get.armorblox.com Open in urlscan Pro
107.178.254.45  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= Page URL
2. https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

• https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value= HTTP 303
• https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1

Request Chain 50

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1673552684504&url=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1814324%26time%3D1673552684504%26url%3Dhttps%253A%252F%252Fget.armorblox.com%252Femail-risk-assessment%253Futm_medium%253Dnurture%2526utm_source%253Demail%2526utm_content%253Demail5%2526utm_campaign%253DEC%252B20220130%252BPhishing%252BBOFU%252BMini%252BNurture%2526mkt_tok%253DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1673552684504&url=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1673552684504&url=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&liSync=true&e_ipv6=AQKU4zET3KRyAQAAAYWng2d38OP_qcVJ3iF62LsQ18fHwQloywMH_eKgMLrsbdpwr2va6OW_vUbZ

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	302	MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= em.armorblox.com/	642 B 1 KB	942ms 650ms	Document text/html	104.17.70.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-NmLUjVkqJ5wXeNGPe/m396QJlrwCnEOGRIZceGBBqX8=';object-src 'none';form-action:'none';frame-src:'none' X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, no-cache, no-store, max-age=0 cf-cache-status DYNAMIC cf-ray 788863695d7e2c2e-FRA content-security-policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-NmLUjVkqJ5wXeNGPe/m396QJlrwCnEOGRIZceGBBqX8=';object-src 'none';form-action:'none';frame-src:'none' content-type text/html;charset=UTF-8 date Thu, 12 Jan 2023 19:44:43 GMT referrer-policy strict-origin server cloudflare x-frame-options SAMEORIGIN x-request-id bfb683dca9898760
GET H2	200	Primary Request email-risk-assessment Show response get.armorblox.com/	100 KB 20 KB	281ms 148ms	Document text/html	107.178.254.45 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Requested by Host: em.armorblox.com URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.178.254.45 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 45.254.178.107.bc.googleusercontent.com Software openresty / Resource Hash 6d824bbd9679b1f2d7667e1d4e1283a12a30e6255e68e32efd7fdf4633bb9861 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://em.armorblox.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * content-encoding gzip content-type text/html; charset=utf-8 date Thu, 12 Jan 2023 19:44:43 GMT etag W/"190a2-2YDKwWVJzZ3BBSs1w9V4HhYeJwg" server openresty strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 google
GET H2	200	utils.cd5b4894ab46ac49c25b.js Show response g.fastcdn.co/js/	48 KB 17 KB	55ms 15ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/utils.cd5b4894ab46ac49c25b.js Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash e75c0e70c08e4e0a7bffba6f38cf6ea271628025a000bd833d2756eba9641155 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 10 Jan 2023 10:00:49 GMT content-encoding gzip age 207834 x-guploader-uploadid ADPycdsJWV08XHz2hIxtlV440B36Ch5bojg5b8UnK-ZM4L1hnYwYkzyXEJ6cH5pH0vfaKmSz2mkACqsgVRO_D094owAjdun4G3JX x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17098 last-modified Tue, 10 Jan 2023 07:01:36 GMT server UploadServer etag "cd15442cf5e42d22fa02ace9ca1d14e2" vary Accept-Encoding x-goog-generation 1667922115170526 x-goog-hash crc32c=eSmR5g==, md5=zRVELPXkLSL6Aqzpyh0U4g== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 17098 accept-ranges bytes expires Wed, 10 Jan 2024 10:00:49 GMT
GET H2	200	Cradle.c8a924beaefacc03f9bd.js Show response g.fastcdn.co/js/	69 KB 22 KB	77ms 38ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/Cradle.c8a924beaefacc03f9bd.js Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 29488b6f6eb7029352043262473dbf538ed8a3a3cf56366c7a28ad867201d6a9 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 29 Dec 2022 09:05:36 GMT content-encoding gzip age 1247947 x-guploader-uploadid ADPycdt1zz2ALkNj-A7zb6800j7InJCH3qhnoG_fgcW1U69YkWnCv_IrJ4MzoK8jhn2kz7swIjXeg6AP02sgOFo3COAAUg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22633 last-modified Thu, 29 Dec 2022 03:23:04 GMT server UploadServer etag "3652c7233d6cd62190c50535f6ea2b6a" vary Accept-Encoding x-goog-generation 1669712533927517 x-goog-hash crc32c=M7JJVQ==, md5=NlLHIz1s1iGQxQU19uorag== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 22633 accept-ranges bytes expires Fri, 29 Dec 2023 09:05:36 GMT
GET H2	200	LazyImage.90aa95d960c719e556c2.js Show response g.fastcdn.co/js/	52 KB 18 KB	58ms 19ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/LazyImage.90aa95d960c719e556c2.js Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 33d8530b93be01d17376edac4fba53707abdf445c0c4d14ee0e7a2675e85190b Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 10 Jan 2023 13:25:13 GMT content-encoding gzip age 195570 x-guploader-uploadid ADPycdvfkiTtdWEg0-NaTkK6SI5bAGvSIWfrcugcIG-qwPyy478w-q4oU4cqn1U6iy1axuNaqx_r354izjFG3oysgPdY8A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18367 last-modified Tue, 10 Jan 2023 13:13:41 GMT server UploadServer etag "1c1dcf03f51d68d57a3f15a4484d2310" vary Accept-Encoding x-goog-generation 1667922113480386 x-goog-hash crc32c=jy3Uxg==, md5=HB3PA/UdaNV6PxWkSE0jEA== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 18367 accept-ranges bytes expires Wed, 10 Jan 2024 13:25:13 GMT
GET H2	200	Form.9913500b352375ec139e.js Show response g.fastcdn.co/js/	143 KB 40 KB	69ms 30ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/Form.9913500b352375ec139e.js Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash ccb951804762fc8c89c8941c2bec562454d67fd6f9d96b953693c69364ef4b71 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 09 Jan 2023 16:14:05 GMT content-encoding gzip age 271838 x-guploader-uploadid ADPycducSJ0hWHh-Sc1GrvHGRzTHT3K3O0e9KYRw8es2KkhUgYDjPrGIDegL8oEex6NQ0nn-mwzgEkICgm_NbWEr_YM3TIFHEsCC x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 40757 last-modified Mon, 09 Jan 2023 15:48:35 GMT server UploadServer etag "57ffebccc38c2d36fda70a5e7a046a69" vary Accept-Encoding x-goog-generation 1667922113297928 x-goog-hash crc32c=MUWAsw==, md5=V//rzMOMLTb9pwpeegRqaQ== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 40757 accept-ranges bytes expires Tue, 09 Jan 2024 16:14:05 GMT
GET H2	200	inb7ckm.css use.typekit.net/	7 KB 1 KB	499ms 411ms	Stylesheet text/css	2a02:26f0:3500:16::215:14a0 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/inb7ckm.css Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 9f7b6c17f9409ce5b733691f88f4a015367af391ded40d4b606d966a01fc0b33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Thu, 12 Jan 2023 19:44:43 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 981
GET H2	200	57059132-0-mobile-corner.png v.fastcdn.co/u/79d65996/	9 KB 10 KB	418ms 383ms	Image image/png	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/79d65996/57059132-0-mobile-corner.png Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb441bdc85ade1f0d86d8a5e84c060d0182c51a7318d93f237519016026302ad Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:43 GMT cf-cache-status MISS x-guploader-uploadid ADPycduYsi3SKqpE7mGiIR9z-4LAJZblIN-C59PQFFhZHbP38I6VLL2UX8eAnlvtv4tQ71tF0DRtXmHBRxNSGaFH8lIk9VWrT751 x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Sun, 26 Jun 2022 09:22:18 GMT content-length 9269 last-modified Wed, 05 May 2021 17:22:18 GMT server cloudflare etag "2ab73e42378bb626bb9a13c05d127006" vary Accept-Encoding x-goog-generation 1620235338634448 content-type image/png x-goog-hash crc32c=GU1acA==, md5=Krc+QjeLtia7mhPAXRJwBg== cache-control public, max-age=315360000 x-goog-stored-content-length 9269 accept-ranges bytes cf-ray 7888637038672c5b-FRA expires Sun, 09 Jan 2033 19:44:43 GMT
GET H2	200	56967142-0-sj-logo.png v.fastcdn.co/u/79d65996/	4 KB 5 KB	147ms 146ms	Image image/png	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/79d65996/56967142-0-sj-logo.png Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd3252a17ff7cd1ea02b8921df260ddcb9ca96d61f252898421fc4b4df796262 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT cf-cache-status MISS x-guploader-uploadid ADPycdsjRy4dfR8CxKp0g2swyaaFfs_cVnc1YXgK5HEf8SI-z-ezBX4bpwBtbhajPiOT_FqmrNZONcHxs5isNYYTd_Y6DA x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Mon, 20 Jun 2022 09:50:19 GMT content-length 4340 last-modified Thu, 29 Apr 2021 17:50:19 GMT server cloudflare etag "800768f54e323c905bae464bb9088d88" vary Accept-Encoding x-goog-generation 1619718619753604 content-type image/png x-goog-hash crc32c=d+j9KQ==, md5=gAdo9U4yPJBbrkZLuQiNiA== cache-control public, max-age=315360000 x-goog-stored-content-length 4340 accept-ranges bytes cf-ray 788863727c892c5b-FRA expires Sun, 09 Jan 2033 19:44:44 GMT
GET H2	200	56967117-0-riif-logo.png v.fastcdn.co/u/79d65996/	2 KB 3 KB	363ms 363ms	Image image/png	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/79d65996/56967117-0-riif-logo.png Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80a5905d0c720c3ac1496d65b19a07eb6e8e9bdc390a2e66f35a73a90c878da3 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT cf-cache-status MISS x-guploader-uploadid ADPycdtE-g8qPUPh-C4e52qasd8TaCWwwobBWyQjCYuH-gOy0IZLAIo3_UnJpEqVwrgWy15dcAOS_SM3xxqhQlRCyxnwCg x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Mon, 20 Jun 2022 09:50:19 GMT content-length 2510 last-modified Thu, 29 Apr 2021 17:50:19 GMT server cloudflare etag "29dbd566509127afca764dd945209859" vary Accept-Encoding x-goog-generation 1619718619474306 content-type image/png x-goog-hash crc32c=mXOKAA==, md5=KdvVZlCRJ6/Kdk3ZRSCYWQ== cache-control public, max-age=315360000 x-goog-stored-content-length 2510 accept-ranges bytes cf-ray 788863732da42c5b-FRA expires Sun, 09 Jan 2033 19:44:44 GMT
GET H2	200	56967122-0-DefenseStorm-main-lo.png v.fastcdn.co/u/79d65996/	2 KB 2 KB	356ms 353ms	Image image/png	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/79d65996/56967122-0-DefenseStorm-main-lo.png Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74b140adf64678aeb5184bb1f92d3f38d4f2e362243d235eaf5aaed4722cac97 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT cf-cache-status MISS x-guploader-uploadid ADPycdtaxiYKFeguTi2JyY8z553TkwrdMdHosECPXXd-4gTh-67CVpMVZtNbs80tobH8tXr2w-MLbUs5qdsl8TOBq74Wug x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Mon, 20 Jun 2022 09:50:19 GMT content-length 1954 last-modified Thu, 29 Apr 2021 17:50:19 GMT server cloudflare etag "1385505d8e680aea49c58f846e29fcae" vary Accept-Encoding x-goog-generation 1619718619627200 content-type image/png x-goog-hash crc32c=nZ3HfA==, md5=E4VQXY5oCupJxY+Ebin8rg== cache-control public, max-age=315360000 x-goog-stored-content-length 1954 accept-ranges bytes cf-ray 788863733db12c5b-FRA expires Sun, 09 Jan 2033 19:44:44 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 965 B	376ms 23ms	Script text/javascript	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 552 x-xss-protection 1; mode=block expires Thu, 12 Jan 2023 19:44:44 GMT
GET H2	200	ReCaptcha.43fb89c574f408e126a0.js Show response g.fastcdn.co/js/	52 KB 18 KB	15ms 15ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/ReCaptcha.43fb89c574f408e126a0.js Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash acfdaf4afcf8d2b32adae458f1e3d5f56fe3e84f7bd080e3f2043a195312c8e3 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sat, 07 Jan 2023 20:53:58 GMT content-encoding gzip age 427845 x-guploader-uploadid ADPycdu0nQtLnsR2qmzdoSAH-q9691yaf6GNDhECe3l1Nu9Q19dQeLEgpDYCnBr87KUYiO1YApk8vfqBfibKA_7uL0xXaJjmtcof x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18161 last-modified Sat, 07 Jan 2023 15:09:35 GMT server UploadServer etag "59888a29d1f201e46971efffde52f375" vary Accept-Encoding x-goog-generation 1667922114224514 x-goog-hash crc32c=7af5Dg==, md5=WYiKKdHyAeRpce//3lLzdQ== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 18161 accept-ranges bytes expires Sun, 07 Jan 2024 20:53:58 GMT
GET H2	200	lib.js Show response heatmap-events-collector.instapage.com/static/	24 KB 9 KB	485ms 132ms	Script application/javascript	34.71.95.65 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://heatmap-events-collector.instapage.com/static/lib.js Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 65.95.71.34.bc.googleusercontent.com Software / Resource Hash 5adf96e308da99ff859ce9f9def91ab592aaf77f0cd528a09727c40dbccaac5a Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip x-permitted-cross-domain-policies none x-dns-prefetch-control off x-xss-protection 0 referrer-policy same-origin last-modified Thu, 05 Jan 2023 10:57:02 GMT x-download-options noopen expect-ct max-age=0 x-frame-options sameorigin content-type application/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, must-revalidate, public access-control-allow-credentials true accept-ranges bytes expires Thu, 12 Jan 2023 19:49:44 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	377ms 29ms	Script text/javascript	2a00:1450:400d:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 12 Jan 2023 18:21:54 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 4970 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Thu, 12 Jan 2023 20:21:54 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	270 KB 91 KB	377ms 30ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b8520766aca084fad195ed02910ccdf9c4533a6fd18769bff02546b4964b45c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 93132 x-xss-protection 0 last-modified Thu, 12 Jan 2023 18:56:52 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 12 Jan 2023 19:44:44 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/	1 KB 2 KB	359ms 7ms	Script application/x-javascript	23.45.104.85 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin.js Requested by Host: em.armorblox.com URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.45.104.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-104-85.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Thu, 12 Jan 2023 19:44:44 GMT Content-Encoding gzip Last-Modified Fri, 09 Sep 2022 01:18:39 GMT Server AkamaiNetStorage ETag "92b41a298690c047b0c4602dd843cba4:1662686319.691662" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Content-Length 728
GET H2	200	p.css p.typekit.net/	5 B 181 B	106ms 7ms	Stylesheet text/css	2a02:26f0:3500:16::215:148b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=inb7ckm&ht=tk&f=17001.17002.17003.17004.17005.17006.22621.22622.22623.22624.22625.22658&a=3197966&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/inb7ckm.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers accept-language de-DE,de;q=0.9 Referer https://use.typekit.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT last-modified Sat, 16 Oct 2021 08:18:43 GMT server nginx etag "616a8ae3-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
