 44752
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: "2bf45f1f1322f108d1ae12847ce1be35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: F9h2FvsHmB4lYvfLUyfzNGYjSOv6XNZT
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7bmBXzP1yFfBC0oBB5tUjxYFSQGw2G-IKIftcbbN8X5esqFVh1VTAQ==

GET
H2 200 11.1e60125c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 25 KB
7 KB 89ms
86ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.1e60125c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6e318fbd317db76a531e8e0c6e47f3e7c332ead501516090878e3352c591c250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"ecad5ea4d5adea93b258b77317b364f3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4nyc0RtLALHBygnzvqMmY59PpRjihEAU
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -VNa21MbHtGFDmRijspMPJxJ-GRtnrLbuO73P-ExQP8gjHqCuy9tqQ==

GET
H2 200 32.a09dc9c3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 25 KB
9 KB 89ms
87ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.a09dc9c3.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6e0cef5f730514ce810a9071373e2f7d98f5c0577fb6ba720840fb94254ebcbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"11468efba479c18522bb9d2b65da22a4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q9MFp7oNNzkLvvU_J3YW1ywErHeUAICE
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: isC2V7bjlsPd8ECTevdvCNldfKhrg0SaSOT0afLNEScI0NL3LPX_6Q==

GET
H2 200 17.4af8d397.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 125 KB
39 KB 89ms
87ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.4af8d397.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

273d5708bde5ff46c08e2a3befb04ef8b8ed4b718d93d6e560e58577e9a9cf00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"2cd82a6eb20e3bddad173874c9fe7fdf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zADY6K9Aqe2nr8_M3TTPRHQY4TSKPAxh
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qYqmh4lgbq3M4Qv_1yF8I51b6nBv9bHC0YAWpjQ3_N9XuReNB9MBWw==

GET
H2 200 35.a8afab31.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 52 KB
18 KB 90ms
88ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.a8afab31.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f86e08b2390d477db93fb1f6549ef75530790c121d24a531a6acb0c0b811fceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 01:37:16 GMT
content-encoding: gzip
age: 1538638
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 23:36:00 GMT
server: nginx
etag: W/"e000fed6be2bb9d6650a3d6298820c00"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: H98LAYdjXNCvkM1SoSuAUPssOPUQt4Tt
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o1eYbnA6uZIacu1IBIn2OQWxLOR3vdbOxQYR6wISci1kioevHNOcHQ==

GET
H2 200 30.5b748463.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 24 KB
10 KB 91ms
89ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5b748463.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

0ba3abc48830ec83531ca340194c6b625ac66f0500565fbf2ac23ba72cd8224e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"480c37b4c7944b05a252c69d3933fba4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: egX4a_fGKXL4O3c8DqHakvl0iABx61BY
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yCE2MbccGP6RDl3B9jruUWd8ILfXA9v55Qc6iET4khtfx2OP7t71hw==

GET
H2 200 15.4694d44f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 14 KB
6 KB 91ms
90ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.4694d44f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

1fd8116c5077210f907d45572f6d6c26864ebf8f1f2f6fb697d960d77e01e049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"9ea9ef7e788d6bd0b0b5cd39f83ed71d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DItkDO5D10.qCJpq7kGUj2H4ciqXe9xL
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _zzK4hLfYAx4QIcGAzxHcrJZp2-WwF5kNsjT8nqH2F2A9_z-U7s7kg==

GET
H2 200 7.76d57e6f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 60 KB
21 KB 91ms
90ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.76d57e6f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

0265a290c1953b81daba9d6ca2f03b2c376ba7e2cea3f03304a119a9be4db13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 08:31:11 GMT
content-encoding: gzip
age: 2723403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Dec 2020 15:51:02 GMT
server: nginx
etag: W/"aa4a9ec028f191c0ca1548643eeda4bf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9fUcrcSskDahH0wsV9ouaXswXvOU09r7
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4OrHClhN3A1h43JWq2k3vTOw1qMcH0tLQaZrLmzp1oLVbEevU10wMA==

GET
H2 200 main~493df0b3.a5c84022.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 75 KB
23 KB 92ms
90ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.a5c84022.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

52fb5b732e6535f9068566abb3981c26d7c8f47b9447f1f7c29cab7f27001b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:09:14 GMT
content-encoding: gzip
age: 28320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 19:46:52 GMT
server: nginx
etag: W/"dbf5fcc329afc055cc0c833cee046cd9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OmwX35wjLJCrBXVU5WOcgAwjYfYZRLed
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zHZeVMAhXd6oz-dCLbrXXDLh38nbpI1U6oFAEnAyazrDSmjvZtplnw==

GET
H2 200 main~50ba91a7.4b29fa7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 67 KB
17 KB 93ms
92ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~50ba91a7.4b29fa7d.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

3063abd7d75444bd47575536443c8c417b17a537f844130fdcb03d9e50ef2e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:09:14 GMT
content-encoding: gzip
age: 28320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 19:46:52 GMT
server: nginx
etag: W/"ef065777635b62a33afe66f2b2bdc1a0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f3XwjtsvNoYK2QShz8CwGHk8bRPzjRH2
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aPmfOA8rNwTl24hvubozizzZmsO2ULir8idPZsGQafPnWFrv9gVqZw==

GET
H2 200 main~89e24786.3aaf0a51.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 68 KB
18 KB 94ms
93ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.3aaf0a51.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

55eab572057d82c21e4b1e4f5ad730776ce165bf9fb7f4c01cef1307fef110c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:09:14 GMT
content-encoding: gzip
age: 28320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 19:46:52 GMT
server: nginx
etag: W/"c12e60ccb7945e332cb82ff480b9bfcb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qxYkGbJgSd7kHuLKWGybDBKlBx7JEla9
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Zda8qonC6tOu4OSWzjJ0GZgf3yvx2zzDJPiU7Re-b2IM8_ehnDXoGg==

GET
H2 200 main~53ca99a6.6f613f66.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 37 KB
12 KB 95ms
94ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.6f613f66.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f95d88f8b15bd8f3054008f69c0a154882d2612b08148e789680cd27cea57749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 19:35:33 GMT
content-encoding: gzip
age: 5141
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 29 Jul 2021 18:33:33 GMT
server: nginx
etag: W/"698d61fafc05c24f0028b3626f630a6e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2QNH_RIvMeWTd6hvmqfLD60hJJuxUdHF
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uEoNQpAgMxi4VUx18NU-iIcDKFO2vQUqwBF2JR8Ep0vEbNTUyJvWjg==

GET
H2 200 main~493df0b3.1c94ee95.chunk.css
js.driftt.com/core/assets/css/ Frame F4C4 10 KB
3 KB 93ms
92ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/main~493df0b3.1c94ee95.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

04798a4773dd2ffad6cdfbe9d2380b04c47067a3511f8ab601cd92ec09a180fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:09:14 GMT
content-encoding: gzip
age: 28320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 19:46:49 GMT
server: nginx
etag: W/"fa968b1b5d563c6753b20b59917e19b1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyqB6qtbe.AyT1d3k6VbpQbp3gzNN_q2
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Eq4UKKyesU5cJ85tqQVP5Kl7zTxunwkai_At-VN8ojF1yQ4Nu5FgqQ==

GET
H/1.1 200
OK 3acf0cefe0 Show response
bam.nr-data.net/1/ 57 B
274 B 617ms
158ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/3acf0cefe0?a=242412381&v=1210.e2a3f80&to=YlYAbBdQWEEHUBJbWFscI1sRWFlcSUMHVVI%3D&rst=2208&ck=1&ref=https://www.commvault.com/ransomware/bundles&ap=178&be=382&fe=2029&dc=642&perf=%7B%22timing%22:%7B%22of%22:1627592472352,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:2,%22rp%22:375,%22rpe%22:408,%22dl%22:377,%22di%22:642,%22ds%22:642,%22de%22:650,%22dc%22:2021,%22l%22:2030,%22le%22:2034%7D,%22navigation%22:%7B%7D%7D&fp=571&fcp=571&at=ThEXGl9KSx5EUkQITEhO&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

POST
H/1.1 429
Too Many Requests / Show response
sentry.io/api/1485028/envelope/ Frame 5366 3 B
210 B 151ms
151ms Fetch
text/plain 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 15.42.188.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 29 Jul 2021 21:01:14 GMT
Server: nginx
Connection: keep-alive
ETag: "60e405a5-3"
Content-Length: 3
Content-Type: text/plain

GET
H2 200 26.99c92d86.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 22 KB
7 KB 52ms
52ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.99c92d86.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

47063f41c3b5adc05187ae338b281af3da4221f206c52a9e20bb1825092a9e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 1914188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"68dd2d5bbc3d1f109781a2b2021aacb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9Zo3GBosIu3ow1incjCLN3q.ALDypy7R
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HAKWzUPj9t4OH1c6QaujEk5fdMQ4Jaf25kUTU5Jjn8ak090mly6BvA==

GET
H2 200 28.c8071680.chunk.css
js.driftt.com/core/assets/css/ Frame 5366 1 KB
1 KB 52ms
52ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.c8071680.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e8d08bae70ed238be5dd51ddabcaeda3cdb6b6675028f812a9c989cbdd2422f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 1914188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"8d9d05ce6555c8a82ab4b586aecc7a4f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OwfnuSWa.W0YMJmeYUluWIVAPiXJKKhs
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5U-zElN_0iF6Dj3GTZmAj39et4L57O1VAQt4mtKePoC4RtKHvPaQRA==

GET
H2 200 28.f83d3475.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 5 KB
2 KB 53ms
53ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.f83d3475.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6531d4fd95842f4c5c4671379df4c385e7de3a7043ad7fd9300ae82fc0d399d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"31622ec5109fa0c061e9e9ded0c3352a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0Llccd9sprqz.hEDfkRly_3vegIDZXCL
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0IBiiMX1NfEMYsDKN6FlhmL33FWO03JD6cZzu2AvROp602wBk2eIzw==

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 2372 2 KB
1 KB 52ms
51ms Document
text/html 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /cookie_inneriframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://prefmgr-cookie.truste-svc.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://prefmgr-cookie.truste-svc.net/

Response headers

content-type: text/html; charset=UTF-8
server: nginx
last-modified: Thu, 27 May 2021 06:36:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 29 Jul 2021 15:17:58 GMT
etag: W/"2008-1622097400000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: -uf-ywa0Rj-CNdJl4ATv-YQX7hqEA_bCprzkgdkGISngzkEIfRi_Dw==
age: 20597

POST
H/1.1 200
OK / Show response
sentry.io/api/1485028/envelope/ Frame F4C4 2 B
403 B 250ms
151ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 29 Jul 2021 21:01:14 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://js.driftt.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 26.99c92d86.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 22 KB
7 KB 54ms
54ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.99c92d86.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

47063f41c3b5adc05187ae338b281af3da4221f206c52a9e20bb1825092a9e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 1914188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"68dd2d5bbc3d1f109781a2b2021aacb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9Zo3GBosIu3ow1incjCLN3q.ALDypy7R
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: R17uOZAX_iFNtPWtxXqQcBhU4TV6KOe-F7rEfnIOxjXNluc-6KbjvA==

GET
H2 200 28.c8071680.chunk.css
js.driftt.com/core/assets/css/ Frame F4C4 1 KB
1 KB 55ms
54ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.c8071680.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e8d08bae70ed238be5dd51ddabcaeda3cdb6b6675028f812a9c989cbdd2422f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 1914188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"8d9d05ce6555c8a82ab4b586aecc7a4f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OwfnuSWa.W0YMJmeYUluWIVAPiXJKKhs
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Wi4kZOTML25Lut9phtxdeiRso5pKa40K9Ep_RPoT1-rRgHBvBeyU6A==

GET
H2 200 28.f83d3475.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 5 KB
2 KB 55ms
55ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.f83d3475.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6531d4fd95842f4c5c4671379df4c385e7de3a7043ad7fd9300ae82fc0d399d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"31622ec5109fa0c061e9e9ded0c3352a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0Llccd9sprqz.hEDfkRly_3vegIDZXCL
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zzgD3B4ZwhwMSs32kt1SmsFmPl4PgFEhtzoI4vRlFsGgcnIJGY70Yg==

GET
H2 200 29.35fcf3a3.chunk.css
js.driftt.com/core/assets/css/ Frame 5366 6 KB
1 KB 51ms
51ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.35fcf3a3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Vv9Z.AFLkHfCx19G.PJtFEYakZc4c3sf
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6P1SkXgYsKfIjlxlwjKO9IGkasTvpeuPciipTCgqLc-QsLzFyzmKig==

GET
H2 200 29.9b16991a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 2 KB
2 KB 52ms
52ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.9b16991a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

c4f74b02ce64c1bc1166ff6be0b2c0e05e243a93932f34dced5e4d0b45603fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"6b76f18bc4b40ce872a15191ddb2ca65"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pUOVA9iV.dDilNdMlhO7iOxxJwe.gxgd
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Mw8JDzZ1k_m1qWNCeuipqQugIk7UN1wb7pTKOBguCjGhg2dqZz6lTw==

GET
H2 200 22.0fe27b6c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 42 KB
12 KB 52ms
51ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.0fe27b6c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

865bd4ece0b197f219858f3e24543e38b78e56705b0c5bccd85d419cebc34ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"16f43d4a1f08d1a487db21656c599aae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oe044AXHveLEL0iyz_cDL4QpsHnhigfv
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -TKx9jBCiGhDU8rFfwlvKqmx5nOAW8ux0m6048uBcZVckejm8gO_nw==

GET
H2 200 18.44736ae1.chunk.css
js.driftt.com/core/assets/css/ Frame F4C4 8 KB
2 KB 53ms
52ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/18.44736ae1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

8c58a438125e389f81b62999773d8d6cb9e25828bb6049248faa04c12d2bc8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"8b77004f90a97a8796e83c50f9e084d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: x5dOG.3yJKUjrVUkQNFI.TikwE6Otqdt
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G1BqYB8Ze6Cen9vIvEE52mtcC88DLc8oVIA8yXH7Qc3Me0RtWpNTag==

GET
H2 200 18.999c0169.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 66 KB
19 KB 53ms
52ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.999c0169.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

deb21dfcb98f4f6ece52e2966a42f271f445772743d474206cf0652485d10b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:09:14 GMT
content-encoding: gzip
age: 28320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 19:46:50 GMT
server: nginx
etag: W/"04e8b6f4d19e637ac95b7049962b029f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Sr42kFzblgJm6ieq_HhgewyXBn5j1aD.
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0Q9vikOl6voK2W4iNEZbb8NNTp5Sc1kBGLp-_Dl-wd39lKQ6fB4FKA==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 5366 7 KB
2 KB 53ms
52ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905393
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hdWMgNKvLwZcep5QH7m9bqoRE1.SuP2b
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jS6TKhgtrEFLweBk9BW6EGBANxueieDiayGsJFMqSCjteh0WuM9XBQ==

GET
H2 200 1.1dd18d2f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 76 KB
23 KB 54ms
53ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.1dd18d2f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

b358b127d95abf969d41c6d9a9e24d713b169574c4b0853cd7075a98b84f3a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 22:53:34 GMT
content-encoding: gzip
age: 252460
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 26 Jul 2021 20:51:58 GMT
server: nginx
etag: W/"a4a439b10d3ce63496e066f88921993e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iXBcG_IERwVgtbZyrmEeq61SCdC6EWgm
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y-0kxjkFox0ENLTckmKSBURElyrhCLyblHK2BMc3PGcC5wEeqjDPcQ==

GET
H2 200 0.061f3bcd.chunk.css
js.driftt.com/core/assets/css/ Frame 5366 39 KB
7 KB 55ms
54ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.061f3bcd.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

c94531eed7b28e06a929e1a001be4c117d296a8159c395aae04e5986c2e0dca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1905393
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"8270a19b1866f9a99b674fe2dadeced0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zxSLZd3Brbt8Il6bhjFDwt2Bq0yNmNhu
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WD_MUfVEVNiRGRe7J6Yz-tCPP5pW1iOtXC3xnh5bB5Qu3N0OX-DipA==

GET
H2 200 0.d9c47e5a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 59 KB
20 KB 55ms
54ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.d9c47e5a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

912fde03a57918e7a21f00cd989f423d93be81c526c44b582d171c9a4c2fb192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 19:35:33 GMT
content-encoding: gzip
age: 5141
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 29 Jul 2021 18:33:30 GMT
server: nginx
etag: W/"56725daac83f194f22fd9aa80b5ab1b7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjnkHxa43928mr6Oy3it630.Dq4NmwAt
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gmJlGqMq3huflUj9aTLlbmK63FLz6oG1kBpFhGmHeX4qSPwFPAfaGw==

GET
H2 200 25.55f88a7d.chunk.css
js.driftt.com/core/assets/css/ Frame 5366 11 KB
2 KB 56ms
55ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.55f88a7d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

fde247cb6279540b89d49510e8a03ab31a90b69d3da48d21268104cceead3848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 1914187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"a1edc67f80fa4d2930e0e949b8c47368"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PBLtoaNf6c055OEpbrvVBHkZeIp.wBXB
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0CVUoi0dJjtxoc-28Reh8PViT64d4VyG3ZoPwcJseJWPuGceTKL-gg==

GET
H2 200 25.15038c9d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 11 KB
5 KB 73ms
73ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.15038c9d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

03956e7b0dce1325f980f9af98b6fd282939e9fb7b8df626d6c3c2a5c579d6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:09:14 GMT
content-encoding: gzip
age: 28319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 19:46:51 GMT
server: nginx
etag: W/"4a2c3a11fe6b875127540a54eaf43182"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: CqsOEWrF_rTA19TxECxwh4RPlNpLuGEA
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a-CH8HQOQme94u7GY2fqUFt2L_QXta9BZrZ2_MjecazDRm-pIm7j1Q==

GET
H2 200 4.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A6C9AB4BABD0AA264932340B351BAFB2/ Frame 56A9 39 KB
13 KB 51ms
51ms XHR
application/javascript 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A6C9AB4BABD0AA264932340B351BAFB2/4.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-79.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 290949beaf757eba1e44e44a9515b5d6fcf5f03789289559275e38e95a8b50ca

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:39:49 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 06:36:58 GMT
server: nginx
age: 3957685
etag: W/"39769-1622097418000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: GpMi5eqSseb6_Z1PfPS7tb1Q5zMvdQxgNsqF-Sf-tSXivtbIwSug9Q==
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 56A9 3 KB
3 KB 52ms
51ms Image
image/gif 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:43:05 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 06:36:40 GMT
server: nginx
age: 73116
etag: W/"2608-1622097400000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 2608
x-xss-protection: 1; mode=block
x-amz-cf-id: IZXpXqR8-C962I99f6fj8CxRxdZATPczavJiDcDX1K94e5scIvYKQA==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 56A9 2 KB
1 KB 77ms
76ms XHR
application/json 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f94a6a5f095447cb89d131adfeb05a4be74e36dd26b0c0223e91b3d855c364ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A6C9AB4BABD0AA264932340B351BAFB2
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 29 Jul 2021 21:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 741
x-xss-protection: 1; mode=block
x-amz-cf-id: kbOW8UXOc0EJXDKXBjS9EAt_zh14nq6Xuo0n-tsSmtanY9XkbphXXw==

GET
H2 200 get
consent.trustarc.com/ Frame 56A9 51 KB
52 KB 51ms
51ms Font
application/font-woff 13.224.96.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.trustarc.com/get?name=dmsans-regular-webfont.woff
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-94.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 51033ca959567bd01090659e6af136f40e5a0d8965069a47c1e30455cac9e759

Request headers

Origin: https://consent-pref.trustarc.com
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 29 Jul 2021 20:52:04 GMT
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
server: nginx
age: 550
x-cache: Hit from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
content-length: 52724
x-amz-cf-id: bDh8gyLk47TMjScTPOWN1t7EmPDJ4KAhoEOB384JhnxRwI0CKy3j_w==
expires: Sat, 28 Aug 2021 20:52:04 GMT

GET
H2 200 get
consent.trustarc.com/ Frame 56A9 3 KB
3 KB 52ms
51ms Image
image/png 13.224.96.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/get?name=commvault_logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-94.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: bfcec94789c0f9f5d4a83415bb9aa81b26799c5dd089a06eb976e03087ed7a87

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 29 Jul 2021 20:58:03 GMT
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
server: nginx
age: 191
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
content-length: 2839
x-amz-cf-id: dLP8Wsls3fVAgQVZ7UWNWG1mf7rfb7jEKMg-80xkfZDuXZd6tzaIDg==
expires: Sat, 28 Aug 2021 20:58:03 GMT

GET
H2 200 get
consent.trustarc.com/ Frame 56A9 15 KB
15 KB 60ms
59ms Image
image/png 13.224.96.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/get?name=commvault_logo_new.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-94.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 3d93bd0db1f3585a348a2f4df172df589bb16acd40c1b281048b96186299b6ea

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 29 Jul 2021 20:58:03 GMT
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
server: nginx
age: 191
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
content-length: 15119
x-amz-cf-id: 8GtQtMkHtJ_2BCCI-M61jbMhRs1_HvdhFnG4IQmCCrqFIsHpe8548Q==
expires: Sat, 28 Aug 2021 20:58:03 GMT

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 149ms
149ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 29 Jul 2021 21:01:15 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftcb615404a46b6b34c153a55726a
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame F4C4 25 B
84 B 164ms
163ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Jul 2021 21:01:15 GMT
server: istio-envoy
requestid: 4cafdc1990091203
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame F4C4 103 B
165 B 151ms
151ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

ceff454e98692c318f54bbd7a7dcaedc1a662883d8b87194ca6450ba697bc6cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Jul 2021 21:01:15 GMT
server: istio-envoy
requestid: 863cd14d1d358c62
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 103
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 149ms
149ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 29 Jul 2021 21:01:15 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftfe2c4544511a4cc07152362c7eb
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H3-29 200 css
fonts.googleapis.com/ Frame F4C4 4 KB
643 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/main~53ca99a6.6f613f66.chunk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 20:39:55 GMT
server: ESF
date: Thu, 29 Jul 2021 21:01:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jul 2021 21:01:14 GMT

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 56A9 173 KB
34 KB 99ms
98ms XHR
application/json 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

81c7ca1a6e3e736e50c22cdab15a4d2ef8938e82843ccd8f9e3f6c3d948eb428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A6C9AB4BABD0AA264932340B351BAFB2
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 29 Jul 2021 21:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 34785
x-xss-protection: 1; mode=block
x-amz-cf-id: Z9gjrF-_zasAp258gPef060r2q7Txy1CVQJWF3C7PaWOo00xm-9rvA==

GET
H2 200 switchbg.png
consent-pref.trustarc.com/images/ Frame 56A9 1 KB
1 KB 51ms
50ms Image
image/png 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/switchbg.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/EuPreferenceManager.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/EuPreferenceManager.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 22:31:26 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 06:36:40 GMT
server: nginx
age: 80989
etag: W/"1068-1622097400000"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1068
x-xss-protection: 1; mode=block
x-amz-cf-id: XkRoGajeucGBL_ga3B6ZfmZ9CJ-3dxLGzo_otv5hgphr4AV3simdpQ==

GET
H2 200 loader.gif
consent-pref.trustarc.com/images/ Frame 56A9 2 KB
2 KB 51ms
51ms Image
image/gif 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loader.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 14:13:26 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 06:36:40 GMT
server: nginx
age: 24470
etag: W/"1737-1622097400000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1737
x-xss-protection: 1; mode=block
x-amz-cf-id: xRh17lttuQuLbAsxJ-ytfQE1jgN3_aKbDQ0EA3z2ccFEcaI-tGRe_w==

GET
H/1.1

200
OK

master-opt-out Show response
ad.amgdgt.com/ads/ Frame E93A
Redirect Chain

https://ad.amgdgt.com/ads/nai-coop-opt-out?action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201

2 KB
2 KB

135ms
135ms

Document
text/html

52.3.52.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.52.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-52-82.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 41a48b42a08a8c8ec2dbacca5a1d65b6cf2f3b1eef1803c847868f0ce62977e0

Request headers

Host: ad.amgdgt.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://consent-pref.trustarc.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

Cache-Control: no-cache, no-store
Content-Type: text/html
Date: Thu, 29 Jul 2021 21:01:15 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: Apache-Coyote/1.1
Content-Length: 1705
Connection: keep-alive

Redirect headers

Cache-Control: no-cache, no-store
Date: Thu, 29 Jul 2021 21:01:14 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: Apache-Coyote/1.1
Content-Length: 0
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/713/1-2/ Frame 2C1D
Redirect Chain

https://r.turn.com/r/optout?action_id=3&participant_id=713&rd=https://preferences-mgr.truste.com&nocache=0.9351448908073612
https://preferences-mgr.truste.com/token/713/1-2/