GET H2	200	it.js Show response cdn.instapagemetrics.com/t/js/3/	54 KB 19 KB	363ms 12ms	Script application/javascript	34.120.27.38 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.instapagemetrics.com/t/js/3/it.js Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.27.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 38.27.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash 853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 14 Dec 2022 23:06:48 GMT content-encoding gzip age 2493476 x-guploader-uploadid ADPycdsIj8NfC-XV9qI5wSvCZG0a3LAC2XnJk9rD3uPH7SMYJplFi2KifAjs9gBQK5c4vI1LaF2J9EAlXAHtwYXV96dR5UxwtZPF x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip x-goog-meta-tracker-version 3 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18709 last-modified Tue, 28 Sep 2021 11:50:58 GMT server UploadServer etag "84d2ba50a82d2c43fac196cf9ce05f68" x-goog-generation 1632829858360680 x-goog-hash crc32c=9jCvxw==, md5=hNK6UKgtLEP6wZbPnOBfaA== content-type application/javascript cache-control no-transform x-goog-stored-content-length 18709 accept-ranges bytes expires Thu, 14 Dec 2023 23:06:48 GMT
GET H3	200	sptw.e0d3d3700fa08797ac40.js Show response g.fastcdn.co/js/	61 KB 20 KB	17ms 15ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/sptw.e0d3d3700fa08797ac40.js Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 5423ae379066f5f2fc49615503ebf44976ffbea83e26c907f77dc34ffd193f5b Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sat, 07 Jan 2023 20:37:58 GMT content-encoding gzip age 428806 x-guploader-uploadid ADPycdt2wEyd3dZuXe5IMiVh5cXLvDdJrF-NoKvYDfEp2QBMHfKQsLejrV8XfgDsWftN6CK3pb1yelHBEbNtXYDz88iuGQ2ytqik x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20466 last-modified Sat, 07 Jan 2023 15:09:36 GMT server UploadServer etag "cc583c4bb5191b6069ae4c99c5839f23" vary Accept-Encoding x-goog-generation 1667922115001183 x-goog-hash crc32c=op73fg==, md5=zFg8S7UZG2BprkyZxYOfIw== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 20466 accept-ranges bytes expires Sun, 07 Jan 2024 20:37:58 GMT
GET H3	200	cm.js Show response g.fastcdn.co/js/	51 KB 18 KB	19ms 17ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/cm.js Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sun, 08 Jan 2023 13:28:35 GMT content-encoding gzip age 368169 x-guploader-uploadid ADPycdu35Ao_vWrRTvv3VDi-9iAxUMxtjPhD2AeISv5XAcsLXw0eLZixF2rEo3osS22u4x3Fup_FoBrg_oj-xIQnL9Ynzg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17906 last-modified Thu, 30 Jun 2022 02:12:17 GMT server UploadServer etag "8e466d98fa1f746c74b1b409d20a0cf3" vary Accept-Encoding x-goog-generation 1656555137097208 x-goog-hash crc32c=ZpZBfw==, md5=jkZtmPofdGx0sbQJ0goM8w== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 17906 accept-ranges bytes expires Mon, 08 Jan 2024 13:28:35 GMT
GET H2	200	lp.js Show response metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/	6 KB 6 KB	398ms 47ms	Script application/x-javascript	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 10261b710e399a8cee22c8ff4118167d91ac58254f5bf0291036d2219dd5cf25 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-sp-metadata HS256.CLzigZ4GEocBCiQwZjNlYWJkMS0wYmZhLTRhMDgtYWZiZi0yNTBlOWU3MzZjNjUQiImahPnD+wIaBgisxoGeBiIMMzcuNTguNTguMjQ4KIrsAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkYWQ5MTI2ZjktYzM0NS00MDk4LTljOWEtNjY3ZWQ3MzNmMWQ5GJAtIhgIAhIUY2RzMjY1LmZyOC5od2Nkbi5uZXQ=.p68fYdFJNgS0Yfp38EbEFNq65iQlKybc3HnNnSOmiWU= last-modified Thu, 22 Sep 2022 17:10:43 GMT x-amz-request-id tx00000000000023c1064fe-0063bef568-42f5c793-sfo2a etag "9a8767fa98da937fb02cdbbc52a101bb" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin x-hw 1673552684.dop221.fr8.t,1673552684.cds161.fr8.hn,1673552684.cds265.fr8.c content-type application/x-javascript cache-control max-age=511164 x-rgw-object-type Normal accept-ranges bytes content-length 5776
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/png
GET H2	200	49535960-0-Armorblox-Logo-33058.png v.fastcdn.co/u/79d65996/	10 KB 10 KB	343ms 342ms	Image image/png	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/79d65996/49535960-0-Armorblox-Logo-33058.png Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9c7f9f920ee78a979b0d9827cd6c6f9068e230902d117db475e71d36d7ce141 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT cf-cache-status MISS x-guploader-uploadid ADPycdvvYEIJ19RvopL_UvPb_PXgE67fPaNBPP08MIeOpzyQ_t2XOK9OvYOZ4Jl-YZ4VBmnE27oIXxx_tMd8wvKDQ3iJDQ x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Mon, 26 Apr 2021 15:28:22 GMT content-length 10004 last-modified Thu, 05 Mar 2020 23:28:22 GMT server cloudflare etag "a518cce8f70c3523083c05cbb6f8ae74" vary Accept-Encoding x-goog-generation 1583450902278011 content-type image/png x-goog-hash crc32c=qsL2OA==, md5=pRjM6PcMNSMIPAXLtviudA== cache-control public, max-age=315360000 x-goog-stored-content-length 10004 accept-ranges bytes cf-ray 788863738e4e2c5b-FRA expires Sun, 09 Jan 2033 19:44:44 GMT
GET H2	200	l use.typekit.net/af/3ec29d/00000000000000007735a1b1/30/	20 KB 20 KB	30ms 9ms	Font application/font-woff2	2a02:26f0:3500:16::215:14a0 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/3ec29d/00000000000000007735a1b1/30/l?subset_id=2&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/inb7ckm.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1d8010388ede8cd0b15f18e7386df47437ca85f877609c3a487be15b74c0ea82 Request headers Referer https://use.typekit.net/inb7ckm.css Origin https://get.armorblox.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT server nginx etag "2c73de53d797d1a729d9f552bfa9e497994b1fce" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 20420
GET H2	200	61469683-0-robinhood-logo.png v.fastcdn.co/u/79d65996/	5 KB 5 KB	339ms 338ms	Image image/png	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/79d65996/61469683-0-robinhood-logo.png Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 919df57da1f7219f1a004ab3655630f8830648126e7487ac35060765b31de555 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT cf-cache-status MISS x-guploader-uploadid ADPycduDDzoAEebVqmgLBKlgBwRcriqykbOW2fq4VXUja0SQi3Rqya5QWUJIbpE0yZjFqgYZcjENw-qPwUeQH1UdcJh48A x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Tue, 06 Jun 2023 08:57:42 GMT content-length 5166 last-modified Fri, 15 Apr 2022 16:57:42 GMT server cloudflare etag "96a22b22c927d240d0202ee452398c76" vary Accept-Encoding x-goog-generation 1650041862295255 content-type image/png x-goog-hash crc32c=clZ14Q==, md5=lqIrIskn0kDQIC7kUjmMdg== cache-control public, max-age=315360000 x-goog-stored-content-length 5166 accept-ranges bytes cf-ray 788863738e522c5b-FRA expires Sun, 09 Jan 2033 19:44:44 GMT
GET H2	200	61469670-0-datadog-logo.png v.fastcdn.co/u/79d65996/	13 KB 14 KB	174ms 173ms	Image image/png	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/79d65996/61469670-0-datadog-logo.png Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ad348425485b0dc3a4c4ad23339bbbc664f62e046bd3f21fcd6e1b990132561 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT cf-cache-status MISS x-guploader-uploadid ADPycdu4JTnB5HB5r0ybGWpYYrUMhkz3G7EUJx595M5tFO7GqW-sPrZfnCGcrqWJZSzx5ZminhMxo4z17Y7GMWkhxRHQzA x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Tue, 06 Jun 2023 08:57:42 GMT content-length 13760 last-modified Fri, 15 Apr 2022 16:57:42 GMT server cloudflare etag "dbb03bc167acfec72e4b61d325728fe4" vary Accept-Encoding x-goog-generation 1650041862317168 content-type image/png x-goog-hash crc32c=5KkDFQ==, md5=27A7wWes/scuS2HTJXKP5A== cache-control public, max-age=315360000 x-goog-stored-content-length 13760 accept-ranges bytes cf-ray 788863738e542c5b-FRA expires Sun, 09 Jan 2033 19:44:44 GMT
GET H2	200	61469686-0-outreach-logo-1.png v.fastcdn.co/u/79d65996/	8 KB 8 KB	158ms 157ms	Image image/png	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/79d65996/61469686-0-outreach-logo-1.png Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f98bc0d3774df5f95ac30576db3cc493fcbf18016c69d96fa89b62b3b71dafb2 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT cf-cache-status MISS x-guploader-uploadid ADPycdvTNZMO-1GBSsl1sP8CYVZseT1rNHTGmDI90oO-iSRcrybvdGl4SrEGCU9QN3Pd9nA8iJdJS8AohN2aPr5un8YQtQ x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Tue, 06 Jun 2023 08:57:42 GMT content-length 8330 last-modified Fri, 15 Apr 2022 16:57:42 GMT server cloudflare etag "ed4fcca518de670c1a2473b5739c4d8f" vary Accept-Encoding x-goog-generation 1650041862275574 content-type image/png x-goog-hash crc32c=5mkf2w==, md5=7U/MpRjeZwwaJHO1c5xNjw== cache-control public, max-age=315360000 x-goog-stored-content-length 8330 accept-ranges bytes cf-ray 788863738e562c5b-FRA expires Sun, 09 Jan 2033 19:44:44 GMT
GET H2	200	l use.typekit.net/af/5d2da8/00000000000000007735a1ac/30/	20 KB 21 KB	24ms 8ms	Font application/font-woff2	2a02:26f0:3500:16::215:14a0 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/5d2da8/00000000000000007735a1ac/30/l?subset_id=2&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/inb7ckm.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash a4515b66fa871c93188710a6741dbbf3c0fff1234ba80bdd7f92312891882e2b Request headers Referer https://use.typekit.net/inb7ckm.css Origin https://get.armorblox.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT server nginx etag "909a6fbedfc1c38385c9cee93050b92d963b82e7" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 20924
GET H2	200	57926986-0-Armorblox-arrow.png v.fastcdn.co/u/79d65996/	374 B 653 B	363ms 363ms	Image image/png	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/79d65996/57926986-0-Armorblox-arrow.png Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 23641eb36b7c9acace14e4d92daf06421fd0e3595cb6198058084ab89403b98c Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT cf-cache-status MISS x-guploader-uploadid ADPycdtEJS1oxjfastjijJDCjXEZBiiKHu30FB5jNr9IKnsrBT50LsUSaIB0P_QYHO444Tq3XPoFA6MucYW2Au25YRGlOQ x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Mon, 22 Aug 2022 20:50:56 GMT content-length 374 last-modified Fri, 02 Jul 2021 04:50:57 GMT server cloudflare etag "f535555f3b9feb8e749cb1deb9d0826f" vary Accept-Encoding x-goog-generation 1625201457143445 content-type image/png x-goog-hash crc32c=sMgv4g==, md5=9TVVXzuf6450nLHeudCCbw== cache-control public, max-age=315360000 x-goog-stored-content-length 374 accept-ranges bytes cf-ray 78886373cedf2c5b-FRA expires Sun, 09 Jan 2033 19:44:44 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/162/	11 KB 5 KB	8ms 8ms	Script application/x-javascript	23.45.104.85 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/162/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/munchkin.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.45.104.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-104-85.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Thu, 12 Jan 2023 19:44:44 GMT Content-Encoding gzip Last-Modified Fri, 01 Jul 2022 00:59:12 GMT Server AkamaiNetStorage ETag "75daf56f6191efe42577301908659c29:1656637152.894482" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Type application/x-javascript Cache-Control max-age=8640000 Connection keep-alive Accept-Ranges bytes Content-Length 4677 Expires Sat, 22 Apr 2023 19:44:44 GMT
POST H/1.1	200 OK	visitWebPage 176-xmj-030.mktoresp.com/webevents/	2 B 318 B	824ms 174ms	Ping text/plain	192.28.147.68 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://176-xmj-030.mktoresp.com/webevents/visitWebPage?_mchNc=1673552684401&_mchCn=&_mchId=176-XMJ-030&_mchTk=_mch-armorblox.com-1673552684401-55581&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&_mchHo=get.armorblox.com&_mchPo=&_mchRu=%2Femail-risk-assessment&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fem.armorblox.com%2F&_mchQp=utm_medium%3Dnurture__-__utm_source%3Demail__-__utm_content%3Demail5__-__utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture__-__mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/162/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.28.147.68 , United States, ASN15224 (OMNITURE, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Thu, 12 Jan 2023 19:44:45 GMT Content-Encoding gzip Server nginx/1.20.1 Transfer-Encoding chunked Content-Type text/plain; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive X-Request-Id 10bcb652-e255-493a-ba6c-471bca3904fc
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/	407 KB 163 KB	88ms 24ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://get.armorblox.com/ Origin https://get.armorblox.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 16:04:18 GMT content-encoding gzip x-content-type-options nosniff age 13226 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 166478 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 12 Jan 2024 16:04:18 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 210 B	50ms 48ms	XHR text/plain	2a00:1450:400d:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=436504729&t=pageview&_s=1&dl=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&dr=https%3A%2F%2Fem.armorblox.com%2F&ul=en-us&de=UTF-8&dt=Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1531390552&gjid=286912929&cid=824692646.1673552684&tid=UA-103936869-1&_gid=1740290359.1673552684&_r=1&_slc=1&cd1=A&z=1234868421 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://get.armorblox.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://get.armorblox.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	6si.min.js Show response j.6sc.co/	31 KB 10 KB	129ms 23ms	Script application/javascript	104.96.140.70 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: em.armorblox.com URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-140-70.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash eea93734d5f0032479fa252394415d53cbcd4e7bd6d54764543eaa8b7c9fd10c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 01 Dec 2022 20:20:43 GMT server nginx/1.14.0 (Ubuntu) etag "63890c9b-7ad6" vary Accept-Encoding content-type application/javascript cache-control private, no-cache, proxy-revalidate accept-ranges bytes content-length 10143 expires Thu, 12 Jan 2023 19:44:44 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	13 KB 5 KB	45ms 9ms	Script application/x-javascript	2a02:26f0:3500:16::215:14a0 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT content-encoding gzip last-modified Tue, 10 Jan 2023 17:22:56 GMT x-cdn AKAM vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=60616 accept-ranges bytes content-length 4777
GET H2	200	optimize.js Show response www.google-analytics.com/gtm/	111 KB 44 KB	56ms 55ms	Script application/javascript	2a00:1450:400d:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/optimize.js?id=OPT-P34TZX3 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5b5392aa569695a8f76432ebab9e06abbfbd568771cbeb08d28c27adf6dfc047 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44467 x-xss-protection 0 last-modified Thu, 12 Jan 2023 18:56:52 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 12 Jan 2023 19:44:44 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/	2 KB 2 KB	98ms 59ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/?random=1673552684456&cv=11&fst=1673552684456&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment&auid=996403691.1673552684&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bf57087069625dcf4fc390abc6e65a0ee247f5ac7b7d245aa755169020e4282c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1105 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bizible.js Show response cdn.bizible.com/scripts/	83 KB 32 KB	60ms 7ms	Script application/x-javascript	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.bizible.com/scripts/bizible.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67D4) / Resource Hash 1ae740ebbe1a0c68cdf60b2d5df40126d47e6c69d19bf794b8a99ad5ceb81992 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT content-encoding gzip last-modified Mon, 09 Jan 2023 19:32:36 GMT server ECS (frb/67D4) age 73593 etag "c79199206124d91:0" vary Accept-Encoding x-cache HIT content-type application/x-javascript cache-control max-age=86400 accept-ranges bytes content-length 32327