550 B
775 B

50ms
50ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/713/1-2/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: d9802af64401b98446e9674c0f11b5944c2eeb0d513bf444679e7707114286ae

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/713/1-2/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Thu, 29 Jul 2021 05:56:40 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: OVKdHidPzNtJv-1GXFm7dMVKhv8VEoP6Vo8QpnkspGNCCI8ZLvjiFQ==
age: 54275

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
location: https://preferences-mgr.truste.com/token/713/1-2/
content-length: 0
date: Thu, 29 Jul 2021 21:01:15 GMT

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/804/2/AFT-j8gAAAAAYQMeI6cHeu56oNX4DmdQHrsS4gtJS-CW/ Frame 2A87
Redirect Chain

https://googleads.g.doubleclick.net/ads/preferences/naioptout?action_id=3&participant_id=804&rd=https://preferences-mgr.truste.com&nocache=0.25661617086233557
https://adssettings.google.com/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYQMeI6cHeu56oNX4DmdQHrsS4gtJS-CW&aboutads_sess=ACi0TCifN4kDU6v681VQlsYbUpT...
https://adssettings.google.de/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYQMeI6cHeu56oNX4DmdQHrsS4gtJS-CW&aboutads_sess=ACi0TCifN4kDU6v681VQlsYbUpTl...
https://preferences-mgr.truste.com/token/804/2/AFT-j8gAAAAAYQMeI6cHeu56oNX4DmdQHrsS4gtJS-CW/

622 B
845 B

150ms
150ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/804/2/AFT-j8gAAAAAYQMeI6cHeu56oNX4DmdQHrsS4gtJS-CW/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 0f06a24e50f3b15d08a16ef4c8e05d8f6e1154d8422c424757872b905559ccf9

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/804/2/AFT-j8gAAAAAYQMeI6cHeu56oNX4DmdQHrsS4gtJS-CW/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 622
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 5Y2o8UGwvWoo5m2WImyWoamcwc1eOsPy2anroSQkV9-Mb1UYrdtDbA==

Redirect headers

content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Jul 2021 21:01:15 GMT
location: https://preferences-mgr.truste.com/token/804/2/AFT-j8gAAAAAYQMeI6cHeu56oNX4DmdQHrsS4gtJS-CW/
report-to: {"group":"AdsSettingsUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AdsSettingsUi/external"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /_/AdsSettingsUi/cspreport script-src 'report-sample' 'nonce-pTe0B2sbcGxFYfLi+ow8mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AdsSettingsUi/cspreport;worker-src 'self' script-src 'nonce-pTe0B2sbcGxFYfLi+ow8mg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/AdsSettingsUi/cspreport
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin-allow-popups; report-to="AdsSettingsUi"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: aboutads_sess-948795759=ACi0TCifN4kDU6v681VQlsYbUpTlPTD65Hte-4ziIHTXxcb9aoptmRzEVhXqTxYC-D9HAR743-PE; Path=/ext/nai/; Secure; HttpOnly; SameSite=none NID=220=A_V0OzkyGqPpeBw8e8k3HYITIFAQfD7hTeeotmPucBC6Sd9tfhGmcza3kGizpg9y6CTRN1LNLMmhnAdmtQIu9z2HA_vVOlbS9e5Z2J2YjrhOOet8CLITeHKpuOQAqY4uR-5JphoqkcOWU19Yt3XaC3eGYeQRmtuZm58NObnfeq8; expires=Fri, 28-Jan-2022 21:01:15 GMT; path=/; domain=.google.de; Secure; HttpOnly; SameSite=none CONSENT=PENDING+345; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.de; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/ Frame 00BA
Redirect Chain

https://ad.wsod.com/coop_api/?action_id=3&participant_id=407&rd=https://preferences-mgr.truste.com/&nocache=0.3127931350743276
https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/

546 B
771 B

51ms
50ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 2ef794e6984277c05c475b8eef5d63fefef122b5277c4ae2a642d1be51061a58

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: //token/407/1/c452458f4e50cdf9c8a1338016a6289d/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 29 Jul 2021 13:40:25 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: VNX49rxAVmr8B42higZrDysv_vbQNYDPp_GSyBa3NVryU8KTn1wbGg==
age: 26450

Redirect headers

Server: nginx
Date: Thu, 29 Jul 2021 21:01:15 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Set-Cookie: ub=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.wsod.com; SameSite=None; secure; httponly
Location: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/

GET
H2

200

0 Show response
preferences-mgr.truste.com/token/519/1/ Frame DF67
Redirect Chain

https://s.thebrighttag.com/api/privacy/3fLGmeU/nai?action_id=3&participant_id=519&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6453374273086234
https://preferences-mgr.truste.com/token/519/1/0

536 B
761 B

51ms
51ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/519/1/0
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 6e60407537ae8be31f1c4776a6e6ff512a603ef7a1fabc8f6386ff2410b16d31

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/519/1/0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 536
date: Thu, 29 Jul 2021 04:37:13 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: YdzCzWE6AznFvCpbUrqEI9heUChNaokuzBxwXmhaLTZWClcOZIAyTw==
age: 59042

Redirect headers

Server: nginx
Date: Thu, 29 Jul 2021 21:01:15 GMT
Content-Length: 0
Connection: keep-alive
Location: https://preferences-mgr.truste.com/token/519/1/0
Set-Cookie: btpstkn=pClCW_sXAcEr9KZrjXdjMQAAAXr0EkJF;Version=0;Comment=;SameSite=None;Domain=.s.thebrighttag.com;Secure
X-BT-RequestId: 1cbde750-f0b0-11eb-92c3-0000ac150af2
P3P: CP=NOI DSP COR NID

GET
H2

200

adelphic Show response
preferences-mgr.truste.com/token/642/1/ Frame 11B9
Redirect Chain

https://my.ipredictive.com/optout/aboutads?action_id=3&participant_id=642&rd=https://preferences-mgr.truste.com&nocache=0.9472526346084758
https://preferences-mgr.truste.com/token/642/1/adelphic

550 B
776 B

51ms
51ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/642/1/adelphic
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 2fc144fae13962c0d391f4a75a0ec528c0aadd48b23acfdb0f296ffd7d339adc

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/642/1/adelphic
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Thu, 29 Jul 2021 08:09:47 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: tOFM0IwjK54KGQyXdp7XVF9LaACKOPbqwbhbdiX1eWyqzkVXvBkQuQ==
age: 46288

Redirect headers

date: Thu, 29 Jul 2021 21:01:15 GMT
content-length: 0
location: https://preferences-mgr.truste.com/token/642/1/adelphic
server: Apache-Coyote/1.1
p3p: CP="NOI PSA OUR"

GET
H2

200

0b9490d1f38e Show response
preferences-mgr.truste.com/token/574/2/ Frame 47BD
Redirect Chain

https://optout.prod.bidr.io/optout?action_id=3&participant_id=574&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8559045253047648
https://preferences-mgr.truste.com/token/574/2/0b9490d1f38e

558 B
791 B

52ms
52ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/574/2/0b9490d1f38e
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 8dec14782b923cc6c03f1dddf55354b92f4292d0ad14777f0c645e2a7f7c68e2

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/574/2/0b9490d1f38e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 558
date: Thu, 29 Jul 2021 12:20:16 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: O6fHMU-wW2f38U1sMsNfAv-CUf57Avvx4kBwLYou-iYlLLkzW-Y_Tg==
age: 31259

Redirect headers

content-type: text/plain
Date: Thu, 29 Jul 2021 21:01:15 GMT
location: https://preferences-mgr.truste.com/token/574/2/0b9490d1f38e
p3p: We do not support P3P; our privacy policy is at https://www.beeswax.com/privacy.html
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 15
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/ Frame ABC9
Redirect Chain

https://ml314.com/daaoptout.ashx?action_id=3&participant_id=718&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8272116159343907
https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/

574 B
798 B

51ms
50ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 67175599b4bdf8d3df9fa17e11d12ea2396ad2f6997a70b44e701966b930ec8f

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/718/1/dG9rZW4tYm9tYm9yYQ==/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 574
date: Thu, 29 Jul 2021 09:36:24 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: sHfxPYC3D73Q7hs_B0SbsmXFXYn9nFqjcRPO7CatJimNSX0Y2g2MXg==
age: 41091

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Thu, 29 Jul 2021 21:01:15 GMT
Expires: 0
Location: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
P3P: CP="ALL DSP COR NID"
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 185
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/762/1-0/ Frame 0B50
Redirect Chain

https://segments.company-target.com/dnt?action_id=3&participant_id=762&rd=https://preferences-mgr.truste.com&nocache=0.018352991163515187
https://preferences-mgr.truste.com/token/762/1-0/

550 B
775 B

54ms
54ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/762/1-0/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 862dc87fba8cf3233eedca7a7b8a3f4a99659743c06233a59193251e0cc63887

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/762/1-0/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Thu, 29 Jul 2021 12:31:55 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: pIRqt3KgYY3WulBrRfHmP3jSQ3I2s63N0ybQIPL_BJ_qpHOufrNHNA==
age: 30560

Redirect headers

Content-Length: 0
Connection: keep-alive
Date: Thu, 29 Jul 2021 21:01:15 GMT
trace-id: 947b16cd4a689afe
Vary: Origin
Location: https://preferences-mgr.truste.com/token/762/1-0/
X-Cache: Miss from cloudfront
Via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: -S5EQ-rRk6ATkYubl6XEgLD-tPEtlU03AnmCCyAgq37QUtPfQAhmCg==

GET
H2

200

mtgOj5dmlrXBYn33ci5wYLCOJ Show response
preferences-mgr.truste.com/token/745/1/ Frame 1417
Redirect Chain

https://casalemedia.com/privacy/optout?action_id=3&participant_id=745&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.9023505674976078
https://preferences-mgr.truste.com/token/745/1/mtgOj5dmlrXBYn33ci5wYLCOJ

584 B
810 B

153ms
152ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/745/1/mtgOj5dmlrXBYn33ci5wYLCOJ
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 19aa34f68fab8b539ea06a12b2e6c78f9631c87ac76c4eeabfa0747affbddc13

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/745/1/mtgOj5dmlrXBYn33ci5wYLCOJ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 584
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: cQ_alI3dIvgLjqmN-TEObhCcFORTOxRAcLhlWSIQoYKv6PNjQDO52A==

Redirect headers

content-type: text/html
date: Thu, 29 Jul 2021 21:01:15 GMT
location: https://preferences-mgr.truste.com/token/745/1/mtgOj5dmlrXBYn33ci5wYLCOJ
p3p: NOI DSP COR DEVa TAIa OUR BUS UNI
content-length: 0

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/454/1/AZFXIEUHBQ/ Frame DB7A
Redirect Chain

https://oba.media.net/nai.php?action_id=3&participant_id=454&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.34047993487089157
https://preferences-mgr.truste.com/token/454/1/AZFXIEUHBQ/

554 B
779 B

151ms
151ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/454/1/AZFXIEUHBQ/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 84996f621223631b4456dda9b9decd3113c4499ae3e6c56b480fc19fc7078f54

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/454/1/AZFXIEUHBQ/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 554
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: J_V3TA-gOSenX_JZqKc2X8JcXT0x1Mcc-kaRq2D7m8zCbgjLw09N3w==

Redirect headers

Date: Thu, 29 Jul 2021 21:01:15 GMT
Server: Apache
Strict-Transport-Security: max-age=3600;
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Set-Cookie: token=AZFXIEUHBQ; path=/; domain=.media.net; secure; SameSite=None
Location: https://preferences-mgr.truste.com/token/454/1/AZFXIEUHBQ/
Content-Length: 0
Keep-Alive: timeout=2, max=111
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set nai.php Show response
www.mathtag.com/ Frame C6B8 281 B
785 B 142ms
141ms Document
text/html 74.121.140.207
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.3518662351316155
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.121.140.207 Reston, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 394501285db9fa9e4178a4e81181331254b1541bc64ec10050eb58c48052d1d6

Request headers

Host: www.mathtag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://consent-pref.trustarc.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