GET H2	200	ikk2zzg7t3aw.js Show response js.driftt.com/include/1673552700000/	211 KB 60 KB	246ms 222ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/include/1673552700000/ikk2zzg7t3aw.js Requested by Host: em.armorblox.com URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash bd5d20116afec87d67cb7a5218b2c1788a3dfb9a97b8f2f6b0a50485cc65bd1f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT x-amz-version-id 4lVbSfuh7p1c.Qn557b7pYxzdaEuR0.t content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront x-envoy-upstream-service-time 22 last-modified Wed, 11 Jan 2023 19:29:36 GMT server istio-envoy etag W/"201b2d6c6fb2670b8dc5d778c15d016c" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id q4g3lpoT-JrEHIms5SatO-WXrwVabU8eX5yh6m3h0mLqlw5bsxTNgQ==
GET H2	200	site-script.js Show response cdn.metadata.io/	6 KB 2 KB	73ms 7ms	Script application/javascript	2600:9000:206f:1600:9:d7d4:1380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.metadata.io/site-script.js Requested by Host: em.armorblox.com URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:1600:9:d7d4:1380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 321b561142238d26a85a5e58f8963d500eb980344a6bc7ba394993067a43b017 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 05:09:49 GMT x-amz-version-id XZocrpaYlRdwxDV0d5UZiPLznLPIKdhh content-encoding gzip x-content-type-options nosniff via 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront) strict-transport-security max-age=31536000 x-amz-cf-pop FRA56-C1 age 52496 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Tue, 29 Nov 2022 18:06:47 GMT server AmazonS3 etag W/"3a60ae8ae30a80fc7a3aecd50bd9f56f" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type application/javascript x-amz-cf-id h32-VP-hjavkbHgXF0vkhtUJ7jQN7Y4_FQKi5K0606Q0Ehg4NRpLHg==
GET H2	200	60f9d599350740001b173802 Show response ws.zoominfo.com/pixel/	2 KB 2 KB	222ms 186ms	Script text/javascript	2606:4700::6810:650c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/60f9d599350740001b173802 Requested by Host: em.armorblox.com URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 0f765cd5b888e1423fc975485381c1b647fa209cf8a6169001cff1d37e709326 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-allow-credentials true cf-ray 788863761ab49a0f-FRA access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	hotjar-3242658.js Show response static.hotjar.com/c/	8 KB 4 KB	120ms 37ms	Script application/javascript	65.9.66.112 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3242658.js?sv=6 Requested by Host: em.armorblox.com URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-112.fra56.r.cloudfront.net Software / Resource Hash 06f952091b427f42bb8c85f95b6796b927a0bfa19f058098c7cb2476786a90fb Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Thu, 12 Jan 2023 19:44:44 GMT via 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 etag W/2c99441fdc74596f626bb67bacbec393 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id Rt25oW_p1Wq8AYatE62-IT7pbiJRNA-i7oaxJ8FfF88DcJsrRau2UQ==
GET H2	200	main.rtfl.js Show response visitor.reactful.com/dist/	271 KB 105 KB	133ms 24ms	Script application/javascript	2a00:1450:4001:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://visitor.reactful.com/dist/main.rtfl.js Requested by Host: em.armorblox.com URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash f2ea684e3b845732d5688c534995dded4f2b5639e4b51b23540b00424f2736ad Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sun, 08 Jan 2023 17:55:48 GMT content-encoding gzip server Google Frontend age 352136 etag "6u5RTA" content-type application/javascript; charset=UTF-8 x-cloud-trace-context 94a9732c2190f2bad41f61c840501c2f cache-control public,public, max-age=432000 content-length 106771 expires Fri, 13 Jan 2023 17:55:48 GMT
GET H2	200	attributionSnippet.js Show response ddzuuyx7zj81k.cloudfront.net/1.0.0/	6 KB 2 KB	104ms 20ms	Script application/javascript	2600:9000:2249:e000:8:8d2f:9e00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js Requested by Host: em.armorblox.com URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2249:e000:8:8d2f:9e00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a26c6b08f043efef7e236eb6464e096f0d0a995c35c5f6074d4cc1c695cbe9b0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers x-amz-version-id BzkI61eYFyewX6x0l7i6i82MeoDOtTMn content-encoding gzip via 1.1 7aebe5536aa81207909dbe4ca368b9be.cloudfront.net (CloudFront) date Thu, 12 Jan 2023 06:53:07 GMT last-modified Mon, 18 Jul 2022 15:25:15 GMT server AmazonS3 x-amz-cf-pop MXP63-P4 age 46298 etag W/"03d2c7ecc77b0dbf04fecc51b018a287" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id RiS2m2q6EPDq94ndRGl6yPFiaRcSMCXPWIwOPoJrJBHnRf9o3NW7dA==
GET H2	200	js Show response www.googletagmanager.com/gtag/	228 KB 78 KB	29ms 28ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-804LXDM1XK&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7a61f5548e098f045f5325a3c38ff3189f2db917c2fbc8fe41931cdc387ef207 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79709 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 12 Jan 2023 19:44:44 GMT
GET H/1.1	200 OK	associate-segment segment.prod.bidr.io/ Redirect Chain https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value= https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1	43 B 796 B	34ms 33ms	Image image/gif	52.215.107.176 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol HTTP/1.1 Server 52.215.107.176 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-107-176.eu-west-1.compute.amazonaws.com Software gunicorn / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache Date Thu, 12 Jan 2023 19:44:44 GMT strict-transport-security max-age=2592000; includeSubDomains Server gunicorn content-type image/gif p3p CP="This is not a P3P policy! See https://beeswax.com/privacy for more info." cache-control no-cache, must-revalidate Connection keep-alive Content-Length 43 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1 Date Thu, 12 Jan 2023 19:44:44 GMT strict-transport-security max-age=2592000; includeSubDomains Server gunicorn Connection keep-alive Content-Length 0
GET H2	200	details Show response epsilon.6sense.com/v3/company/	746 B 584 B	244ms 244ms	XHR application/json	35.156.134.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Requested by Host: em.armorblox.com URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGJRa9CvN8uTchBuPSttb2NVxIYOej6b_H1KNSM6Stx4yoN6mu3llI1YrPf80GWgPO4XlFBbT8= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.134.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-134-55.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 9b2dc2a6592abd91e0dee577ef85461138e643d96bf3f3756f7c6d856d8d5e8b Request headers Referer https://get.armorblox.com/ accept-language de-DE,de;q=0.9 Authorization Token 04540cf571c3e344bffc07af30e1f900bcca8de2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 X-Forwarded-For null Content-Type application/json Response headers date Thu, 12 Jan 2023 19:44:44 GMT content-encoding gzip server nginx vary Accept-Encoding content-type application/json access-control-allow-origin https://get.armorblox.com access-control-allow-credentials true content-length 399
OPTIONS H2	200	details epsilon.6sense.com/v3/company/ Frame	0 0	34ms 10ms	Preflight	35.156.134.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.134.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-134-55.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,x-forwarded-for Access-Control-Request-Method GET Origin https://get.armorblox.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,content-type,x-forwarded-for access-control-allow-methods OPTIONS,GET access-control-allow-origin https://get.armorblox.com access-control-max-age 1800 date Thu, 12 Jan 2023 19:44:44 GMT server nginx
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 443 B	57ms 19ms	XHR text/plain	2a00:1450:400c:c0a::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-103936869-1&cid=824692646.1673552684&jid=1531390552&gjid=286912929&_gid=1740290359.1673552684&_u=IEBAAEAAAAAAACAAI~&z=118036891 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://get.armorblox.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 12 Jan 2023 19:44:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://get.armorblox.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/1814324/domain/get.armorblox.com/	36 B 369 B	253ms 179ms	XHR application/json	2600:9000:206e:a600:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/1814324/domain/get.armorblox.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206e:a600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://get.armorblox.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT content-encoding gzip via 1.1 89325178f4430fe7d65a260b33ed0234.cloudfront.net (CloudFront) x-amz-cf-pop VIE50-C1 vary accept-encoding x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id dOFepSbAMaaVXYFCOIA1M438J24t4HN01pl9pYUJUGWtdZIEq-x19Q==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1673552684504&url=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1814324%26time%3D1673552684504%26url%3Dhttps%253A%252F%252Fget.armorblox.com%252F... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1673552684504&url=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1673552684504&url=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%...	0 265 B	322ms 134ms	Image application/javascript	13.107.43.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1673552684504&url=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&liSync=true&e_ipv6=AQKU4zET3KRyAQAAAYWng2d38OP_qcVJ3iF62LsQ18fHwQloywMH_eKgMLrsbdpwr2va6OW_vUbZ Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Server 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: FF334674A458482DA3BEA671EAC1270E Ref B: VIEEDGE1019 Ref C: 2023-01-12T19:44:45Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAXyFllQ5wOvQfSq3RoTgw== Redirect headers date Thu, 12 Jan 2023 19:44:44 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 8BAA5D2BB0BA42F29098E677EB2692F3 Ref B: FRAEDGE1421 Ref C: 2023-01-12T19:44:44Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1673552684504&url=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&liSync=true&e_ipv6=AQKU4zET3KRyAQAAAYWng2d38OP_qcVJ3iF62LsQ18fHwQloywMH_eKgMLrsbdpwr2va6OW_vUbZ x-li-proto http/2 content-length 0 x-li-uuid AAXyFllMB+Pjf2eGxCV56Q==
POST H2	204	collect region1.analytics.google.com/g/	0 339 B	55ms 18ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-804LXDM1XK&gtm=2oe1a1&_p=436504729&_gaz=1&cid=824692646.1673552684&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673552684&sct=1&seg=0&dl=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&dr=https%3A%2F%2Fem.armorblox.com%2F&dt=Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment&en=page_view&_fv=2&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-804LXDM1XK&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT server Golfe2 content-type text/plain access-control-allow-origin https://get.armorblox.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	20ms 18ms	Ping text/plain	2a00:1450:400c:c0a::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-804LXDM1XK&cid=824692646.1673552684&gtm=2oe1a1&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-804LXDM1XK&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT server Golfe2 content-type text/plain access-control-allow-origin https://get.armorblox.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	79ms 39ms	Image image/gif	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-804LXDM1XK&cid=824692646.1673552684&gtm=2oe1a1&aip=1&z=131100673 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 296 B	38ms 37ms	Image image/gif	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-103936869-1&cid=824692646.1673552684&jid=1531390552&_u=IEBAAEAAAAAAACAAI~&z=749369461 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	39ms 38ms	Image image/gif	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-103936869-1&cid=824692646.1673552684&jid=1531390552&_u=IEBAAEAAAAAAACAAI~&z=749369461 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ipv cdn.bizible.com/m/	43 B 305 B	8ms 8ms	Image image/gif	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Fem.armorblox.com%2F&_biz_h=-1906410348&_biz_u=8b9c7de7378a49d8fcdd372367da246f&_biz_s=5cbaa7&_biz_l=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&_biz_t=1673552684540&_biz_i=Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment&_biz_n=0&rnd=223260&cdn_o=a&_biz_z=1673552684541 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6760) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT last-modified Wed, 11 Jan 2023 14:12:16 GMT server ECS (frb/6760) age 106348 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type Image/GIF cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H2	200	u cdn.bizibly.com/	43 B 203 B	33ms 8ms	Image image/gif	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizibly.com/u?_biz_u=8b9c7de7378a49d8fcdd372367da246f&_biz_s=5cbaa7&_biz_l=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&_biz_t=1673552684543&_biz_i=Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment&rnd=322705&cdn_o=a&_biz_z=1673552684543 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67C2) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT last-modified Thu, 05 Jan 2023 23:58:40 GMT server ECS (frb/67C2) age 589564 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type Image/GIF cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 8AB7	43 KB 23 KB	42ms 39ms	Document text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw&co=aHR0cHM6Ly9nZXQuYXJtb3JibG94LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=c08rpodv2874 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 12e504d580e2d6833a0c7c4857cb1e5c8147e5216acd2f40f8b7e757d3cbffb1 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ZkMMQ8caInS732mPsZQdxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://get.armorblox.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 23187 content-security-policy script-src 'report-sample' 'nonce-ZkMMQ8caInS732mPsZQdxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 12 Jan 2023 19:44:44 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	19ms 19ms	XHR text/plain	2a00:1450:400c:c0a::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-103936869-1&cid=824692646.1673552684&jid=1898230024&gjid=1943708985&_gid=1740290359.1673552684&_u=aGDAiEABRAAAAGAAI~&z=361050159 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://get.armorblox.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 12 Jan 2023 19:44:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://get.armorblox.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	29ms 29ms	Image image/gif	2a00:1450:400d:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&a=436504729&t=pageview&_s=1&dl=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&dr=https%3A%2F%2Fem.armorblox.com%2F&ul=en-us&de=UTF-8&dt=Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABRAAAACAAI~&jid=1898230024&gjid=1943708985&cid=824692646.1673552684&tid=UA-103936869-1&_gid=1740290359.1673552684&gtm=2wg1a15DM95KB&z=1160118162 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 18:07:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 5834 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	xdc.js Show response cdn.bizible.com/	116 B 547 B	118ms 117ms	Script text/javascript	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.bizible.com/xdc.js?_biz_u=8b9c7de7378a49d8fcdd372367da246f&_biz_h=-1906410348&cdn_o=a&jsVer=4.22.11.28 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6711) / Resource Hash f18b59d5a03f0165ef90ed9f256002332731dc7347580d502c5020984bf85219 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:43 GMT content-encoding gzip server ECS (frb/6711) etag F56AB634 vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 content-length 218