Server: nginx
Date: Thu, 29 Jul 2021 21:01:15 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 237
Connection: keep-alive
Keep-Alive: timeout=360
Referrer-Policy: no-referrer-when-downgrade
Set-Cookie: PHPSESSID=tcge0faa9nekpa91vi47oqo071; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/755/3/ Frame 6980
Redirect Chain

https://jadserve.postrelease.com/naioptout?action_id=3&participant_id=755&rd=https://preferences-mgr.truste.com&nocache=0.6263222309880192
https://preferences-mgr.truste.com/token/755/3/

546 B
771 B

50ms
50ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/755/3/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 244c6dae6dcb45d4f8890326398b2e39628b713f4f37f327a492b5b163083d72

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/755/3/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 29 Jul 2021 07:56:07 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: hfHEDzLGLIbHTAdKt1LCALZ8vt9tlRbKZFo9nw4TbvGSr1ZSWIor9w==
age: 47108

Redirect headers

date: Thu, 29 Jul 2021 21:01:15 GMT
content-length: 0
location: https://preferences-mgr.truste.com/token/755/3/
server: nginx/1.12.1
expires: Mon, 1 Jan 1990 12:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: opt_out=1; Domain=.postrelease.com; Expires=Wed, 29-Jul-2026 21:01:15 GMT; Path=/; Secure; SameSite=None;

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/765/1/1627592475/ Frame 5926
Redirect Chain

https://u.openx.net/privacy/daa?action_id=3&participant_id=765&rd=https://preferences-mgr.truste.com&nocache=0.06829093920304041
https://preferences-mgr.truste.com/token/765/1/1627592475/

554 B
779 B

152ms
151ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/765/1/1627592475/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 4f2039be8cc7cc63909e39af84cf3aa23a41c82274315bede158840a81cba2fe

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/765/1/1627592475/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 554
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: KRtTPI-VDxz5JmdZUeEKaLju4SVknwoSyqri8MuGkpL0rceJ6Z1u-Q==

Redirect headers

server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://preferences-mgr.truste.com/token/765/1/1627592475/
date: Thu, 29 Jul 2021 21:01:15 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

no-token Show response
preferences-mgr.truste.com/token/591/1-1/ Frame CE44
Redirect Chain

https://px.owneriq.net/nai/optout?action_id=3&participant_id=591&rd=https://preferences-mgr.truste.com&nocache=0.8313142536144285
https://preferences-mgr.truste.com/token/591/1-1/no-token

554 B
778 B

55ms
55ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/591/1-1/no-token
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 892af2ba7758cbe009692eb0bc3e5a3b0fa5a15925d309a0d1fca2c229934982

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/591/1-1/no-token
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 554
date: Thu, 29 Jul 2021 14:00:27 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: G5SIBgz4xFtYiJAQMYmQjlHrBNUm8GH-daboW-_QL833jXeYbE1_Hw==
age: 25249

Redirect headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://preferences-mgr.truste.com/token/591/1-1/no-token
Content-Length: 0
Content-Type: text/html
Expires: Thu, 29 Jul 2021 21:01:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 29 Jul 2021 21:01:15 GMT
Connection: keep-alive

GET
H/1.1 200
OK Cookie set optout.jsp Show response
apps.pubmatic.com/ Frame 06E0 788 B
1 KB 210ms
209ms Document
text/html 104.36.113.45
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.pubmatic.com/optout.jsp?action_id=3&participant_id=420&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.921897669169309
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.45 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 9821ab0c2c0ec5b01063600d74683297ce2374c280142908a947ae553b60a027

Request headers

Host: apps.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://consent-pref.trustarc.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

Date: Thu, 29 Jul 2021 21:01:15 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: route=c4132e5e425bed314bc507d329fdc75a; Max-Age=86400; Path=/; HttpOnly JSESSIONID=BD66EC7CDCACF26960E3B8E19572BD3D; Path=/; HttpOnly
Cache-Control: no-cache
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST
Access-Control-Allow-Headers: X-Forwarded-For, X-app123-XPTO
Content-Encoding: gzip

GET
H2

200

EArUFSWRzVUq Show response
preferences-mgr.truste.com/token/422/1/ Frame 22FC
Redirect Chain

https://bh.contextweb.com/bh/oba/aboutads/?action_id=3&participant_id=422&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.33741181282854926
https://preferences-mgr.truste.com/token/422/1/EArUFSWRzVUq

558 B
784 B

154ms
153ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/422/1/EArUFSWRzVUq
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 6ac73beb204cf677c039f284f52b988dc3f1c997465005cad53b9bfa75229df6

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/422/1/EArUFSWRzVUq
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 558
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: lyaV0hrvn7YCLoQNXwR-C17MUBR8xClNOfdL6N9STXZxAYXEdOc9bw==

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://preferences-mgr.truste.com/token/422/1/EArUFSWRzVUq
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=af9435600fc718d3; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/806/1-0/O021384551231627592475199/ Frame 6087
Redirect Chain

https://pixel.quantserve.com/optout?action_id=3&participant_id=806&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.18795234453155785
https://preferences-mgr.truste.com/token/806/1-0/O021384551231627592475199/

588 B
812 B

153ms
153ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/806/1-0/O021384551231627592475199/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 410f8a8179290466299f6eaf908342c45bd907374f8c9a0d417958352c50e970

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/806/1-0/O021384551231627592475199/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 588
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Ve9TqY262Hcka6mdezleYFQ3h_K38-4ORz2PK7MLuTk6pymKneTJwg==

Redirect headers

date: Thu, 29 Jul 2021 21:01:15 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://preferences-mgr.truste.com/token/806/1-0/O021384551231627592475199/
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

f07cffc6-0d25-4285-bcd8-3deef26020f8 Show response
preferences-mgr.truste.com/token/758/1-0/ Frame F663
Redirect Chain

https://optout.mediaforge.com/nai/mediaforge/optout?action_id=3&participant_id=758&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.4897444374563291
https://preferences-mgr.truste.com/token/758/1-0/f07cffc6-0d25-4285-bcd8-3deef26020f8

610 B
835 B

152ms
152ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/758/1-0/f07cffc6-0d25-4285-bcd8-3deef26020f8
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 2421c837293ecd73e03768eb916e9356b683784c1e5eaa56998f184982718a89

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/758/1-0/f07cffc6-0d25-4285-bcd8-3deef26020f8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 610
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: _0NoUPq9IKMPLGkZ6Ou_TgN6NEzVN00hH3At18dN-Y5Urd-v2Em_9w==

Redirect headers

p3p: CP="This is not a P3P policy! See http://marketing.rakuten.com/faq-privacy-policy-changes for more info."
x-robots-tag: noindex, nofollow
expires: Tue, 01 Jan 2001 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
set-cookie: mf_token=f07cffc6-0d25-4285-bcd8-3deef26020f8; Domain=mediaforge.com; Path=/; Secure; SameSite=None
location: https://preferences-mgr.truste.com/token/758/1-0/f07cffc6-0d25-4285-bcd8-3deef26020f8
content-language: en-US
content-length: 0
date: Thu, 29 Jul 2021 21:01:14 GMT
via: 1.1 google
alt-svc: clear

GET
H2

200

90ef8a48-ef2d-496e-bd39-dc90cad1a484 Show response
preferences-mgr.truste.com/token/759/1-0/ Frame 0750
Redirect Chain

https://optout.nxtck.com/nai/nextperf/optout?action_id=3&participant_id=759&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.3832174760044449
https://preferences-mgr.truste.com/token/759/1-0/90ef8a48-ef2d-496e-bd39-dc90cad1a484

610 B
835 B

150ms
150ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/759/1-0/90ef8a48-ef2d-496e-bd39-dc90cad1a484
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: fb2d0335b96fc76dbdd22b363289104c3d3cbcf93018b03c22c97251690e8d3e

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/759/1-0/90ef8a48-ef2d-496e-bd39-dc90cad1a484
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 610
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: PH9lL0Fvr-PWwq76iatiG9TQdj13MiqLSh2YD-4nZZ0yX9H_4cdffA==

Redirect headers

p3p: CP="This is not a P3P policy! See http://marketing.rakuten.com/faq-privacy-policy-changes for more info."
x-robots-tag: noindex, nofollow
expires: Tue, 01 Jan 2001 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
set-cookie: nextperf_token=90ef8a48-ef2d-496e-bd39-dc90cad1a484; Domain=nxtck.com; Path=/; Secure; SameSite=None
location: https://preferences-mgr.truste.com/token/759/1-0/90ef8a48-ef2d-496e-bd39-dc90cad1a484
content-language: en-US
content-length: 0
date: Thu, 29 Jul 2021 21:01:14 GMT
via: 1.1 google
alt-svc: clear

GET
H2

200

203103427 Show response
preferences-mgr.truste.com/token/831/1-1/ Frame 448E
Redirect Chain

https://i.w55c.net/optout/nai?action_id=3&participant_id=831&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.5473292560066407
https://preferences-mgr.truste.com/token/831/1-1/203103427

556 B
782 B

152ms
151ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/831/1-1/203103427
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 7dae1cb5f95934b6f1fd5cfa9deab8bf94ab6cb861a2b9df15bc55bd68ba6a55

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/831/1-1/203103427
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 556
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: vk_bKIRDZPfuzxSbEKvp72E6qwZIfyr1MtHUdry1j3Sqje6qPdbEiw==

Redirect headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=utf-8
Date: Thu, 29 Jul 2021 21:01:14 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://preferences-mgr.truste.com/token/831/1-1/203103427
P3P: policyref="http://w55c.net/w3c/p3p.xml", CP="DSP NOI COR"
Pragma: no-cache
Server: PixelTracking/v2.0.30-661-ga8ef792#rel-ec2-master i-09783869e9eb9ec2d@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/835/1/42/ Frame 9988
Redirect Chain

https://nai.sharethis.com/?action_id=3&participant_id=835&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.09505652930721231
https://preferences-mgr.truste.com/token/835/1/42/

538 B
760 B

51ms
51ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/835/1/42/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 3975ae177459f79bf5425cf9922417e008d8e1e9238cb2fd4a79598c8d312d2b

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/835/1/42/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 538
date: Thu, 29 Jul 2021 03:30:44 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 4pnL262L2k2IBc61nzjoHNQ304x0VTXk-aV26UdSp5ytpuirxe0LFA==
age: 63031

Redirect headers

content-length: 0
location: https://preferences-mgr.truste.com/token/835/1/42/
date: Thu, 29 Jul 2021 21:01:15 GMT
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
apigw-requestid: DQCMSiPPIAMESjQ=
x-cache: Miss from cloudfront
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 4X4iJnV_bfKegn7CcPkOyOe04D2izyXVRVCSLkaX4LC1cOBppLRUQg==

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/742/1/ Frame 181D
Redirect Chain

https://ap.lijit.com/cookie_opt_out?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com&nocache=0.7480865920852773
https://ap.lijit.com/check_optout_cookie?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com
https://preferences-mgr.truste.com/token/742/1/

546 B
770 B

51ms
50ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/742/1/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: a84d6b5a26df2f5550f066a6f55ffda41c871a58132a2e639c296631e687f59d

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/742/1/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 29 Jul 2021 13:27:13 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 14cW76KdD6MEgyWAeFe0zmF9vPlmkDD2Ps8iyK3E6RIUZ_dhXnp0ZA==
age: 27242

Redirect headers

Server: nginx
Date: Thu, 29 Jul 2021 21:01:15 GMT
Content-Length: 0
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://preferences-mgr.truste.com/token/742/1/
X-Powered-By: raptor-daa
X-Sovrn-Pod: ad_ap7ams1

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/375/1/db061f97-7b19-34ce-9de2-d2ee76676412/ Frame 8692
Redirect Chain

https://optout.steelhousemedia.com/nai?action_id=3&participant_id=375&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.34269665946636674
https://preferences-mgr.truste.com/token/375/1/db061f97-7b19-34ce-9de2-d2ee76676412/

606 B
829 B

51ms
50ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/375/1/db061f97-7b19-34ce-9de2-d2ee76676412/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 495add115f5762d690c4f9fc3fd8ea80a7f46484901ac04947cb5fecfa6d5baa

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/375/1/db061f97-7b19-34ce-9de2-d2ee76676412/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 606
date: Thu, 29 Jul 2021 20:49:53 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: G7sVc0B59NUlpqpZOCjMG0d-n_cazlZy5KkG6_o_-EUz4bijmqejTQ==
age: 683

Redirect headers

content-type: text/html;charset=UTF-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
location: https://preferences-mgr.truste.com/token/375/1/db061f97-7b19-34ce-9de2-d2ee76676412/
content-length: 0
x-envoy-upstream-service-time: 1
date: Thu, 29 Jul 2021 21:01:15 GMT
server: istio-envoy
connection: close

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/428/1/44da6e22-99c7-49f6-9a7a-9dc00f498175/ Frame F0EC
Redirect Chain

https://privacy.tapad.com/daa-coop?action_id=3&participant_id=428&rd=https://preferences-mgr.truste.com&nocache=0.05070899648736171
https://preferences-mgr.truste.com/token/428/1/44da6e22-99c7-49f6-9a7a-9dc00f498175/

606 B
831 B

151ms
151ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/428/1/44da6e22-99c7-49f6-9a7a-9dc00f498175/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 0d7752f97f73af016f148f80d669b03f320972b9ef3a8b5a23fea3da9d5017ce

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/428/1/44da6e22-99c7-49f6-9a7a-9dc00f498175/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 606
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: mEexk2eU8RRTf8zFmgQ0NS8zi3-y3hML3xDSuqBkgsyqZWdTw8diTQ==

Redirect headers

location: https://preferences-mgr.truste.com/token/428/1/44da6e22-99c7-49f6-9a7a-9dc00f498175/
strict-transport-security: max-age=31536000
content-length: 0
date: Thu, 29 Jul 2021 21:01:15 GMT
via: 1.1 google
alt-svc: clear

GET
H2

200

jKfD4zdBdc Show response
preferences-mgr.truste.com/token/366/1-0/ Frame 5D47
Redirect Chain

https://pixel.rubiconproject.com/oba/optout/?action_id=3&participant_id=366&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.012564223476042136
https://preferences-mgr.truste.com/token/366/1-0/jKfD4zdBdc

558 B
782 B

177ms
177ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/366/1-0/jKfD4zdBdc
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 2121ef2df19607e5ab111e8de9f4d838258812529ff531e2542407d5a83d9b64

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/366/1-0/jKfD4zdBdc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 558
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: yZzs2-aka391ahwqFyu3_r0kV2aK-zmKbH2YR7t-W8SQwfufdVDHAQ==

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Location: https://preferences-mgr.truste.com/token/366/1-0/jKfD4zdBdc
content-length: 0
set-cookie: jKfD4zdBdc=1; Max-Age=3600; Expires=Thu, 29 Jul 2021 22:01:15 GMT; Path=/; Domain=.rubiconproject.com; Secure; SameSite=None

GET
H2

200

3cq9 Show response
preferences-mgr.truste.com/token/770/1-0/ Frame 2FE0
Redirect Chain

https://optout.thrtle.com/optout?action_id=3&participant_id=770&rd=https://preferences-mgr.truste.com&nocache=0.6082542634005796
https://preferences-mgr.truste.com/token/770/1-0/3cq9

546 B
771 B

174ms
174ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/770/1-0/3cq9
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: e385ea7c31566e5ac19a795268fcc4d94015532f5ef5204e16cac2e4cce02f34

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/770/1-0/3cq9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: VWHr1D5ad0lT5bFNfJDLIV17iRL_2_-jNW6wirIqCXAPKYkSwa7sTQ==

Redirect headers

date: Thu, 29 Jul 2021 21:01:15 GMT
content-type: text/html; charset=utf-8
content-length: 76
location: https://preferences-mgr.truste.com/token/770/1-0/3cq9
p3p: CP="NOI OUR BUS UNI COM NAV"
strict-transport-security: max-age=63072000; includeSubDomains
server

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/ Frame 1CE8
Redirect Chain

https://optout-service.unrulymedia.com/opt-out?action_id=3&participant_id=783&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.2173208813837748
https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/

606 B
838 B

51ms
51ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: cfa76b1c4ea631c14e2bd76a3061da97e0954a6bde16f6e772bace1261f28eb7

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 606
date: Wed, 28 Jul 2021 22:00:37 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 06bQCDndtabvdepEi7mjf4K7mlvN817INXWWLWHi1oldLoGGE0t4hw==
age: 82838

Redirect headers

date: Thu, 29 Jul 2021 21:01:15 GMT
location: https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
server: nginx/1.19.6
vary: Accept-Encoding
content-length: 0

GET
H2

200

csrf Show response
preferences-mgr.truste.com/token/747/1-0/ Frame CD35
Redirect Chain

https://optout.bigsea.weborama.com/optout?action_id=3&participant_id=747&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.28682361798162304
https://preferences-mgr.truste.com/token/747/1-0/csrf

546 B
771 B

51ms
51ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/747/1-0/csrf
Requested by: Host: app.discover.commvault.com
URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAF-kmq6d9wnxH63XfUNXJk7pZRczLMObBpYdQ08GSwK7IS93Ih6hamRu8nHVqxudenEr9B8mtI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: efec5394dfd449bbe933fad5abd3dc6991d17596494f4cd12990a8e35b33e3f9

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/747/1-0/csrf
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Thu, 29 Jul 2021 09:46:23 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: gBXrNXqApZSB0TVI5YuQ0IXIJpKjcYxv55kAnPbq01xTWN8oW7YNIg==
age: 40492

Redirect headers

Date: Thu, 29 Jul 2021 21:01:15 GMT
Location: https://preferences-mgr.truste.com/token/747/1-0/csrf
P3P: CP="This is not a valid P3P header"
Content-Length: 0
Connection: keep-alive

GET
H2 200 6mv9d8mhh2p7.json Show response
embeds.driftcdn.com/embeds/ Frame F4C4 170 KB
20 KB 54ms
53ms XHR
application/json 13.224.193.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/6mv9d8mhh2p7.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-101.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cab253317091b70a26f8c1346bf32ba2db1b22932ac8eb6e8c61c84e85f8e5ff

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:09 GMT
content-encoding: gzip
age: 6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 29 Jul 2021 16:16:52 GMT
server: AmazonS3
etag: W/"c4e8106881d134a760996188dc278c7e"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: UNLTVa7SI1w2AAd7e879hcqj6z6rGGqy6CdVZZja_eyHSdtkYBMgZQ==

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/807/1-1/tcge0faa9nekpa91vi47oqo071/ Frame C6B8
Redirect Chain

https://pixel.mathtag.com/event/img?mt_id=888&mt_nsync&mm_bnc&redir=https%3A%2F%2Fpreferences-mgr.truste.com%2Ftoken%2F807%2F%5BNAI_OPTOUT%5D-1%2Ftcge0faa9nekpa91vi47oqo071%2F
https://preferences-mgr.truste.com/token/807/1-1/tcge0faa9nekpa91vi47oqo071/

590 B
816 B

151ms
151ms

Document
text/html

13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/807/1-1/tcge0faa9nekpa91vi47oqo071/
Requested by: Host: www.mathtag.com
URL: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.3518662351316155
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: ac446478190f57e1318e7127722958b26631ae32f7e3d3b54c0fc81c01c1227f

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/807/1-1/tcge0faa9nekpa91vi47oqo071/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.3518662351316155
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.3518662351316155

Response headers

content-length: 590
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: nwbEMovlM9tnqCJ1JwbnLkwC5lNLDqzEWMOIkG371Ky7bHhKZrL63A==

Redirect headers

Content-Type: image/gif
Content-Length: 0
Server: MT3 3810 5cb7d7e master cdg-pixel-x5
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://preferences-mgr.truste.com/token/807/1-1/tcge0faa9nekpa91vi47oqo071/
Expires: Thu, 29 Jul 2021 21:01:11 GMT
Date: Thu, 29 Jul 2021 21:01:15 GMT
Connection: keep-alive

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 56A9 4 KB
4 KB 50ms
50ms Image
image/png 13.224.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A6C9AB4BABD0AA264932340B351BAFB2.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-79.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=pl&locale=en&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:57:42 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 06:36:40 GMT
server: nginx
age: 83017
etag: W/"4197-1622097400000"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 4197
x-xss-protection: 1; mode=block
x-amz-cf-id: D6bCeU10pE8Q2FUi3c4SegR_-mqyDyYEgY006105JHcEXR0FxYKeJA==

GET
H2 200 optout.js Show response
cdn.pubmatic.com/mgmt/javascripts/ Frame 06E0 9 KB
4 KB 68ms
68ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pubmatic.com/mgmt/javascripts/optout.js

Requested by

Host: apps.pubmatic.com
URL: https://apps.pubmatic.com/optout.jsp?action_id=3&participant_id=420&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.921897669169309

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-180.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

55b6f92da77357e33d80dc8799f4819168ebb769fe84e5d62580226e70179e0c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.pubmatic.com

Request headers

Referer: https://apps.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.pubmatic.com
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 05:14:03 GMT
server: Apache
etag: "7e0375-257c-5c7871f4df7c5"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=172800
date: Thu, 29 Jul 2021 21:01:15 GMT
accept-ranges: bytes
content-type: text/javascript
content-length: 3858
expires: Sat, 31 Jul 2021 07:47:29 GMT

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
ad.amgdgt.com/ads/js/ Frame E93A 94 KB
94 KB 146ms
145ms Script
application/javascript 52.3.52.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/js/jquery-1.11.1.min.js
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.52.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-52-82.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:14 GMT
Last-Modified: Wed, 30 Jan 2019 10:48:44 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 95786
Content-Type: application/javascript

GET
H/1.1 200
OK jquery.cookie.js Show response
ad.amgdgt.com/ads/js/ Frame E93A 3 KB
3 KB 137ms
135ms Script
application/javascript 52.3.52.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/js/jquery.cookie.js
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.52.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-52-82.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b

Request headers

Referer: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:15 GMT
Last-Modified: Wed, 30 Jan 2019 10:48:44 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 3128
Content-Type: application/javascript

GET
H/1.1 200
OK optout.js Show response
ad.amgdgt.com/ads/js/ Frame E93A 22 KB
22 KB 243ms
243ms Script
application/javascript 52.3.52.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/js/optout.js
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.52.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-52-82.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 13f5ddb50d8506f227f9ed4039d935ccbea8390f52b946c11de4f73a7dabbcc2

Request headers

Referer: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 21:01:14 GMT
Last-Modified: Wed, 30 Jan 2019 10:48:44 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 22414
Content-Type: application/javascript

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame F4C4 6 KB
2 KB 367ms
367ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

545abf1f20e3a95dda703a36ba3859a6073790ca731040fc0bd0365298fc408a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Jul 2021 21:01:15 GMT
content-encoding: gzip
server: istio-envoy
requestid: 6ddf5c9414f19fac
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 219
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2424
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 / Show response
preferences-mgr.truste.com/token/420/1/qnXXEVRbj460Zvp0ZKTUiuUSGsLHre8WuFEx/ Frame 06E0 606 B
831 B 151ms
151ms Document
text/html 13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/420/1/qnXXEVRbj460Zvp0ZKTUiuUSGsLHre8WuFEx/
Requested by: Host: cdn.pubmatic.com
URL: https://cdn.pubmatic.com/mgmt/javascripts/optout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 749e029b351c0635421937357a3e18f89efa39dc8beccd940b7d6cd29c82c95b

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/420/1/qnXXEVRbj460Zvp0ZKTUiuUSGsLHre8WuFEx/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://apps.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://apps.pubmatic.com/

Response headers

content-length: 606
date: Thu, 29 Jul 2021 21:01:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: gPthgAdNYAbjsBW8lr-zO6kvnb1yOfHV7fU1hqDDQj7swKE3Ou5XHA==

GET
H2

200

transparent.gif
cdn.amgdgt.com/base/pixels/ Frame E93A
Redirect Chain

https://ad.amgdgt.com/ads/opt-out?op=check&src=MST&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D-1014628979%26pf%3Damg%26st%3D
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=-1014628979&pf=amg&st=nt
https://cdn.amgdgt.com/base/pixels/transparent.gif

43 B
398 B

7ms
7ms

Image
image/gif

2600:9000:21f3:9c00:10:8317:ee40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9c00:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Referer: https://ad.amgdgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 14:18:40 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2015 18:15:05 GMT
server: Apache
age: 2184156
etag: "2b-514e0f55a9e7d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 43
x-amz-cf-id: GstDgM5HnJWdApyK_a07o25eaEcON9OrDVF0EIyK6A-PjFsZrSY_qg==
expires: Tue, 03 Aug 2021 14:18:40 GMT