GET H3	200	/ www.google.com/pagead/1p-user-list/726574466/	42 B 64 B	26ms 26ms	Image image/gif	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/726574466/?random=1673552684456&cv=11&fst=1673550000000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment&fmt=3&is_vtc=1&random=168631794&rmt_tld=0&ipr=y Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/726574466/	42 B 548 B	29ms 29ms	Image image/gif	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/726574466/?random=1673552684456&cv=11&fst=1673550000000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment&fmt=3&is_vtc=1&random=168631794&rmt_tld=1&ipr=y Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	getuidj Show response secure.adnxs.com/	11 B 818 B	30ms 7ms	XHR application/json	37.252.171.21 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/getuidj Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Pragma no-cache Date Thu, 12 Jan 2023 19:44:44 GMT AN-X-Request-Uuid 2f65ac11-3fca-4cc8-8904-f3accf097f0b Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://get.armorblox.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 37.58.58.248; 37.58.58.248; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 11 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response c.6sc.co/	7 B 203 B	20ms 20ms	XHR text/html	104.96.140.70 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-140-70.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/html access-control-allow-origin https://get.armorblox.com access-control-allow-credentials true access-control-allow-headers * content-length 7
GET H2	200	/ Show response ipv6.6sc.co/	23 B 261 B	50ms 9ms	XHR text/html	2a02:26f0:3500:296::1c91 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:296::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash a28691c972d90405273475e477b6714dadbea4507b91a1837d3d96b51360c0d4 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT vary Origin content-type text/html access-control-allow-origin https://get.armorblox.com cache-control max-age=0, no-cache, no-store 6si-ipv6 2a00:c98:2030:a004:1::5 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 23 expires Thu, 12 Jan 2023 19:44:44 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	39ms 38ms	Image image/gif	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-103936869-1&cid=824692646.1673552684&jid=1898230024&_u=aGDAiEABRAAAAGAAI~&z=1471674979 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	40ms 39ms	Image image/gif	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-103936869-1&cid=824692646.1673552684&jid=1898230024&_u=aGDAiEABRAAAAGAAI~&z=1471674979 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	modules.0a5831f9446624640839.js Show response script.hotjar.com/	264 KB 68 KB	79ms 23ms	Script application/javascript	108.156.2.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.0a5831f9446624640839.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-3242658.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.2.20 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-2-20.mxp63.r.cloudfront.net Software / Resource Hash 70713cff7a74460b7252af840d785a7d6cb0c63c2b1d44227ecda6601a2264ab Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 12:30:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 d1eeb185861731e77bfcceda9556d144.cloudfront.net (CloudFront) x-amz-cf-pop MXP63-P4 age 26078 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 68992 last-modified Thu, 12 Jan 2023 12:29:16 GMT etag "c190d47cd0259bc45c4cf36c6c1a261a" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id kqOEADANfYwI5kwC04Q8U49IiUNpqRLV8QANtz72S2E6RJfv3FeQ7g==
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 8AB7	52 KB 24 KB	43ms 14ms	Stylesheet text/css	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw&co=aHR0cHM6Ly9nZXQuYXJtb3JibG94LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=c08rpodv2874 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 11:40:19 GMT content-encoding gzip x-content-type-options nosniff age 29065 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24262 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 12 Jan 2024 11:40:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 8AB7	407 KB 163 KB	42ms 14ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw&co=aHR0cHM6Ly9nZXQuYXJtb3JibG94LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=c08rpodv2874 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 16:04:18 GMT content-encoding gzip x-content-type-options nosniff age 13226 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 166478 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 12 Jan 2024 16:04:18 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	236ms 233ms	Image image/gif	104.96.140.70 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=e44bb040-ecd4-4b50-8697-1b6b07881705&session=d55621ba-146a-423f-82e6-fa51d2a8a524&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2012%20Jan%202023%2019%3A44%3A44%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20a%20free%202-week%20email%20risk%20assessment%20of%20Armorblox.%20See%20how%20the%20platform%20stops%20BEC%2C%20spear%20phishing%2C%20and%20other%20targeted%20attacks.%20Works%20on%20Office%20365%2C%20Google%20Workspace%2C%20and%20Exchange.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&pageViewId=c8f1d661-c55b-4a96-8825-0718cee7edaa&an_uid=0 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-140-70.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	u cdn.bizible.com/m/	43 B 121 B	8ms 7ms	Image image/gif	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizible.com/m/u?mapType=mkto&mapValue=id%3A176-XMJ-030%26token%3A_mch-armorblox.com-1673552684401-55581&_biz_u=8b9c7de7378a49d8fcdd372367da246f&_biz_s=5cbaa7&_biz_l=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&_biz_t=1673552684543&_biz_i=Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment&_biz_n=1&rnd=229079&cdn_o=a&_biz_z=1673552684649 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6776) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 19:44:44 GMT last-modified Fri, 06 Jan 2023 00:00:58 GMT server ECS (frb/6776) age 589426 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type Image/GIF cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
POST H2	200	setcookie2 Show response 63711288c40a0bdbd398bc81.services.infinigrow.com/	15 B 683 B	476ms 455ms	Fetch application/json	65.9.66.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://63711288c40a0bdbd398bc81.services.infinigrow.com/setcookie2 Requested by Host: ddzuuyx7zj81k.cloudfront.net URL: https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-105.fra56.r.cloudfront.net Software / Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Request headers Referer https://get.armorblox.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type application/json Response headers date Thu, 12 Jan 2023 19:44:45 GMT via 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amzn-trace-id Root=1-63c0632d-11cecdd4796c40922a848b60;Sampled=0 x-amzn-requestid 8e9ffbbe-72de-43af-a841-7b6b54c32106 vary Origin x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin https://get.armorblox.com access-control-allow-credentials true x-amz-apigw-id epRvJHKVPHcFcoA= content-length 15 x-amz-cf-id RxG2eBeNWU_E2mhk9xvsvXLznA4_Y0lIvf8TUBYwG6gKiQ8TYUVufw==
OPTIONS H2	204	setcookie2 63711288c40a0bdbd398bc81.services.infinigrow.com/ Frame	0 0	538ms 452ms	Preflight	65.9.66.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://63711288c40a0bdbd398bc81.services.infinigrow.com/setcookie2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-105.fra56.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://get.armorblox.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,Content-Length,Content-Type access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD access-control-allow-origin https://get.armorblox.com access-control-max-age 43200 date Thu, 12 Jan 2023 19:44:45 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers via 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront) x-amz-apigw-id epRvEFmsPHcFpQQ= x-amz-cf-id 39fgh-Ve4hKAkhhp3KrliSRkbelWIzkA4S-pkFrX3x-fjO8LfbcTlQ== x-amz-cf-pop FRA56-C1 x-amzn-requestid 930f50c0-a1f0-4217-9b55-1f41cde43bec x-amzn-trace-id Root=1-63c0632d-1aabb36a29fcf13f64886a6e;Sampled=0 x-cache Miss from cloudfront
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	237ms 236ms	Image image/gif	104.96.140.70 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=e44bb040-ecd4-4b50-8697-1b6b07881705&session=d55621ba-146a-423f-82e6-fa51d2a8a524&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2030%3Aa004%3A1%3A%3A5%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20a%20free%202-week%20email%20risk%20assessment%20of%20Armorblox.%20See%20how%20the%20platform%20stops%20BEC%2C%20spear%20phishing%2C%20and%20other%20targeted%20attacks.%20Works%20on%20Office%20365%2C%20Google%20Workspace%2C%20and%20Exchange.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&pageViewId=c8f1d661-c55b-4a96-8825-0718cee7edaa&an_uid=0 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-140-70.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response vars.hotjar.com/ Frame 472B	2 KB 1 KB	77ms 18ms	Document text/html	108.156.2.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-3242658.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.2.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-2-19.mxp63.r.cloudfront.net Software / Resource Hash cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://get.armorblox.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 4343678 cache-control max-age=31536000 content-encoding br content-length 1035 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 23 Nov 2022 13:10:06 GMT etag "e0652b84b7b3b650769c759fc520c3f8" last-modified Wed, 23 Nov 2022 13:09:18 GMT strict-transport-security max-age=2592000; includeSubDomains vary Accept-Encoding via 1.1 29373b9bd21dbfdb73f410724bfb6328.cloudfront.net (CloudFront) x-amz-cf-id CNvCqAcPnxU22m9AIXmEz-QQCpF3ToprZfaCaA0SVkF1A8qgSFtDOA== x-amz-cf-pop MXP63-P4 x-cache Hit from cloudfront x-robots-tag none
GET H2	200	/ Show response visitor.reactful.com/config/270535/	2 KB 975 B	394ms 394ms	XHR text/html	2a00:1450:4001:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://visitor.reactful.com/config/270535/?page=%2Femail-risk-assessment&hash=&referer=https%3A%2F%2Fem.armorblox.com%2F&user_id=&hshkgid=bfd59e8f-4efe-404d-9083-3efe6b62fef5&cb_rtfl=_rtfl_jsonp_0 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 87197fb6460bf019e3ae5d10dad535b55e4dbee1af8af87fbb7a1030d941456d Request headers Referer https://get.armorblox.com/ Url-Params-Data eyJ1dG1fbWVkaXVtIjoibnVydHVyZSIsInV0bV9zb3VyY2UiOiJlbWFpbCIsInV0bV9jb250ZW50IjoiZW1haWw1IiwidXRtX2NhbXBhaWduIjoiRUMrMjAyMjAxMzArUGhpc2hpbmcrQk9GVStNaW5pK051cnR1cmUiLCJta3RfdG9rIjoiTVRjMkxWaE5TaTB3TXpBQUFBR0pSYTlDdkFOVUxEMnNYak1YdHdHTndmUnA1ZmZIMmQ4Vld4V1p5aTd4aDlJZHRZVE50WTdONXQxYmtVMERCZXQ2LWJvUlZfdThrVFRBSUREcmIxMDc5cnJHQmUwOUdUTHljQWR5b29LSHpBIn0= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:45 GMT content-encoding gzip server Google Frontend vary Accept-Encoding access-control-allow-methods GET, OPTIONS p3p CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" access-control-allow-origin https://get.armorblox.com content-type text/html; charset=utf-8 cache-control no-cache access-control-allow-credentials true x-cloud-trace-context 57b66f353ee96cabf40aff41d78909a9 access-control-allow-headers Six-Sense-Data,Custom-Vars-Data,Url-Params-Data content-length 629 expires Thu, 12 Jan 2023 19:44:45 GMT
OPTIONS H2	200	/ visitor.reactful.com/config/270535/ Frame	0 0	252ms 213ms	Preflight text/javascript	2a00:1450:4001:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://visitor.reactful.com/config/270535/?page=%2Femail-risk-assessment&hash=&referer=https%3A%2F%2Fem.armorblox.com%2F&user_id=&hshkgid=bfd59e8f-4efe-404d-9083-3efe6b62fef5&cb_rtfl=_rtfl_jsonp_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash Request headers Accept */* Access-Control-Request-Headers url-params-data Access-Control-Request-Method GET Origin https://get.armorblox.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Six-Sense-Data, Custom-Vars-Data, Url-Params-Data access-control-allow-methods GET access-control-allow-origin https://get.armorblox.com cache-control no-cache content-length 0 content-type text/javascript date Thu, 12 Jan 2023 19:44:44 GMT expires Thu, 12 Jan 2023 19:44:44 GMT p3p CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" server Google Frontend x-cloud-trace-context d1e3882ea3f77fffe32d9666ec05dec6
GET H2	200	details Show response epsilon.6sense.com/v3/company/	746 B 585 B	202ms 186ms	XHR application/json	35.156.134.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.134.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-134-55.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 9b2dc2a6592abd91e0dee577ef85461138e643d96bf3f3756f7c6d856d8d5e8b Request headers Referer https://get.armorblox.com/ accept-language de-DE,de;q=0.9 Authorization Token feeee1c1b8e5fdaa6744704973e2bdfb76df296b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT content-encoding gzip server nginx vary Accept-Encoding content-type application/json access-control-allow-origin https://get.armorblox.com access-control-allow-credentials true content-length 399