Redirect headers

Date: Thu, 29 Jul 2021 21:01:15 GMT
Server: Apache-Coyote/1.1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cdn.amgdgt.com/base/pixels/transparent.gif
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

transparent.gif
cdn.amgdgt.com/base/pixels/ Frame E93A
Redirect Chain

https://r.turn.com/r/optout?src=amobee&type=status&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D3152634554372587520%26pf%3Dturn%26st%3D
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=3152634554372587520&pf=turn&st=t
https://cdn.amgdgt.com/base/pixels/transparent.gif

43 B
399 B

6ms
6ms

Image
image/gif

2600:9000:21f3:9c00:10:8317:ee40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9c00:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Referer: https://ad.amgdgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 14:18:40 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2015 18:15:05 GMT
server: Apache
age: 2184155
etag: "2b-514e0f55a9e7d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 9gyD_NwbtVUcXVGPDBqDAhVILFFKTBk6oO1Vb2HrirLypmYka5stAA==
expires: Tue, 03 Aug 2021 14:18:40 GMT

Redirect headers

Date: Thu, 29 Jul 2021 21:01:15 GMT
Server: Apache-Coyote/1.1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cdn.amgdgt.com/base/pixels/transparent.gif
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

transparent.gif
cdn.amgdgt.com/base/pixels/ Frame E93A
Redirect Chain

https://ingest.tidaltv.com/opt-out?op=givethestatus&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D-4427505794866479104%26pf%3Dvid%26st%3D
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=-4427505794866479104&pf=vid&st=nt
https://cdn.amgdgt.com/base/pixels/transparent.gif

43 B
400 B

6ms
6ms

Image
image/gif

2600:9000:21f3:9c00:10:8317:ee40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.8453537416308201
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9c00:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Referer: https://ad.amgdgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 14:18:40 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2015 18:15:05 GMT
server: Apache
age: 2184156
etag: "2b-514e0f55a9e7d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 43
x-amz-cf-id: w5wxuT1Kyci1OLxKh6cRQMV3JSFGcrRN8HXsN_xsDHdOI0aX5WjyYA==
expires: Tue, 03 Aug 2021 14:18:40 GMT

Redirect headers

Date: Thu, 29 Jul 2021 21:01:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cdn.amgdgt.com/base/pixels/transparent.gif
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 6mv9d8mhh2p7 Show response
targeting.api.drift.com/hours/availability/combined/ Frame F4C4 46 B
133 B 177ms
177ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/6mv9d8mhh2p7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

c45a37dfe44d39427cc8f1bca159f4e5f87756d285e752dde2ac1519fbe98608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTY1MDExMzgzNTM4NDgzMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzE4NzQiLCJleHAiOjE2NTkxMjg0NzUsImlhdCI6MTYyNzU5MjQ3NX0.h3zjL9_7KSqRfxOz_XO1FsnWTS1LrLd-_snenendzysjiWio3yoo0Vw6JVtSw7Ml4MI6rrs5izxFlRelTnzUvQ

Response headers

date: Thu, 29 Jul 2021 21:01:16 GMT
server: istio-envoy
requestid: f91f224c668b79ba
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 28
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 46
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 track Show response
event.api.drift.com/ Frame F4C4 850 B
1 KB 143ms
142ms XHR
application/json 54.172.114.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.114.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-114-57.compute-1.amazonaws.com

Software

Resource Hash

6e26dedab9d45f38b7a6ecbfcdd2a53281d5f40b2b6501f58100883e263e298a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTY1MDExMzgzNTM4NDgzMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzE4NzQiLCJleHAiOjE2NTkxMjg0NzUsImlhdCI6MTYyNzU5MjQ3NX0.h3zjL9_7KSqRfxOz_XO1FsnWTS1LrLd-_snenendzysjiWio3yoo0Vw6JVtSw7Ml4MI6rrs5izxFlRelTnzUvQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Jul 2021 21:01:16 GMT
requestid: 73a2fab0a6469e93
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 850

GET
H2 200 46.67acb4b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F4C4 17 KB
6 KB 52ms
52ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.67acb4b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=6mv9d8mhh2p7&region=US&forceShow=false&skipCampaigns=false&sessionId=668f99b4-1725-43ec-8a96-431fb1116ec3&sessionStarted=1627592474.375&campaignRefreshToken=fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99&hideController=false&pageLoadStartTime=1627592472760&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:07 GMT
content-encoding: gzip
age: 1914188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"a31f16ddeb870cf86efd9070460b1ca5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HRF16KWFqyFRUpbi5VZWxhcRiBUrjrTa
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dBsiXJWEJOnhXC4Uho7YVo0ZGMSxh3LHEf44_y8jQZEWddcSaXFxmw==

OPTIONS
H2 200 6mv9d8mhh2p7
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 149ms
149ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/6mv9d8mhh2p7

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 29 Jul 2021 21:01:15 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: HEAD,GET,OPTIONS
requestid: driftf577c6a45b9ac8f29c3f47acf75
content-length: 18
x-envoy-upstream-service-time: 0
server: istio-envoy

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 142ms
141ms Preflight
text/plain 54.172.114.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

54.172.114.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-114-57.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 29 Jul 2021 21:01:15 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift4de66704696ae62165936964273

GET
H2 200 46.67acb4b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5366 17 KB
6 KB 51ms
50ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.67acb4b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.87ffda71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1627592472760
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:07 GMT
content-encoding: gzip
age: 1914189
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"a31f16ddeb870cf86efd9070460b1ca5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HRF16KWFqyFRUpbi5VZWxhcRiBUrjrTa
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lK0wTwbQUPue9Hi9xhLjBaeqvX70pGMnQCQAaMIqUmVeoufmUX_myw==

GET
H2 200 / Show response
preferences-mgr.truste.com/token/636/2/80458252014835411889/ Frame E93A 574 B
799 B 153ms
152ms Document
text/html 13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/636/2/80458252014835411889/
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/js/optout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 10bf6d88f678b1373a6b9f455d934a0c12485b1f7c8fe73c7387147e505050af

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/636/2/80458252014835411889/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.amgdgt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.amgdgt.com/

Response headers

content-length: 574
date: Thu, 29 Jul 2021 21:01:16 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: T5fGaqiujkn1p3xNnoUnQ9Bdnwo0idG_wrXswYwxYXdkuqZYh4PAzg==

GET
H3-29 200 css
fonts.googleapis.com/ Frame 5366 4 KB
643 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/main~53ca99a6.6f613f66.chunk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 20:42:46 GMT
server: ESF
date: Thu, 29 Jul 2021 21:01:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jul 2021 21:01:16 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 5366 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 268506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:10 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 5366 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 01:25:07 GMT
x-content-type-options: nosniff
age: 243369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 01:25:07 GMT

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame F4C4 3 KB
1 KB 153ms
153ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

68d56da289c4d2fb5217a01a2df03c27747843c4bc6a933a4a0e7cc4a83e69af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTY1MDExMzgzNTM4NDgzMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzE4NzQiLCJleHAiOjE2NTkxMjg0NzUsImlhdCI6MTYyNzU5MjQ3NX0.h3zjL9_7KSqRfxOz_XO1FsnWTS1LrLd-_snenendzysjiWio3yoo0Vw6JVtSw7Ml4MI6rrs5izxFlRelTnzUvQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Jul 2021 21:01:16 GMT
content-encoding: gzip
server: istio-envoy
requestid: 258331e6c6d5a286
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1048
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 149ms
149ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 29 Jul 2021 21:01:16 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift28cdc65444d9b92bb4dc0c457a4
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 render_initial Show response
flow.api.drift.com/flows/ Frame F4C4 6 KB
3 KB 194ms
194ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

a3375b094825ba9422d6371cd337c3103fa8ebfc140c851f8da97437da65f434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTY1MDExMzgzNTM4NDgzMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzE4NzQiLCJleHAiOjE2NTkxMjg0NzUsImlhdCI6MTYyNzU5MjQ3NX0.h3zjL9_7KSqRfxOz_XO1FsnWTS1LrLd-_snenendzysjiWio3yoo0Vw6JVtSw7Ml4MI6rrs5izxFlRelTnzUvQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Jul 2021 21:01:16 GMT
content-encoding: gzip
server: istio-envoy
requestid: b700eac0bb06fa23
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 44
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2662
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 render_initial
flow.api.drift.com/flows/ Frame 0
0 149ms
149ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 29 Jul 2021 21:01:16 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift06d74aa4309be64e2f550b73430
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame F4C4 0
36 B 156ms
155ms XHR
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTY1MDExMzgzNTM4NDgzMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzE4NzQiLCJleHAiOjE2NTkxMjg0NzUsImlhdCI6MTYyNzU5MjQ3NX0.h3zjL9_7KSqRfxOz_XO1FsnWTS1LrLd-_snenendzysjiWio3yoo0Vw6JVtSw7Ml4MI6rrs5izxFlRelTnzUvQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Jul 2021 21:01:17 GMT
server: istio-envoy
requestid: 91a75746395496b
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 149ms
149ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 29 Jul 2021 21:01:16 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift928a62a43399307ad3b67ecdf36
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F1508015%252F0cad8da9f1058994087bcb6aa3eabda35n3b5k62h8cn%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w...
driftt.imgix.net/ Frame F4C4 18 KB
18 KB 8ms
7ms Image
image/png 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F1508015%252F0cad8da9f1058994087bcb6aa3eabda35n3b5k62h8cn%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3Df1501ae066f9c2e191f7fe20801b31ed?fit=max&fm=png&h=200&w=200&s=24d7f3f0a60f1844f594482819093f9b

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2495b7f9fe3d3877311f0f1f33bbf8543127014e9853188963db69af1e112530

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 21:01:16 GMT
x-content-type-options: nosniff
fastly-restarts: 1
last-modified: Fri, 23 Jul 2021 21:19:24 GMT
server: imgix
age: 517313
x-cache: MISS, HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 76c9441325afa7c442c2de516fd0bfafac797621
accept-ranges: bytes
content-length: 18432
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10079-SJC, cache-sjc10061-SJC, cache-fra19157-FRA

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame F4C4 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 268506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:10 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=834367414&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.commvault.com%2Fransomware%2Fbundles%3Futm_source%3Dconnections%26utm_medium%3Demail%26utm_campaign%3Dconnections-newsletter%26mkt_tok%3DMDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit&dr=http%3A%2F%2Fapp.discover.commvault.com%2F&ul=en-us&de=UTF-8&dt=Ransomware%20Bundles%20%7C%20Commvault%20Ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202329629&_u=aHDACEAjBAAAAC~&jid=&gjid=&cid=452186092.1627592473&tid=UA-2378635-1&_gid=1886509706.1627592473&gtm=2wg7s05KRLQJ&z=176565276