OPTIONS H2	200	details epsilon.6sense.com/v3/company/ Frame	0 0	9ms 9ms	Preflight	35.156.134.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.134.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-134-55.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://get.armorblox.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization access-control-allow-methods OPTIONS,GET access-control-allow-origin https://get.armorblox.com access-control-max-age 1800 date Thu, 12 Jan 2023 19:44:44 GMT server nginx
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 8AB7	2 KB 2 KB	14ms 13ms	Image image/png	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 10 Jan 2023 18:59:47 GMT x-content-type-options nosniff age 175497 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 17 Jan 2023 18:59:47 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 8AB7	15 KB 16 KB	52ms 14ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw&co=aHR0cHM6Ly9nZXQuYXJtb3JibG94LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=c08rpodv2874 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sat, 07 Jan 2023 12:17:50 GMT x-content-type-options nosniff age 458814 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 07 Jan 2024 12:17:50 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 8AB7	15 KB 15 KB	56ms 18ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw&co=aHR0cHM6Ly9nZXQuYXJtb3JibG94LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=c08rpodv2874 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 09 Jan 2023 22:21:19 GMT x-content-type-options nosniff age 249805 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 09 Jan 2024 22:21:19 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 8AB7	102 B 134 B	24ms 24ms	Other text/javascript	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw&co=aHR0cHM6Ly9nZXQuYXJtb3JibG94LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=c08rpodv2874 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw&co=aHR0cHM6Ly9nZXQuYXJtb3JibG94LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=c08rpodv2874 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:44 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Thu, 12 Jan 2023 19:44:44 GMT
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/3242658/	147 B 322 B	144ms 35ms	XHR application/json	34.246.81.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/3242658/visit-data?sv=6 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.246.81.18 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-246-81-18.eu-west-1.compute.amazonaws.com Software / Resource Hash d5c1ad551c121bee3ab5ec67df650f929a74368057152d6c09a12c6df0651dc6 Request headers Referer https://get.armorblox.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Thu, 12 Jan 2023 19:44:45 GMT content-encoding br vary Accept-Encoding access-control-max-age 86400 content-type application/json access-control-allow-origin * cache-control no-cache, no-store access-control-allow-credentials true
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 37B5	7 KB 1 KB	28ms 27ms	Document text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 02483e91a94b462e86f51a9434830085d076ac048b9dfe275ed3472a7f42392c Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-BKE1Ut-6fdFZ-WIBfwlm1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://get.armorblox.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1115 content-security-policy script-src 'report-sample' 'nonce-BKE1Ut-6fdFZ-WIBfwlm1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 12 Jan 2023 19:44:44 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 37B5	52 KB 24 KB	14ms 13ms	Stylesheet text/css	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 11:40:19 GMT content-encoding gzip x-content-type-options nosniff age 29065 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24262 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 12 Jan 2024 11:40:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 37B5	407 KB 163 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 16:04:18 GMT content-encoding gzip x-content-type-options nosniff age 13226 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 166478 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 12 Jan 2024 16:04:18 GMT
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame 37B5	40 KB 24 KB	79ms 78ms	XHR application/json	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 0b50976c2088884e963fde754a4f438688ff4384492e31966f693a9655728754 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type application/x-protobuffer Response headers date Thu, 12 Jan 2023 19:44:45 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24811 x-xss-protection 1; mode=block expires Thu, 12 Jan 2023 19:44:45 GMT
POST H2	200	/ Show response content.hotjar.io/	56 B 161 B	232ms 66ms	XHR application/json	54.220.204.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.220.204.14 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-220-204-14.eu-west-1.compute.amazonaws.com Software / Resource Hash b997dd63e10eef2449bd390feea9d36ae396d7faaa3654cba0c58211f2b668b3 Request headers Referer https://get.armorblox.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Thu, 12 Jan 2023 19:44:45 GMT content-length 56 vary Origin content-type application/json
GET H3	200	refresh_2x.png www.gstatic.com/recaptcha/api2/ Frame 37B5	600 B 624 B	15ms 15ms	Image image/png	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/refresh_2x.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 11 Jan 2023 08:44:59 GMT x-content-type-options nosniff age 125986 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 600 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Wed, 18 Jan 2023 08:44:59 GMT
GET H3	200	audio_2x.png www.gstatic.com/recaptcha/api2/ Frame 37B5	530 B 554 B	17ms 16ms	Image image/png	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/audio_2x.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 09 Jan 2023 23:42:15 GMT x-content-type-options nosniff age 244950 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 530 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 16 Jan 2023 23:42:15 GMT
GET H3	200	info_2x.png www.gstatic.com/recaptcha/api2/ Frame 37B5	665 B 689 B	16ms 15ms	Image image/png	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/info_2x.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sat, 07 Jan 2023 15:32:43 GMT x-content-type-options nosniff age 447122 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 665 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Sat, 14 Jan 2023 15:32:43 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 37B5	15 KB 15 KB	15ms 14ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sat, 07 Jan 2023 12:17:50 GMT x-content-type-options nosniff age 458815 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 07 Jan 2024 12:17:50 GMT
GET H2	200	KFOlCnqEu92Fr1MmYUtfBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 37B5	15 KB 15 KB	20ms 19ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sat, 07 Jan 2023 07:04:14 GMT x-content-type-options nosniff age 477631 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15340 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:16 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 07 Jan 2024 07:04:14 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 37B5	15 KB 15 KB	18ms 17ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 09 Jan 2023 22:21:19 GMT x-content-type-options nosniff age 249806 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 09 Jan 2024 22:21:19 GMT
GET H3	200	payload www.google.com/recaptcha/api2/ Frame 37B5	27 KB 27 KB	26ms 24ms	Image image/jpeg	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/recaptcha/api2/payload?p=06AD1IbLDVtK9CAZ1ZOmL7fU_8AyAPDnylDTtftEb2KrzCoqhOy9mx8SXk20vvE_T1wGAMBCHXbUtMQPLh6Bv9_4AQx8gOUVqnMZyMcPaUL0igyw_xpPQIMebyDIzhehB30XeBDfAoj8y88kDEp6HWoW-KzSiQ_TAC92Y6V37nnH9Q3LAHN3W9OQtAmm-QQnE99bSMNOKq-PLViXg4cQuyOD2rS6Mhqi-bsw&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw Requested by Host: get.armorblox.com URL: https://get.armorblox.com/email-risk-assessment?utm_medium=nurture&utm_source=email&utm_content=email5&utm_campaign=EC+20220130+Phishing+BOFU+Mini+Nurture&mkt_tok=MTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash bd7cdfaf478c8132684088bf7f21c5c3ac7f879b54adbdbf42a2ab42e0935dc5 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LeYJW0dAAAAAI6j9evua3DIggacf0cYAYbTjGWw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:45 GMT content-security-policy frame-ancestors 'self' x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type image/jpeg cache-control private, max-age=30 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28035 x-xss-protection 1; mode=block expires Thu, 12 Jan 2023 19:44:45 GMT
GET H2	200	core Show response js.driftt.com/ Frame 3180	2 KB 1 KB	115ms 114ms	Document text/html	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1673552700000/ikk2zzg7t3aw.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 505aa4df244336566460d944283a0c809bf8c5291bbf73381b2af539495bf14e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://get.armorblox.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache content-encoding gzip content-type text/html; charset=utf-8 date Thu, 12 Jan 2023 19:44:45 GMT etag W/"18d8f6ef85eb49ac8151ab87569bd747" last-modified Wed, 11 Jan 2023 19:29:27 GMT server istio-envoy strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-id 8oHXrqsrUuwUKwu6a4TFfmjT9xuIkOF-e_cPr6SxGZ0M0fBFN0Msaw== x-amz-cf-pop FRA53-C1 x-amz-server-side-encryption AES256 x-amz-version-id TxMmMvXkuDzOVOXa7FsSAcr3nUNGGVVM x-cache RefreshHit from cloudfront x-envoy-upstream-service-time 11
GET H2	200	chat Show response js.driftt.com/core/ Frame CA72	2 KB 1 KB	111ms 111ms	Document text/html	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1673552700000/ikk2zzg7t3aw.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 505aa4df244336566460d944283a0c809bf8c5291bbf73381b2af539495bf14e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://get.armorblox.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache content-encoding gzip content-type text/html; charset=utf-8 date Thu, 12 Jan 2023 19:44:45 GMT etag W/"18d8f6ef85eb49ac8151ab87569bd747" last-modified Wed, 11 Jan 2023 19:29:27 GMT server istio-envoy strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-id ceLYKuo4bsPy--yxNjutYnZz2Y8bcODSQ9iZZWBwspA9Y940Qnaccw== x-amz-cf-pop FRA53-C1 x-amz-server-side-encryption AES256 x-amz-version-id TxMmMvXkuDzOVOXa7FsSAcr3nUNGGVVM x-cache RefreshHit from cloudfront x-envoy-upstream-service-time 21
GET H3	200	collect www.google-analytics.com/	35 B 55 B	30ms 30ms	Image image/gif	2a00:1450:400d:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&a=436504729&t=event&ni=1&_s=1&dl=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&dr=https%3A%2F%2Fem.armorblox.com%2F&ul=en-us&de=UTF-8&dt=Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6sense&ea=6sense%20enrich&el=6sense&_u=aGDAiEABRAAAAGAAI~&jid=&gjid=&cid=824692646.1673552684&tid=UA-103936869-1&_gid=1740290359.1673552684&gtm=2wg1a15DM95KB&cd10=%5Bobject%20Object%5D&cd12=Germany&cd18=&cd19=&cd20=&z=1228936605 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Thu, 12 Jan 2023 18:07:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 5835 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	two ec.instapagemetrics.com/t/ Frame	0 0	414ms 132ms	Preflight	34.71.95.65 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ec.instapagemetrics.com/t/two Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 65.95.71.34.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://get.armorblox.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, SP-Anonymous access-control-allow-origin https://get.armorblox.com access-control-max-age 5 content-length 0 date Thu, 12 Jan 2023 19:44:45 GMT referrer-policy same-origin strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff x-frame-options sameorigin
POST H2	200	two Show response ec.instapagemetrics.com/t/	2 B 325 B	391ms 130ms	XHR text/plain	34.71.95.65 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ec.instapagemetrics.com/t/two Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 65.95.71.34.bc.googleusercontent.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer https://get.armorblox.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Thu, 12 Jan 2023 19:44:46 GMT strict-transport-security max-age=15724800; includeSubDomains referrer-policy same-origin x-content-type-options nosniff x-frame-options sameorigin content-type text/plain; charset=UTF-8 access-control-allow-origin https://get.armorblox.com p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" access-control-allow-credentials true content-length 2
GET BLOB	200 OK	e1954392-a7f0-4a91-8d8b-d48d547603fc Show response https://get.armorblox.com/	2 KB 0		Script text/html
General Check archive.org Show headers Download Go to Full URL blob:https://get.armorblox.com/e1954392-a7f0-4a91-8d8b-d48d547603fc Requested by Host: visitor.reactful.com URL: https://visitor.reactful.com/dist/main.rtfl.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 87197fb6460bf019e3ae5d10dad535b55e4dbee1af8af87fbb7a1030d941456d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Length 1605 Content-Type text/html
POST H2	200	/ Show response tracking.reactful.com/tracking/270535/	6 B 117 B	199ms 140ms	XHR text/html	2a00:1450:4001:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tracking.reactful.com/tracking/270535/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash cf8646fc48648f5a6d806df8f757007e6398a55ddccc3d8c2046a4c014cf1b56 Request headers Accept */* Referer https://get.armorblox.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Thu, 12 Jan 2023 19:44:45 GMT content-encoding gzip server Google Frontend vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin * x-cloud-trace-context 2707477d10247b509321578ce0e85ca1 cache-control no-cache content-length 26
GET H2	200	runtime~main.c34580eb.js Show response js.driftt.com/core/assets/js/ Frame CA72	6 KB 3 KB	9ms 8ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash b0f7e256b2f20fccf75b28217b8364411c86632a9cdb5e75fb7b9ce390981051 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 Origin https://js.driftt.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 11 Jan 2023 19:29:26 GMT x-amz-version-id HozJCKDpz3AdNtSFm.G8pdI8au0H8nGR content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 87319 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 21 last-modified Wed, 11 Jan 2023 18:48:23 GMT server istio-envoy etag W/"8890682ab31ca411960a3975ffbaaf63" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id if1oJyFBah7NPXsRVfLwC8geESIB9kdHzDgoDwxYuDD7q8DUmNG5BQ==
GET H2	200	8.611ead2e.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	35 KB 13 KB	9ms 9ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 Origin https://js.driftt.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 05 Dec 2022 03:22:45 GMT x-amz-version-id FEmcNMm7bgl3LTWxdVAFr5N2puOGeTSU content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3342120 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Thu, 01 Dec 2022 14:26:49 GMT server istio-envoy etag W/"6aa29962f34a8e117268142c7cc1cc3d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id lEqkcqyTi-mL3RG_bGTJI6a1fQtLjxKvgn3ubhZZI5dv1pIVrslQ9g==
GET H2	200	main~493df0b3.e2d828bd.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	7 KB 3 KB	10ms 9ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/main~493df0b3.e2d828bd.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash b4cfcb4d356ea5804502849bcafd4dfeb016947ea9a5f3702a2dc18faebe8d54 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 Origin https://js.driftt.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 06 Dec 2022 11:39:42 GMT x-amz-version-id 5i3D3Jm1fC87ZNs2xakTB59QgKuAEk.A content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3225903 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 42 last-modified Thu, 01 Dec 2022 14:26:49 GMT server istio-envoy etag W/"6e6f5840c8530be7b3929519b0020404" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id -mCT6zRf8xF8NabHUtg-CdWkhzxUtgfJmO-wOR4Odxt6Oy2pcNpdlQ==
GET H2	200	runtime~main.c34580eb.js Show response js.driftt.com/core/assets/js/ Frame 3180	6 KB 3 KB	9ms 9ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash b0f7e256b2f20fccf75b28217b8364411c86632a9cdb5e75fb7b9ce390981051 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Origin https://js.driftt.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 11 Jan 2023 19:29:26 GMT x-amz-version-id HozJCKDpz3AdNtSFm.G8pdI8au0H8nGR content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 87319 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 21 last-modified Wed, 11 Jan 2023 18:48:23 GMT server istio-envoy etag W/"8890682ab31ca411960a3975ffbaaf63" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id YU1y3BP3qs4nb1ViK8P_yDypEZ7EsznLIvJDS0k1OaH8BPSWFV1xgA==
GET H2	200	8.611ead2e.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	35 KB 13 KB	10ms 9ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Origin https://js.driftt.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 05 Dec 2022 03:22:45 GMT x-amz-version-id FEmcNMm7bgl3LTWxdVAFr5N2puOGeTSU content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3342120 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Thu, 01 Dec 2022 14:26:49 GMT server istio-envoy etag W/"6aa29962f34a8e117268142c7cc1cc3d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 6jgM3X6F9DNSfP1X4gbyyaLzk-zXi9-_cWIO6WngAI0BzZaQ9XzonQ==
GET H2	200	main~493df0b3.e2d828bd.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	7 KB 3 KB	10ms 10ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/main~493df0b3.e2d828bd.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash b4cfcb4d356ea5804502849bcafd4dfeb016947ea9a5f3702a2dc18faebe8d54 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA Origin https://js.driftt.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 06 Dec 2022 11:39:42 GMT x-amz-version-id 5i3D3Jm1fC87ZNs2xakTB59QgKuAEk.A content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3225903 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 42 last-modified Thu, 01 Dec 2022 14:26:49 GMT server istio-envoy etag W/"6e6f5840c8530be7b3929519b0020404" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id lMc1TcfpJwwlDgFrleJhWfmfg0rC3dWJRrtJ6sY5vgk-fNLN06gFoQ==
GET H2	200	49.b6336d11.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	23 KB 8 KB	9ms 8ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 1cb2a3ed712d8fcfa64505237ae54ffe9f2f5d293f371f40871d830891568b88 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 07 Dec 2022 07:25:34 GMT x-amz-version-id SRmWR6_2IAVyTfdeBA3UHsUTKF9vig0O content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3154750 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 17 last-modified Thu, 01 Dec 2022 14:26:48 GMT server istio-envoy etag W/"8004ba5ba9fc99e5c559490658a3863f" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id -KBrrqmLe---c4IvVrVTGj-dISC5md0Mc1anzJKLBCK10OG47Hbetw==
GET H2	200	33.ae4de0a0.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	36 KB 10 KB	9ms 8ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/33.ae4de0a0.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 29 Nov 2022 09:35:05 GMT x-amz-version-id 01yrO.GdH1fyM.8UOItbGHccy8AReg_w content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3838180 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 23 last-modified Mon, 28 Nov 2022 20:48:11 GMT server istio-envoy etag W/"db0cd5b66c52523e10b87a0c8a2db182" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id OnZ5SQV2yRILBwVknTzfeexLY3B_GJ6gRHbVisOKEE1paoNlENf3DQ==
GET H2	200	23.60057654.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	32 KB 11 KB	10ms 9ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/23.60057654.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software nginx / Resource Hash 489eb2769765657c9325f65117f5c7b87ffc4eab547622608c12c8f6fd60df1b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sun, 13 Nov 2022 04:37:57 GMT x-amz-version-id h0iqbZ_gASSHNL6Etsh3GsO.e_uJcwGW content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 5238408 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 09 Nov 2022 18:21:21 GMT server nginx etag W/"0e963aeeee70e63f5078955e6db860f3" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id sZN-bTzcZrzhWBoKL9keR3IVt3RELFDU3KGLnm8vuVW9BevU2kheHw==
GET H2	200	18.2ab31195.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	17 KB 6 KB	11ms 10ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/18.2ab31195.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash a0da3cdc4c400e5e5030c733b68bff8fddc8c4c82c2432330fa8cb858b16bd85 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 29 Nov 2022 09:35:05 GMT x-amz-version-id 7QY.k3aW4w3SXwLpYXRxCoBV.7gk5Lob content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3838180 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 20 last-modified Mon, 28 Nov 2022 20:48:10 GMT server istio-envoy etag W/"09e4a870348ecb960c5807c49bbf0c16" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 9zbEY646mWBWrYiUbdGrbwXCAUl8JlEj9PZCVq-bCrZ_FDtOI0rb8A==
GET H2	200	40.5fa801cd.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	25 KB 8 KB	11ms 9ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/40.5fa801cd.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 759a08226cc8d5a5a89c64b7f814457ee6191384f30e4dc9cd123aaf279003fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 28 Nov 2022 14:14:55 GMT x-amz-version-id 2JyWLT5kiYVrWdx2kqymOz0l_b0Z1qRY content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3907790 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 17 last-modified Tue, 22 Nov 2022 15:49:59 GMT server istio-envoy etag W/"e7d37d5ffc01767c10d8677c65ead60b" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Sqrmbnd_kDJQGF0PP_Ie-4op517sGCYzBetT0GaaEgeNKC8VrUHqCw==
GET H2	200	20.8c21ea18.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	74 KB 23 KB	12ms 10ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 30 Nov 2022 06:28:48 GMT x-amz-version-id Fsl5YzjyzYkGyh.Qov9hdU0MvlCwCPrF content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3762956 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 15 last-modified Mon, 28 Nov 2022 20:48:10 GMT server istio-envoy etag W/"6d77a76055d81227033363af2f18caf8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id LvRM4x0x8aMIJYSThS6lB8S_XwA1xIE6Xi0g9ZXfb9uI2X0Gxt-jNw==
GET H2	200	25.8f107198.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	59 KB 19 KB	13ms 12ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/25.8f107198.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 30 Nov 2022 06:28:48 GMT x-amz-version-id ZWSV35FrpevtVzjBLwK031dBQZC7DkUu content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3762956 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Mon, 28 Nov 2022 20:48:10 GMT server istio-envoy etag W/"e2511c69e5bdc03467952abaccdb5383" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id M43ezDDfl7qEm7we5iyEmqyokOWhzVdZ_C-9b_BFPE6YkCtajo01KQ==
GET H2	200	13.3e86f1f6.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	91 KB 91 KB	15ms 14ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software nginx / Resource Hash 81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sat, 03 Sep 2022 02:20:14 GMT x-amz-version-id tL0mO7lwTQOm1OEDR9eN1LSlBkEAt593 via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA53-C1 age 11381071 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 92674 last-modified Thu, 01 Sep 2022 13:18:43 GMT server nginx etag "fdee1a560ca08e3d3702e14d8f1f0b82" access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id ZrFuDV-pnsszpvBqlhVpJZS-uXCNFHpZyzzLaMVfSWrsUGgCsPMJUg==
GET H2	200	11.639238ba.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	23 KB 7 KB	20ms 18ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/11.639238ba.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sat, 03 Dec 2022 12:04:21 GMT x-amz-version-id umvKX3aSunwjzGTx0HeJH2jCGVVK3dzQ content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3483624 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 25 last-modified Thu, 01 Dec 2022 14:26:46 GMT server istio-envoy etag W/"4049f38c00add1738dc4806148ff8829" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id aaZpv5gWDA1nII0p4YlOrBEmlC_JBeSyqgyY8NcH28hRS8REpb3zSw==
GET H2	200	17.d96f5704.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	62 KB 20 KB	21ms 20ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/17.d96f5704.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 66bee368cd16bf0d9a64e4252953d1179f42ad9bfcae08c8abc8b46e5d304b24 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 28 Nov 2022 19:30:38 GMT x-amz-version-id sg8faa50aplh9rJp1QcZDcacOoaZ0DpV content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3888847 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 56 last-modified Mon, 28 Nov 2022 18:58:53 GMT server istio-envoy etag W/"f7132278cd8921e8f42d2d92ca6e0510" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 0wfE44QRuCDcczgZNpkx4SP2THdIifDrBf83omKYF7Xepo9Et1dvYA==
GET H2	200	47.9d4808ed.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	105 KB 34 KB	22ms 21ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/47.9d4808ed.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 20997bd3984886e845f5a5e0d036f9808a5e30051f219705ef4e6ef1ef1b0f55 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 30 Nov 2022 06:28:48 GMT x-amz-version-id 8QR3cgb7WpaI7MofwiJyqQRRt0Z0IBFB content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3762956 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 21 last-modified Mon, 28 Nov 2022 20:48:11 GMT server istio-envoy etag W/"dfc66008c702c40fea0587f735010013" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 2TG-22rEQo3V_UGhbmQoFwPPdmlC9ZGEUsntDrPIasGWzshQZ-Ow-w==
GET H2	200	38.5941b51c.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	12 KB 4 KB	23ms 22ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/38.5941b51c.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 62eb2106959f57e67d6a5209dc51af437b7b61a4256fd93b1a822e4d606ef9ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 29 Nov 2022 09:35:05 GMT x-amz-version-id vJ4l4Xhv63Wbg7qXfYNntPn3WeE7h5J0 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3838180 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 28 last-modified Mon, 28 Nov 2022 20:48:11 GMT server istio-envoy etag W/"aa24724b97a516c589a05bc577d15db9" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id faCpRQSao4WAIeY57RBl50ih86OIFdcuQpBtqlqMOTp9_qFyJ7SlFw==
GET H2	200	28.190877b8.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	13 KB 6 KB	24ms 23ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/28.190877b8.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 08 Dec 2022 02:10:45 GMT x-amz-version-id ppxEVVcgjGUkQFAmeAKsliE80kwpH87a content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3087240 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 47 last-modified Wed, 07 Dec 2022 20:08:22 GMT server istio-envoy etag W/"94c7e7cb2f40e10abeee8e28c0f68eb7" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id rvr0kmozu_5bt65Pc5GjLcTtbrBjJnxsL5LFdpg195qaK4BlepHS1w==
GET H2	200	21.b8c41db9.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	17 KB 7 KB	24ms 24ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 29 Nov 2022 08:03:19 GMT x-amz-version-id z8bmIwYFmpSlRsBZppbuF.O9_1BnvlVI content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3843686 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 14 last-modified Mon, 28 Nov 2022 20:48:10 GMT server istio-envoy etag W/"65e5c965272e021ae33ff8bc39565ef5" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 4okGu_JqNiNFOyM7IsBRpejN5oRIneLxIARkImij7iKzQHr36Gw9ag==
GET H2	200	9.2f2cc2c4.chunk.css js.driftt.com/core/assets/css/ Frame CA72	14 KB 3 KB	25ms 24ms	Stylesheet text/css	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/9.2f2cc2c4.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 8ab6891019c69c729441517bed2c703ec68058f913e9fe0d9840617f89473421 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 29 Dec 2022 16:39:29 GMT x-amz-version-id SDOQ.STtxlQaFoH.Cb_a99fOEu_ze5wP content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 1220715 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 18 last-modified Wed, 28 Dec 2022 21:35:38 GMT server istio-envoy etag W/"dd670379de64b0621ee84574f3b8e73d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Cy1qHDO6iTZYAZBvKWWDAjSqp_5iKkr4KQVF8IU7YXV9f41wb8YZsw==
GET H2	200	9.e91643ca.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	79 KB 25 KB	25ms 25ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/9.e91643ca.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash c65c0caf65a36c8bb25dddac082d92dc2d2629132cfb0097a59424d7f6faf156 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 29 Dec 2022 16:39:29 GMT x-amz-version-id DMZ6iUyJnZcbBLBSAp.0vFH7x0h8k7o8 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 1220715 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 20 last-modified Wed, 28 Dec 2022 21:35:42 GMT server istio-envoy etag W/"7a8cb644b6f002369ea2a4288f2d0116" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id eMe1mNd8vbOqAq5vUgAe9TyHUA7gCE7P4ZgvetTIYdjbsxZa0YqRnw==
GET H2	200	15.22abfce0.chunk.css js.driftt.com/core/assets/css/ Frame CA72	24 B 697 B	26ms 25ms	Stylesheet text/css	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sun, 27 Nov 2022 18:44:01 GMT x-amz-version-id MpmP_baDi2Lp86SRq3A6CnYjltvdox.E via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA53-C1 age 3978044 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 12 content-length 24 last-modified Tue, 22 Nov 2022 15:49:55 GMT server istio-envoy etag "0c5dad92482d9a7c7c253510f5082465" access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Az6xkluQIgI0kfFqQGkqh-Q-TpXZL73E8aTW7XTQNGA-M2Y3sl67_w==