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 08:23:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45493
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame F4C4 25 B
88 B 168ms
168ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTY1MDExMzgzNTM4NDgzMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzE4NzQiLCJleHAiOjE2NTkxMjg0NzUsImlhdCI6MTYyNzU5MjQ3NX0.h3zjL9_7KSqRfxOz_XO1FsnWTS1LrLd-_snenendzysjiWio3yoo0Vw6JVtSw7Ml4MI6rrs5izxFlRelTnzUvQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Jul 2021 21:01:17 GMT
server: istio-envoy
requestid: 719ac9e21bb5a1e9
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 149ms
149ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 29 Jul 2021 21:01:17 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift05968aa48618bbfc9156ae5b94e
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame F4C4 25 B
84 B 150ms
150ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTY1MDExMzgzNTM4NDgzMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzE4NzQiLCJleHAiOjE2NTkxMjg0NzUsImlhdCI6MTYyNzU5MjQ3NX0.h3zjL9_7KSqRfxOz_XO1FsnWTS1LrLd-_snenendzysjiWio3yoo0Vw6JVtSw7Ml4MI6rrs5izxFlRelTnzUvQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Jul 2021 21:01:20 GMT
server: istio-envoy
requestid: 39f69e448b134b13
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 149ms
149ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 29 Jul 2021 21:01:20 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift75f7f02494296616dc43eb23590
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H/1.1 200
OK 3acf0cefe0 Show response
bam.nr-data.net/events/1/ 24 B
184 B 153ms
153ms XHR
image/gif 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/3acf0cefe0?a=242412381&v=1210.e2a3f80&to=YlYAbBdQWEEHUBJbWFscI1sRWFlcSUMHVVI%3D&rst=12209&ck=1&ref=https://www.commvault.com/ransomware/bundles
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.commvault.com/ransomware/bundles?utm_source=connections&utm_medium=email&utm_campaign=connections-newsletter&mkt_tok=MDk3LVVHTC03NDkAAAF-kmq6d_VmhuCGylkpL5lSOjZIFrAsDjKZJZ4nZbye4RUd8dKVB6nKZet0vYzV5FVYzF2f4dkVgHMjE1L2OtuzB5OXMPE8SrbLXvHdfrfBVQi6XKit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.commvault.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
prefmgr-cookie.truste-svc.net/	1970-01-19 20:06:32	Name: cookie_3rdparty Value: enabled
.discover.commvault.com/	1970-01-19 20:06:34	Name: __cf_bm Value: 0855fb984b95995238e2746b824b4cb249a97733-1627592473-1800-AehGGXlfUSYOsKwVB8A81ZN59/y8iFyQCT/Trcte3cBfaQt5ra5TMMwbWZVN6DxiP7mAIDmfMz/TCpsSli+X3O8=
.commvault.com/	1970-01-19 20:06:32	Name: _gat_UA-2378635-1 Value: 1
.commvault.com/	1970-01-20 04:52:08	Name: _biz_nA Value: 9
www.commvault.com/	1970-02-25 08:06:32	Name: tbw_bw_sd Value: 1627592474
.commvault.com/	1970-01-19 22:16:08	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A0%241627592472%3A78.39585147%3A%3A20_0%2C5_0%2C4_0%3A4_0%2C3_0%3A0
www.commvault.com/	1970-01-23 11:42:32	Name: _ccmsi Value: 1627592473376_75jgxub97\|1627592473376
.commvault.com/	1970-01-19 20:06:32	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 05:28:08	Name: IDE Value: AHWqTUnUKbGFogJSX829moIwoi71ZtVp2hRt5YXV3O3t3bwpIPAhu-dz8CPfd8JV
www.commvault.com/	1970-01-19 20:06:34	Name: drift_campaign_refresh Value: fbc5f5df-f412-4e7e-b9f6-2de7d6b22e99
.commvault.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.commvault.com/	1970-01-20 13:37:44	Name: _ga Value: GA1.2.452186092.1627592473
.commvault.com/	1970-01-19 20:07:58	Name: _gid Value: GA1.2.1886509706.1627592473
discover.commvault.com/	1969-12-31 23:59:59	Name: BIGipServersj16web-nginx-app_https Value: !RctPnrN+/Kix1Z+7iv4ewrP5TPDRs25rKZH2raXVMj2xGJzrujEs8CqJaZtUd/582LrVO4XLX9Zh2L4=
.commvault.com/	1970-01-19 20:06:34	Name: _vwo_sn Value: 0%3A1%3A%3A%3A1
.commvault.com/	1970-01-23 11:42:32	Name: _vwo_uuid Value: D7B11A576A137143A04D432D90F32F0B7
www.commvault.com/	1970-02-25 08:06:32	Name: tbw_bw_uid Value: bito.AADyHE7CBi4AAFnj5Z_b-A
.commvault.com/	1970-01-20 04:52:08	Name: _biz_ABTestA Value: %5B1513314%2C1513314%2C1513314%2C1513314%2C1513314%2C1513314%2C1513314%2C1513314%5D
.commvault.com/	1970-01-19 22:30:32	Name: _vis_opt_s Value: 1%7C
.commvault.com/	1970-01-20 04:52:08	Name: _biz_uid Value: a230632db28b430186fd583ae7a86b44
.commvault.com/	1970-01-20 04:52:08	Name: _biz_pendingA Value: %5B%5D
www.commvault.com/	1970-01-19 20:06:34	Name: _sp_ses.4f2f Value: *
.commvault.com/	1970-01-19 22:30:32	Name: _vis_opt_exp_164_combi Value: 1
.commvault.com/	1970-01-19 20:06:34	Name: _biz_sid Value: 1f1c50
www.commvault.com/	1970-01-20 13:37:44	Name: _sp_id.4f2f Value: 96f88707-6073-490e-8c46-331a030b0e83.1627592474.1.1627592474.1627592474.f8667e11-67b8-443d-9375-ba65d3e37e7a
.commvault.com/	1970-01-19 22:16:08	Name: _gcl_au Value: 1.1.36974826.1627592473
.commvault.com/	1970-01-20 04:52:08	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.commvault.com/	1970-01-20 04:53:34	Name: _vwo_uuid_v2 Value: D7B11A576A137143A04D432D90F32F0B7\|4bfeb0dc32903a74f50e8e3ceb15d25f