GET H2	200	15.7414712b.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	84 KB 21 KB	26ms 25ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/15.7414712b.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 9d5478ed0fba429549dbf0f5a50df6644f21775decb625a9b448d4a02f1f4f01 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 05 Jan 2023 16:37:28 GMT x-amz-version-id M68.BHY51r7H2kRVNVH_tvCm6BkqYFgK content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 616037 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 20 last-modified Thu, 05 Jan 2023 16:27:50 GMT server istio-envoy etag W/"b74a80d67fde5b90d066ff29b6365529" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id PzyOeqbUzCjHw8NnB55t0X5YTUHgTQMnp4SK5otGg4WzIKrjSRDMMw==
GET H2	200	24.93e21b0d.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	49 KB 13 KB	26ms 26ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/24.93e21b0d.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash f5a0bb11ccb2b765a9ea803f2904919385d9d3bd0fbf565595626b0dd60cbea4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 11 Jan 2023 19:29:26 GMT x-amz-version-id q7HCMapRd3ObNq9D9kFKhsA3TPJ0X8zM content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 87319 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Wed, 11 Jan 2023 18:48:20 GMT server istio-envoy etag W/"3dcb6e81808f67d52c870f1999ba2d80" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id bixv7eJk-_g8MdJs2kGbmxZUZcx0FRviCPVOfwHN5ok6k-oFjY-BUw==
GET H2	200	16.e6a31895.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	39 KB 13 KB	27ms 27ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/16.e6a31895.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 941590a957107ad5194a08047e7010c59b13bbf024af936678696069dccc790f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 11 Jan 2023 19:29:26 GMT x-amz-version-id AxZWGl0kuHR2CyUD1pVJwSVAAjIWZ_98 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 87318 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Wed, 11 Jan 2023 18:48:20 GMT server istio-envoy etag W/"7ba5580a3ef2a7af9cc6d6a5b17a7c74" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id TS3uIftPKan79RTThJlxFmXhs-z1aCK-_DNE-ZD5BVFDdzqd_08KsQ==
GET H2	200	49.b6336d11.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	23 KB 8 KB	22ms 13ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 1cb2a3ed712d8fcfa64505237ae54ffe9f2f5d293f371f40871d830891568b88 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 07 Dec 2022 07:25:34 GMT x-amz-version-id SRmWR6_2IAVyTfdeBA3UHsUTKF9vig0O content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3154750 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 17 last-modified Thu, 01 Dec 2022 14:26:48 GMT server istio-envoy etag W/"8004ba5ba9fc99e5c559490658a3863f" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id vJolC9m3VL4Vq0ooAJzofjYrVt0ffkyC2NQhHW2rOtL6k-ehAxmO1w==
GET H2	200	33.ae4de0a0.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	36 KB 10 KB	23ms 13ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/33.ae4de0a0.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 29 Nov 2022 09:35:05 GMT x-amz-version-id 01yrO.GdH1fyM.8UOItbGHccy8AReg_w content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3838180 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 23 last-modified Mon, 28 Nov 2022 20:48:11 GMT server istio-envoy etag W/"db0cd5b66c52523e10b87a0c8a2db182" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id w9G-iMw89ryPPsOEoKXAMCDDzQCctkwj7vpRm7mVx6zLygiuH2UtVg==
GET H2	200	23.60057654.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	32 KB 11 KB	23ms 14ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/23.60057654.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software nginx / Resource Hash 489eb2769765657c9325f65117f5c7b87ffc4eab547622608c12c8f6fd60df1b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sun, 13 Nov 2022 04:37:57 GMT x-amz-version-id h0iqbZ_gASSHNL6Etsh3GsO.e_uJcwGW content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 5238408 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 09 Nov 2022 18:21:21 GMT server nginx etag W/"0e963aeeee70e63f5078955e6db860f3" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id KMvJnr74IQXxtjeP1eSKAceoIyWrKY3XJdf4quRBr9ljKRRJixBTkw==
GET H2	200	18.2ab31195.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	17 KB 6 KB	24ms 15ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/18.2ab31195.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash a0da3cdc4c400e5e5030c733b68bff8fddc8c4c82c2432330fa8cb858b16bd85 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 29 Nov 2022 09:35:05 GMT x-amz-version-id 7QY.k3aW4w3SXwLpYXRxCoBV.7gk5Lob content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3838180 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 20 last-modified Mon, 28 Nov 2022 20:48:10 GMT server istio-envoy etag W/"09e4a870348ecb960c5807c49bbf0c16" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 0l-b7BzuV8m6jNAGyE4QskId1DtgTkEVEhoD1wXvoBD2fkQm4rYsTA==
GET H2	200	40.5fa801cd.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	25 KB 8 KB	24ms 16ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/40.5fa801cd.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 759a08226cc8d5a5a89c64b7f814457ee6191384f30e4dc9cd123aaf279003fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 28 Nov 2022 14:14:55 GMT x-amz-version-id 2JyWLT5kiYVrWdx2kqymOz0l_b0Z1qRY content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3907790 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 17 last-modified Tue, 22 Nov 2022 15:49:59 GMT server istio-envoy etag W/"e7d37d5ffc01767c10d8677c65ead60b" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id qjwl3CPoouACAIAnSQMeCP2Zsfwk2bZc85T31BqVzsLBQAGFTQLZNA==
GET H2	200	20.8c21ea18.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	74 KB 23 KB	25ms 17ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 30 Nov 2022 06:28:48 GMT x-amz-version-id Fsl5YzjyzYkGyh.Qov9hdU0MvlCwCPrF content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3762956 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 15 last-modified Mon, 28 Nov 2022 20:48:10 GMT server istio-envoy etag W/"6d77a76055d81227033363af2f18caf8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id hWn-4r4On5dQc45BVTmDNFkz-quiddvXilSBRwnsCi8K2p3VniqNMw==
GET H2	200	25.8f107198.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	59 KB 19 KB	25ms 18ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/25.8f107198.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 30 Nov 2022 06:28:48 GMT x-amz-version-id ZWSV35FrpevtVzjBLwK031dBQZC7DkUu content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3762956 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Mon, 28 Nov 2022 20:48:10 GMT server istio-envoy etag W/"e2511c69e5bdc03467952abaccdb5383" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 3ZLvCjMwVhDKexEMRT6gNHbMyzPIJV4J80R1yyxA2B8PWgfK8LrFtg==
GET H2	200	13.3e86f1f6.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	91 KB 91 KB	25ms 19ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software nginx / Resource Hash 81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sat, 03 Sep 2022 02:20:14 GMT x-amz-version-id tL0mO7lwTQOm1OEDR9eN1LSlBkEAt593 via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA53-C1 age 11381071 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 92674 last-modified Thu, 01 Sep 2022 13:18:43 GMT server nginx etag "fdee1a560ca08e3d3702e14d8f1f0b82" access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id g9snJjwvCGxdVUB3F39h7JU4IQ3u6N3Wksg2cSvrDnYiStpujxHnIw==
GET H2	200	11.639238ba.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	23 KB 7 KB	26ms 20ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/11.639238ba.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sat, 03 Dec 2022 12:04:21 GMT x-amz-version-id umvKX3aSunwjzGTx0HeJH2jCGVVK3dzQ content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3483624 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 25 last-modified Thu, 01 Dec 2022 14:26:46 GMT server istio-envoy etag W/"4049f38c00add1738dc4806148ff8829" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id itqaw_msQFk6YXNFiUZOZPeVftvKx8LrJ5EXbE-XY1QJU-wNriLD0g==
GET H2	200	17.d96f5704.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	62 KB 20 KB	27ms 21ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/17.d96f5704.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 66bee368cd16bf0d9a64e4252953d1179f42ad9bfcae08c8abc8b46e5d304b24 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 28 Nov 2022 19:30:38 GMT x-amz-version-id sg8faa50aplh9rJp1QcZDcacOoaZ0DpV content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3888847 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 56 last-modified Mon, 28 Nov 2022 18:58:53 GMT server istio-envoy etag W/"f7132278cd8921e8f42d2d92ca6e0510" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id uaA4gmOB8NgTmkY-VMw0jtF4a0kdGy-X6wOjOL_IhFNaWQfoyJLvRA==
GET H2	200	47.9d4808ed.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	105 KB 34 KB	27ms 21ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/47.9d4808ed.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 20997bd3984886e845f5a5e0d036f9808a5e30051f219705ef4e6ef1ef1b0f55 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 30 Nov 2022 06:28:48 GMT x-amz-version-id 8QR3cgb7WpaI7MofwiJyqQRRt0Z0IBFB content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3762956 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 21 last-modified Mon, 28 Nov 2022 20:48:11 GMT server istio-envoy etag W/"dfc66008c702c40fea0587f735010013" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id rOFJQcxzNoXFa07fjhnXJ1V8zgMLEgu4h94hSKgcA3GYzW6nEIoIkw==
GET H2	200	38.5941b51c.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	12 KB 4 KB	28ms 22ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/38.5941b51c.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 62eb2106959f57e67d6a5209dc51af437b7b61a4256fd93b1a822e4d606ef9ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 29 Nov 2022 09:35:05 GMT x-amz-version-id vJ4l4Xhv63Wbg7qXfYNntPn3WeE7h5J0 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3838180 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 28 last-modified Mon, 28 Nov 2022 20:48:11 GMT server istio-envoy etag W/"aa24724b97a516c589a05bc577d15db9" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 6zrA29t8hSpt3fGQpxO0b7CKELy40SzOeoIL0qnRdb7W396JwlnAAw==
GET H2	200	28.190877b8.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	13 KB 6 KB	28ms 23ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/28.190877b8.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 08 Dec 2022 02:10:45 GMT x-amz-version-id ppxEVVcgjGUkQFAmeAKsliE80kwpH87a content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3087240 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 47 last-modified Wed, 07 Dec 2022 20:08:22 GMT server istio-envoy etag W/"94c7e7cb2f40e10abeee8e28c0f68eb7" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Zx8VOzqS5hlcCI3WKoqL6Zwm_gtc3YZaOrqQgJfmH-rkj5PHmHzp3Q==
GET H2	200	21.b8c41db9.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	17 KB 7 KB	28ms 23ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 29 Nov 2022 08:03:19 GMT x-amz-version-id z8bmIwYFmpSlRsBZppbuF.O9_1BnvlVI content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3843686 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 14 last-modified Mon, 28 Nov 2022 20:48:10 GMT server istio-envoy etag W/"65e5c965272e021ae33ff8bc39565ef5" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id IQue6hRI3Ms_mbRl7LrpT0FM1P37VKgF6kKVHIhH8VkU8sxecwIxQg==
GET H2	200	9.2f2cc2c4.chunk.css js.driftt.com/core/assets/css/ Frame 3180	14 KB 3 KB	17ms 12ms	Stylesheet text/css	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/9.2f2cc2c4.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 8ab6891019c69c729441517bed2c703ec68058f913e9fe0d9840617f89473421 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 29 Dec 2022 16:39:29 GMT x-amz-version-id SDOQ.STtxlQaFoH.Cb_a99fOEu_ze5wP content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 1220715 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 18 last-modified Wed, 28 Dec 2022 21:35:38 GMT server istio-envoy etag W/"dd670379de64b0621ee84574f3b8e73d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id WRKG6-za2b0tEhZbYAMDiB0pRkZlOy4NWWRz752ELQXy2aKMNxJu_g==
GET H2	200	9.e91643ca.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	79 KB 25 KB	28ms 24ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/9.e91643ca.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash c65c0caf65a36c8bb25dddac082d92dc2d2629132cfb0097a59424d7f6faf156 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 29 Dec 2022 16:39:29 GMT x-amz-version-id DMZ6iUyJnZcbBLBSAp.0vFH7x0h8k7o8 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 1220715 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 20 last-modified Wed, 28 Dec 2022 21:35:42 GMT server istio-envoy etag W/"7a8cb644b6f002369ea2a4288f2d0116" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id OLPYaBf5hve6zDd_OTzZZ-8NHN1itBDN6dIpOSRWMyeWZLr5BpPePA==
GET H2	200	15.22abfce0.chunk.css js.driftt.com/core/assets/css/ Frame 3180	24 B 696 B	17ms 12ms	Stylesheet text/css	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sun, 27 Nov 2022 18:44:01 GMT x-amz-version-id MpmP_baDi2Lp86SRq3A6CnYjltvdox.E via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA53-C1 age 3978044 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 12 content-length 24 last-modified Tue, 22 Nov 2022 15:49:55 GMT server istio-envoy etag "0c5dad92482d9a7c7c253510f5082465" access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 06rauxbEpp9yuJWAVpZ0phKsT6ciZ7Ip33bEF7rZPqF5MuX3CKiLsQ==
GET H2	200	15.7414712b.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	84 KB 21 KB	29ms 25ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/15.7414712b.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 9d5478ed0fba429549dbf0f5a50df6644f21775decb625a9b448d4a02f1f4f01 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 05 Jan 2023 16:37:28 GMT x-amz-version-id M68.BHY51r7H2kRVNVH_tvCm6BkqYFgK content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 616037 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 20 last-modified Thu, 05 Jan 2023 16:27:50 GMT server istio-envoy etag W/"b74a80d67fde5b90d066ff29b6365529" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Fumbv_yclF8nQ9ZqgwDEWYfO9YffVDNUqqqOPYhHvUvaWXgxjQ6S9A==
GET H2	200	24.93e21b0d.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	49 KB 13 KB	29ms 26ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/24.93e21b0d.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash f5a0bb11ccb2b765a9ea803f2904919385d9d3bd0fbf565595626b0dd60cbea4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 11 Jan 2023 19:29:26 GMT x-amz-version-id q7HCMapRd3ObNq9D9kFKhsA3TPJ0X8zM content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 87319 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Wed, 11 Jan 2023 18:48:20 GMT server istio-envoy etag W/"3dcb6e81808f67d52c870f1999ba2d80" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Lg-QzZsq9xfEvVlQTthXtaTJq0_Z40x0Jxn9B0XKR02IIKESg5vxmw==