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?23(Line 1) Message: tbwlog: %c The following parameters were collected from the page color:green
console-api	log	URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?23(Line 1) Message: [object Object]
console-api	log	URL: https://www.commvault.com/wp-content/themes/commvault/dist/js/marketo.1ca58da0f50111442728.js(Line 1) Message: Marketo.init()
console-api	log	URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?23(Line 1) Message: tbwlog: %c Got response from Beeswax. Setting tbw_bw_uid color: green
console-api	log	URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?23(Line 1) Message: tbwlog: %c The following parameters were sent to the collector color: green
console-api	log	URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?23(Line 1) Message: [object Object]
console-api	info	URL: https://js.driftt.com/core/assets/js/16.053b05ea.chunk.js(Line 1) Message: DRIFT_WIDGET:: widget_core:bootstrap_api finished in 371 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10302056.fls.doubleclick.net
ad.amgdgt.com
ad.wsod.com
adservice.google.com
adservice.google.de
adssettings.google.com
adssettings.google.de
analytics.twitter.com
ap.lijit.com
app.discover.commvault.com
apps.pubmatic.com
apt.techtarget.com
assets.ubembed.com
bam.nr-data.net
bddbeb1bec394be790c50af5e47b2319.js.ubembed.com
bh.contextweb.com
bootstrap.api.drift.com
casalemedia.com
cdn.amgdgt.com
cdn.bizible.com
cdn.bizibly.com
cdn.pubmatic.com
com-thebigwillow-prod1.collector.snplow.net
commvault.com
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
consent.truste.com
d26x5ounzdjojj.cloudfront.net
dev.visualwebsiteoptimizer.com
discover.commvault.com
driftt.imgix.net
embeds.driftcdn.com
event.api.drift.com
flow.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.w55c.net
ingest.tidaltv.com
jadserve.postrelease.com
js-agent.newrelic.com
js.driftt.com
marketo.clearbit.com
match.prod.bidr.io
metrics.api.drift.com
ml314.com
munchkin.marketo.net
my.ipredictive.com
nai.sharethis.com
oba.media.net
optout-service.unrulymedia.com
optout.bigsea.weborama.com
optout.mediaforge.com
optout.nxtck.com
optout.prod.bidr.io
optout.steelhousemedia.com
optout.thrtle.com
pixel.mathtag.com
pixel.mintigo.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
preferences-mgr.truste.com
prefmgr-cookie.truste-svc.net
privacy.tapad.com
px.ads.linkedin.com
px.owneriq.net
px4.ads.linkedin.com
r.turn.com
s.thebrighttag.com
segments.company-target.com
sentry.io
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
stats.wp.com
t.co
tags.srv.stackadapt.com
targeting.api.drift.com
tracker.mrpfd.com
tracking.intentsify.io
tribl.io
trk.techtarget.com
u.openx.net
www.commvault.com
www.google-analytics.com
www.google.com
www.google.de
www.google.pl
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.mathtag.com
104.111.234.67
104.111.242.53
104.17.73.206
104.244.42.133
104.244.42.3
104.36.113.45
107.178.246.49
108.174.10.14
13.224.193.101
13.224.193.116
13.224.193.30
13.224.89.225
13.224.96.102
13.224.96.5
13.224.96.71
13.224.96.79
13.224.96.9
13.224.96.94
13.224.96.96
142.250.184.226
142.250.186.70
142.250.186.98
151.101.12.157
151.101.13.131
151.101.13.27
152.195.15.58
162.247.242.18
163.171.128.148
18.168.223.221
18.214.90.16
192.0.76.3
192.139.80.44
198.148.27.140
199.127.206.102
199.15.215.8
2.18.233.180
2.18.233.201
2001:678:cb4:bbbb::11
206.19.49.24
209.234.224.22
216.52.2.39
2600:9000:2190:5400:1e:d8cf:91c0:93a1
2600:9000:21f3:9c00:10:8317:ee40:93a1
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2004
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9b
2a00:1450:400c:c07::9b
2a02:26f0:6c00:2b0::25ea
2a04:4e42:3::720
2a04:fa87:fffd::c000:42d0
2a05:d018:24:b002:2591:850:d183:b9b4
3.123.143.157
3.223.164.212
34.198.176.1
34.209.134.165
34.222.194.4
34.96.102.137
35.188.42.15
35.201.113.59
35.244.159.8
46.137.132.32
52.208.178.181
52.3.52.82
52.48.207.187
52.49.238.187
52.72.74.246
54.147.21.139
54.165.186.74
54.172.114.57
54.173.185.122
54.220.197.152
54.229.143.145
66.81.204.42
69.173.144.165
70.42.76.111
74.121.140.207
014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55
0265a290c1953b81daba9d6ca2f03b2c376ba7e2cea3f03304a119a9be4db13c
02d1d89dc88a1fe5cc26fb3ccb67719974af93a40bef218306d8bafe00a76ce7
03956e7b0dce1325f980f9af98b6fd282939e9fb7b8df626d6c3c2a5c579d6ab
04798a4773dd2ffad6cdfbe9d2380b04c47067a3511f8ab601cd92ec09a180fb
04f707eda2c5beec54340f9c04f49c9d125930d510e603aa5b89683bd54f8367
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
09fdb2959efa7f317724a5762ad6dd73d941613bfd3764ed8be04ddbc4338b4b
0b70264d4ea73277942a2d9ed530d64fd520ffcbcf4e1f810099515400b18d9a
0ba3abc48830ec83531ca340194c6b625ac66f0500565fbf2ac23ba72cd8224e
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d7752f97f73af016f148f80d669b03f320972b9ef3a8b5a23fea3da9d5017ce
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f06a24e50f3b15d08a16ef4c8e05d8f6e1154d8422c424757872b905559ccf9
0fa9178d617a871e16de3f9411a3b7e0f1b82b6d70bb10a291a644f870490d75
108cdfbbaf23107b7237a8db701db0fa3f324a9710533aee39b3196bf039ca9c
10bf6d88f678b1373a6b9f455d934a0c12485b1f7c8fe73c7387147e505050af
10deca523f2d7d41a77738b61b503fb9ec9f7c8e5f96d34b4e760f7ab807983a
13749f5c9699919bdb871c3d5084a838e1aa64867a65e3ab58d87e4401c2c0da
13f5ddb50d8506f227f9ed4039d935ccbea8390f52b946c11de4f73a7dabbcc2
1894442bd6d6f164b8daa1cd0901ed86f73d88efceb3dba89e568691311d0351
19aa34f68fab8b539ea06a12b2e6c78f9631c87ac76c4eeabfa0747affbddc13
19ba46a737c4ea068c02cc67c28881e49b08ef9806c7ec97cc2cc6574f8e8ec2
1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda
1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77
1fd8116c5077210f907d45572f6d6c26864ebf8f1f2f6fb697d960d77e01e049
1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5
203e4390dc46f359cded845d3340733a2bcbb487bf740e00876c28dc72cc1dc2
2121ef2df19607e5ab111e8de9f4d838258812529ff531e2542407d5a83d9b64
21342775ea918aa6ffecb96b21e137546fbb8a40b547e980afdf171f69a9ca9f
2255185879f426470581e641aa204a86291a4094d8415c840337a2625ed218d2
22f64a803b2224e6e2d0cecdd0b215e90677133df95247b36e72bcfc7910a1e3
22f7949c48e923e309d41a6f4821aa9a95cb9981156a4038acc9a3c4b2974798
2421c837293ecd73e03768eb916e9356b683784c1e5eaa56998f184982718a89
244c6dae6dcb45d4f8890326398b2e39628b713f4f37f327a492b5b163083d72
24508b82a87ed41e1dbec0e55a404055cab488d5417d0a0352adb1551ff98aa0
2495b7f9fe3d3877311f0f1f33bbf8543127014e9853188963db69af1e112530
2515f2f551001962d9194fc3df4ae3b40b0ca9f9e5fd0b067e7c50a7dcb0dd29
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273d5708bde5ff46c08e2a3befb04ef8b8ed4b718d93d6e560e58577e9a9cf00
28e921bafa5c49687bc830cafd01213f5df3b010491c01c08c45805ab9b91976
290949beaf757eba1e44e44a9515b5d6fcf5f03789289559275e38e95a8b50ca
2c7a320eaba23618a6c6a4dd8f2915868e429ecdea4fa58cbd4d7e7e4f1fb5cf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef794e6984277c05c475b8eef5d63fefef122b5277c4ae2a642d1be51061a58
2fc144fae13962c0d391f4a75a0ec528c0aadd48b23acfdb0f296ffd7d339adc
3063abd7d75444bd47575536443c8c417b17a537f844130fdcb03d9e50ef2e2e
33abda5c2c78c9960286bf2504b6f01dd3decd8b9e1b7302bf7bb7530c38e2d0
343b6b76c4eaf490723878ae86c83a87f6326a8917dc58c5eb7275bbb73bdc02
37d8b20dd28c024cdbd047c8b7485d66a4ff8baf2db1f9cb6672268aa868646e
3919f34c3a95cde7637d96dd9197de60f872aec7685dcfad94cef33fd8bbbb53
394501285db9fa9e4178a4e81181331254b1541bc64ec10050eb58c48052d1d6
3975ae177459f79bf5425cf9922417e008d8e1e9238cb2fd4a79598c8d312d2b
3d93bd0db1f3585a348a2f4df172df589bb16acd40c1b281048b96186299b6ea
4063e72c353fcac556ca10a2d6d26666e4b486aaefaa1872585b3f9e88b91adb
410f8a8179290466299f6eaf908342c45bd907374f8c9a0d417958352c50e970
41a48b42a08a8c8ec2dbacca5a1d65b6cf2f3b1eef1803c847868f0ce62977e0
43709d7764d2c0cecb40c69144da5ff053bafa5fe1978521412589e31a8d64b4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47063f41c3b5adc05187ae338b281af3da4221f206c52a9e20bb1825092a9e46
48c9dac830d941a37b04621bfd4e7874dc8185c18a7380f57d73ad18e4e684c2
495add115f5762d690c4f9fc3fd8ea80a7f46484901ac04947cb5fecfa6d5baa
4da13fee9fdd70e43b89815664cdc7ad3d0f405c203384b31be3455656d012be
4f2039be8cc7cc63909e39af84cf3aa23a41c82274315bede158840a81cba2fe
4f2d533dd62be1778213380be645e8baa46fab10f03a8b408b9dd0dcaf06b7c3
500fde27032e0b51f18ebde6f93a6ac500a0bcfc86090861020c0a4a0f6924ef
51033ca959567bd01090659e6af136f40e5a0d8965069a47c1e30455cac9e759
510403f36d77cf2e8d8dc92c332d9e8cbd786bd5e97d542681e3f1afd50e78fd
52fb5b732e6535f9068566abb3981c26d7c8f47b9447f1f7c29cab7f27001b8b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
545abf1f20e3a95dda703a36ba3859a6073790ca731040fc0bd0365298fc408a
548cbb31ad32a5038c9cf9f2440ec5da8f2ad8f8c17ced1c9c85a310ed6d175b
55b6f92da77357e33d80dc8799f4819168ebb769fe84e5d62580226e70179e0c
55eab572057d82c21e4b1e4f5ad730776ce165bf9fb7f4c01cef1307fef110c2
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a72340c7914517e45231367dfc3b1f6d7bea9bee4fafa6e139f2cf0a46014b3
5b1fd843d82679f2ab6e46679f464d7af2241a4b0f02613281b290a35e14e4a9
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b
6531d4fd95842f4c5c4671379df4c385e7de3a7043ad7fd9300ae82fc0d399d0
67175599b4bdf8d3df9fa17e11d12ea2396ad2f6997a70b44e701966b930ec8f
68d56da289c4d2fb5217a01a2df03c27747843c4bc6a933a4a0e7cc4a83e69af
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
6ac73beb204cf677c039f284f52b988dc3f1c997465005cad53b9bfa75229df6
6e0cef5f730514ce810a9071373e2f7d98f5c0577fb6ba720840fb94254ebcbc
6e26dedab9d45f38b7a6ecbfcdd2a53281d5f40b2b6501f58100883e263e298a
6e318fbd317db76a531e8e0c6e47f3e7c332ead501516090878e3352c591c250
6e60407537ae8be31f1c4776a6e6ff512a603ef7a1fabc8f6386ff2410b16d31
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
749e029b351c0635421937357a3e18f89efa39dc8beccd940b7d6cd29c82c95b
75f939280b5dd72557c69b742c4a10298be8a9852a403e22d28a7bf85ad4b92a
77e3ec7dd3563b1285140be8908f738bf22d6c93ce83c799fe0a64646f484489
784b3e56f6d5e1714f8134d3c2fcbe70e2746b025c64a74a492edbde4ca2b7a0
7af50cf95aee25377e0d294dfd490228f7bfa3829a47298137dd3495811cb4c3
7cbd17cfdf0413b4b9cd51616ba542bcb43bff184d80dabec77f6da7b24411c8
7d35eba870f50886a6a0813fcbcc005c0a5cd952c3e4c407980854b33c64fe8b
7dae1cb5f95934b6f1fd5cfa9deab8bf94ab6cb861a2b9df15bc55bd68ba6a55
7ec488c1b6360586de32c3dbf411e9648a2121daec9027a3599eb91ab2e21e68
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
81c7ca1a6e3e736e50c22cdab15a4d2ef8938e82843ccd8f9e3f6c3d948eb428
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84996f621223631b4456dda9b9decd3113c4499ae3e6c56b480fc19fc7078f54
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85394914807c18a79c9cd90140f3c494888d2cd9689d68835bdfe830545b2e36
862dc87fba8cf3233eedca7a7b8a3f4a99659743c06233a59193251e0cc63887
865bd4ece0b197f219858f3e24543e38b78e56705b0c5bccd85d419cebc34ecb
892af2ba7758cbe009692eb0bc3e5a3b0fa5a15925d309a0d1fca2c229934982
8b1cde8728d81dbecdb552749f3634b7cb3b78f10d5b51092da49ae10041b085
8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e
8c58a438125e389f81b62999773d8d6cb9e25828bb6049248faa04c12d2bc8a7
8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5
8dec14782b923cc6c03f1dddf55354b92f4292d0ad14777f0c645e2a7f7c68e2
8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31
912fde03a57918e7a21f00cd989f423d93be81c526c44b582d171c9a4c2fb192
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
951a3b8ec1c6a0ae2767a3bb90ba6995397c5d13bd7ff79ea0bc87529b8024ea
952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303
9602f449056d417899555bd6be3cb75936c2ea1c615c0c580db550ae7e0ed1fe
9821ab0c2c0ec5b01063600d74683297ce2374c280142908a947ae553b60a027
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
990e7b339281a351d6313922516a2fd02adaa37d8cc42894cd68cd49a4dacd64
99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1
9d058101cbffa6400719e6c7b3d58b72f715532332d6694d41a787a0ca99fc84
a0035b45fef84710f720867a1f0b4889741e052d076000a7832d7725fa82f89b
a196eb5557b9a8bd1752f3d901342a766f0faac96c67a062c468fc41e89f024c
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a3375b094825ba9422d6371cd337c3103fa8ebfc140c851f8da97437da65f434
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a53b1b2ec9a929797aef0e5551027b0900a071dd319464c02b8870468e53ff69
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
a74658bf5343a652a1c98487e3a622b1254a40442fd5d9b9b887ee99470cfae9
a84d6b5a26df2f5550f066a6f55ffda41c871a58132a2e639c296631e687f59d
a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d
ab041c9c625633155ea7f9eba22f96e40b4102c3286214e54c5a5d17e8c0bf78
ac446478190f57e1318e7127722958b26631ae32f7e3d3b54c0fc81c01c1227f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba
af0c018e8d1b0a543039bba1392de0a0f5ec6daed39fc2b111559ec3d215d797
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b358b127d95abf969d41c6d9a9e24d713b169574c4b0853cd7075a98b84f3a9d
b413a73fdf00988d82df4d60171eebfd3854cd7cb3fd975befd39ef1448c3fc0
b9700d90d62905b603251007235395438461d017bb4a5353a0580dafc4375a79
bfcec94789c0f9f5d4a83415bb9aa81b26799c5dd089a06eb976e03087ed7a87
c43c886bf61b4893422782d4b1cf52e0f5eece2bed4fbc1ef7572e0d3dc0908d
c45a37dfe44d39427cc8f1bca159f4e5f87756d285e752dde2ac1519fbe98608
c4f74b02ce64c1bc1166ff6be0b2c0e05e243a93932f34dced5e4d0b45603fee
c70b3de4e0117b2aec63f29a08bb190d680fb70b87816687b4dedeb7959043ab
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c94531eed7b28e06a929e1a001be4c117d296a8159c395aae04e5986c2e0dca2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cab253317091b70a26f8c1346bf32ba2db1b22932ac8eb6e8c61c84e85f8e5ff
ceff454e98692c318f54bbd7a7dcaedc1a662883d8b87194ca6450ba697bc6cc
cfa76b1c4ea631c14e2bd76a3061da97e0954a6bde16f6e772bace1261f28eb7
d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4
d53579d075f3e05299f0e771827e8c701f75966ff410ecbd47265a037d75f289
d9802af64401b98446e9674c0f11b5944c2eeb0d513bf444679e7707114286ae
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de22a1f465480545ea9595d61c16ad21ad40e6b2509cca0e76d2601980e52988
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb21dfcb98f4f6ece52e2966a42f271f445772743d474206cf0652485d10b2c
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df9eec77780d071a2def5665a05435c4e19664cf3c4ded0f0c3ad44b568c4a2a
e35a14e5f53bac72c9f61d2dc74b2f7e2e84f2bc67ee4ab7bd3020d1440415f8
e385ea7c31566e5ac19a795268fcc4d94015532f5ef5204e16cac2e4cce02f34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e713fb1806415485c8740f6cfcf9bbf8e88ecd4a3cd2984d14120ae1167b3263
e8d08bae70ed238be5dd51ddabcaeda3cdb6b6675028f812a9c989cbdd2422f3
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e93699f0fb07453e6dfe98f37601dc3b78790020a52b828641f51c235d16d6a0
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efec5394dfd449bbe933fad5abd3dc6991d17596494f4cd12990a8e35b33e3f9
f035e691d8d6bc66d831df7b4bab4405f9f17bb32da301a753f8dd5771dcc9b4
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f297d86ba48bf8d3e53ecf98069f478077172686502a601fb79c6ac17ef7e96f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8
f567f6c3304eed48c3eaa58c53b95eb31f2488ccd23f2430070e26481e068b2f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f798a81dba19f4306286b4116fe2102152868fc7967a4dc9103333277be90d0f
f86e08b2390d477db93fb1f6549ef75530790c121d24a531a6acb0c0b811fceb
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
f94a6a5f095447cb89d131adfeb05a4be74e36dd26b0c0223e91b3d855c364ce
f95d88f8b15bd8f3054008f69c0a154882d2612b08148e789680cd27cea57749
fa48baa21fedd452bec0791a07799f1df9bf50b15fd1d4137d099f2194ec513f
fa6055bbc555e30f542c41bd7e5733a3c759f1ea7d1921196d03427af7d24a41
fb2d0335b96fc76dbdd22b363289104c3d3cbcf93018b03c22c97251690e8d3e
fb7b878ca8be327909d9dbbaf8f2920ca3e81cda6c3ecc9dc041b725bb323203
fdd650406adae0fb686277bda711756d1e219ae4f4e2569892661e6578689d2a
fde247cb6279540b89d49510e8a03ab31a90b69d3da48d21268104cceead3848

www.commvault.com Open in urlscan Pro 2a04:fa87:fffd::c000:42d0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

278 Requests

100 %HTTPS

29 %IPv6

69 Domains

94 Subdomains

63 IPs

7 Countries

2878 kBTransfer

7117 kBSize

28 Cookies

17 Outgoing links

Page URL History

Redirected requests

278 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.commvault.com Open in urlscan Pro
2a04:fa87:fffd::c000:42d0 Public Scan

Screenshot
Live screenshot

Full Image

278
Requests

100 %
HTTPS

29 %
IPv6

69
Domains

94
Subdomains

63
IPs

7
Countries

2878 kB
Transfer

7117 kB
Size

28
Cookies

278 HTTP transactions
0 data transactions