GET H2	200	16.e6a31895.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	39 KB 13 KB	30ms 27ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/16.e6a31895.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 941590a957107ad5194a08047e7010c59b13bbf024af936678696069dccc790f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 11 Jan 2023 19:29:26 GMT x-amz-version-id AxZWGl0kuHR2CyUD1pVJwSVAAjIWZ_98 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 87318 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Wed, 11 Jan 2023 18:48:20 GMT server istio-envoy etag W/"7ba5580a3ef2a7af9cc6d6a5b17a7c74" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id kt5XDE5NaJrk0zQ1mXng6fYNhTjIi9EiKNoIYfFxGiGpJWkMYD7QFg==
GET H2	200	35.11d2b6a7.chunk.css js.driftt.com/core/assets/css/ Frame CA72	3 KB 1 KB	8ms 8ms	Stylesheet text/css	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/35.11d2b6a7.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 09 Dec 2022 16:00:55 GMT x-amz-version-id XKCyWehiVgQPAxmbU4jvKqy8s85CgNpR content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 2951030 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 33 last-modified Thu, 08 Dec 2022 20:10:48 GMT server istio-envoy etag W/"87532c4db85f1429fa6d759bc3332f36" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id a4BXZKsC2um8ChXHzW5XxwfseZxJgIEIVXoisXTzjJEjYeyWvZV00w==
GET H2	200	35.438351b2.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	3 KB 2 KB	9ms 9ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/35.438351b2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash d3c4b1d1abee7af1529758460c464a8721f281dfc899159dc36f521534d53fc6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 29 Nov 2022 09:35:06 GMT x-amz-version-id QhlyljBKsBjDwjJjkSDZfnhr7833Byrf content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3838179 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 17 last-modified Mon, 28 Nov 2022 20:48:11 GMT server istio-envoy etag W/"6d42b26d199471df6876d34dd3714424" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id bxQM2Up3MIVvjrzrFpvVImQWb1Q_heGqQKBhpAdJrMZylB8OnmtXtQ==
GET H2	200	0.0b2ebd4a.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	9 KB 3 KB	9ms 8ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software nginx / Resource Hash 862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sun, 13 Nov 2022 04:26:39 GMT x-amz-version-id YXvZ4HcypaoU47j75DlnYQCGjq19D5hr content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 5239086 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 09 Nov 2022 18:21:20 GMT server nginx etag W/"c5efcdc9e465604f32cf24af10fd6c13" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id ww9RdktHg81vvE9-00sl1quGoeETcd78vMwd483rdiylahqzfME_MA==
GET H2	200	26.64322869.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	35 KB 10 KB	9ms 9ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/26.64322869.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash bc239bcea412c55851ac6940a5a87baf775d3fb1a21423eed175e03e90774c64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 20 Dec 2022 15:41:38 GMT x-amz-version-id PTEOwy_2auoAERJW2cYbyU5O_d.Ysx0V content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 2001787 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 22 last-modified Tue, 20 Dec 2022 15:26:20 GMT server istio-envoy etag W/"744c4be1daa9277dcf54fdd19ba78200" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id WrLXat6Z3r78krYGmXkyH2_ebTWFQ7ceNlW2Xqjd1EPvse8OyUV0jQ==
GET H2	200	27.9bf46b67.chunk.css js.driftt.com/core/assets/css/ Frame 3180	8 KB 2 KB	9ms 9ms	Stylesheet text/css	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/27.9bf46b67.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 07 Dec 2022 02:46:22 GMT x-amz-version-id .EabxsG1IF6_xnfvUkaQ8CsZ1TLBkAR. content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3171503 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 21 last-modified Thu, 01 Dec 2022 14:26:44 GMT server istio-envoy etag W/"4f21faf2ba450e5fcdf7eda90813e185" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id B01qw6X7S54I9cOPfKnLnLVKWwrk8pfJe4j1h5RX_NjPHAsJo5OkKg==
GET H2	200	27.4f62ccd2.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	14 KB 6 KB	10ms 10ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/27.4f62ccd2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 4b7fcc71f2345201fb332e802b071e396b05623d04d410bbc6f4b010c673f3bf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 08 Dec 2022 20:36:41 GMT x-amz-version-id K6XR2itnTdewDpQnk8c.EJ6RPpqYqemb content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3020884 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 17 last-modified Thu, 08 Dec 2022 20:10:50 GMT server istio-envoy etag W/"498de99279f37cba21c25b932e3787a3" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 9Z0B0RX1hPnY1gLuTKZrP7WDBP6E0_VjpitPgnft9xLOR2bJpAgDjA==
GET H2	200	19.c695453b.chunk.css js.driftt.com/core/assets/css/ Frame 3180	365 B 1 KB	10ms 9ms	Stylesheet text/css	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/19.c695453b.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 07 Dec 2022 02:46:23 GMT x-amz-version-id w1vOcwITmb.cUDNW_lvsPGI3OxFp7KF_ via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA53-C1 age 3171502 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 16 content-length 365 last-modified Thu, 01 Dec 2022 14:26:44 GMT server istio-envoy etag "06b2963b029c0824382815165bfea73e" access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id rIEZmksbXGhL6VmbSHvqG3XSy38hh3NQVOilY0ORWRGtiRUg_BHn3g==
GET H2	200	19.8b809a6b.chunk.js Show response js.driftt.com/core/assets/js/ Frame 3180	92 KB 26 KB	10ms 10ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/19.8b809a6b.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 63d279105229c6f1f841644babfd4f4891ea77de6a91818d9549f7328ad4c5b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=ikk2zzg7t3aw&eId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=87ecdbfe-8af1-41fa-b0a9-4b045fd9a499&sessionStarted=1673552685.312&campaignRefreshToken=b67f144e-4bca-40f1-80b7-315d8dde2a43&hideController=false&pageLoadStartTime=1673552683414&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 11 Jan 2023 19:29:27 GMT x-amz-version-id iydRgnTJSfS5ndHL11el4.mUl7TpKB4y content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 87318 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 52 last-modified Wed, 11 Jan 2023 18:48:20 GMT server istio-envoy etag W/"0a524edff18167082ad3f71a48d11050" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 6yp0v-MAPBMn2NCMM6__C1JugHM9Y4eDJr1xBAcsnWO297kxuESQqw==
GET H2	200	0.0b2ebd4a.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	9 KB 3 KB	10ms 9ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software nginx / Resource Hash 862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sun, 13 Nov 2022 04:26:39 GMT x-amz-version-id YXvZ4HcypaoU47j75DlnYQCGjq19D5hr content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 5239086 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 09 Nov 2022 18:21:20 GMT server nginx etag W/"c5efcdc9e465604f32cf24af10fd6c13" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id bO-hehI6P11i6rAQvxYRoij_gUgioWHQpM2ibPhMa_xGXxxMccLMzQ==
GET H2	200	3.07aa08a5.chunk.css js.driftt.com/core/assets/css/ Frame CA72	7 KB 2 KB	12ms 11ms	Stylesheet text/css	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software nginx / Resource Hash dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 14 Nov 2022 02:01:00 GMT x-amz-version-id 6eDD8hJAoclD6yRsTxOCYDa1IzjcvXMP content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 5161425 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 09 Nov 2022 18:21:19 GMT server nginx etag W/"189aeffd571884559dababa22c66d75a" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id UJAfAXzW-z52kgPplNpmkp8cVBb2OF2Tq5ODaCG-29lWOaqWBK8cYA==
GET H2	200	3.f50b964b.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	54 KB 15 KB	13ms 13ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 30 Nov 2022 06:28:49 GMT x-amz-version-id qGN0XCPmPm.tPVWlU.D9L3otF0x1Dsuy content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3762956 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Mon, 28 Nov 2022 20:48:10 GMT server istio-envoy etag W/"1ac37bf2b93050f29058b66a9ad43e10" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Y1y-uEGz-Sj7WsVOF3iphwe_egKJuTMhsLJFG7MuuW2zzpCOVui92w==
GET H2	200	1.fbdab3a3.chunk.css js.driftt.com/core/assets/css/ Frame CA72	43 KB 7 KB	12ms 11ms	Stylesheet text/css	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/1.fbdab3a3.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash b22a1ebdf9aecea6f73860db0e9d184d96d28d85196efd42cfae5d8d0f103571 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 29 Nov 2022 09:35:06 GMT x-amz-version-id yfbMJnTGP6E_z1J_nu7pjaanu7Hf.Clu content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3838179 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 38 last-modified Mon, 28 Nov 2022 20:48:07 GMT server istio-envoy etag W/"6eae9d8917505f7858dc56cf0731728a" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id -Xj0Bv0FuH5k0yi5RL6ta3RcT57F-V_Q5z9ANPDlXdeRtQbMuSD6Zw==
GET H2	200	1.2e27d274.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	73 KB 25 KB	14ms 13ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/1.2e27d274.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 6aafe4dc4321bce762f863ce88aec5f7d4ed705477478be6510b0c2a48ef714e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 21 Dec 2022 21:54:21 GMT x-amz-version-id UNJr5Kja1ABr.guWFosCRkEJaAhCHOiA content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 1893024 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 37 last-modified Wed, 21 Dec 2022 21:28:25 GMT server istio-envoy etag W/"a6d0fdb505a88f9c55049ebe66d7667a" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 3FNUml44N-IrgtxBpy9-yc4I_Q75IBee8sa9wt7_3lUcEMNrHaySgA==
GET H2	200	32.a3318c5e.chunk.css js.driftt.com/core/assets/css/ Frame CA72	14 KB 3 KB	13ms 12ms	Stylesheet text/css	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/32.a3318c5e.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 06 Dec 2022 11:39:43 GMT x-amz-version-id e31zNZ7OvbqwI30C7A3j44RjIqkVwPQA content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 3225902 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 36 last-modified Thu, 01 Dec 2022 14:26:45 GMT server istio-envoy etag W/"b06e02b360914b25e58305b1b9b954dc" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id cLUY8kMI1odcGdzq4lHST2yRi_X7PvtMT46AKmq70lbJC2OvYJI6vA==
GET H2	200	32.5f11aa12.chunk.js Show response js.driftt.com/core/assets/js/ Frame CA72	12 KB 5 KB	14ms 14ms	Script application/javascript	143.204.215.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/32.5f11aa12.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.c34580eb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-88.fra53.r.cloudfront.net Software istio-envoy / Resource Hash 73b7536c82d23bd8bb1f28778009d16a26c9bb7624a3caf41289284aa33d54d7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1673552683414 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 13 Dec 2022 16:48:23 GMT x-amz-version-id ldUcMD8JsmcHqL747dpDB3Eivlc6nS5g content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 2602582 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 29 last-modified Tue, 13 Dec 2022 15:17:59 GMT server istio-envoy etag W/"77aab2343a041aad4aea245e60cde53f" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id JN86gwZrp8TP2HsumONe6XcrR4gUMMRqEfhNQVw5YRkcPT3DJ80_TA==
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	254ms 254ms	Image image/gif	104.96.140.70 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=e44bb040-ecd4-4b50-8697-1b6b07881705&session=d55621ba-146a-423f-82e6-fa51d2a8a524&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2012%20Jan%202023%2019%3A44%3A45%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2012%20Jan%202023%2019%3A44%3A44%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20a%20free%202-week%20email%20risk%20assessment%20of%20Armorblox.%20See%20how%20the%20platform%20stops%20BEC%2C%20spear%20phishing%2C%20and%20other%20targeted%20attacks.%20Works%20on%20Office%20365%2C%20Google%20Workspace%2C%20and%20Exchange.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&pageViewId=c8f1d661-c55b-4a96-8825-0718cee7edaa&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-140-70.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:45 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
POST H2	200	ping Show response bootstrap.api.drift.com/widget_bootstrap/ Frame 3180	147 B 245 B	115ms 114ms	XHR application/json	50.16.7.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bootstrap.api.drift.com/widget_bootstrap/ping Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-7-188.compute-1.amazonaws.com Software istio-envoy / Resource Hash fecc6547c58a32e5cb5cb4f7c675420c1bfaf7a1058e1da5736084578fda80b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type application/json Response headers date Thu, 12 Jan 2023 19:44:45 GMT strict-transport-security max-age=31536000; includeSubDomains server istio-envoy requestid 73c0e7b578efad8e access-control-max-age 1209600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info vary Accept-Encoding access-control-allow-credentials true x-envoy-upstream-service-time 8 access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 147
OPTIONS H2	200	ping bootstrap.api.drift.com/widget_bootstrap/ Frame	0 0	334ms 108ms	Preflight text/plain	50.16.7.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bootstrap.api.drift.com/widget_bootstrap/ping Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-7-188.compute-1.amazonaws.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://js.driftt.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info access-control-max-age 1209600 allow POST,OPTIONS content-length 13 content-type text/plain date Thu, 12 Jan 2023 19:44:45 GMT requestid driftecb33684ca3a2830e7e9a25de41 server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-envoy-upstream-service-time 0
GET H2	200	infinigrow.js Show response dss6ntp5q2r0o.cloudfront.net/2.9.0/	74 KB 25 KB	109ms 29ms	Script application/javascript	2600:9000:2050:3a00:10:7994:d200:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dss6ntp5q2r0o.cloudfront.net/2.9.0/infinigrow.js Requested by Host: ddzuuyx7zj81k.cloudfront.net URL: https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2050:3a00:10:7994:d200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 10:28:38 GMT content-encoding gzip via 1.1 b66a4887f7dc7a63f4fec4ed6cb0a44e.cloudfront.net (CloudFront) last-modified Sun, 24 Jun 2018 15:14:02 GMT server AmazonS3 x-amz-cf-pop BUD50-C1 age 33367 etag W/"2f70fa2239343e20deb5c199873fbed1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id kvs26cs598DjQglS6mheUhPyjaKYcpdR5HHZJk1L2sh50alQMCZ_VA==
POST H2	200	tp2 Show response 63711288c40a0bdbd398bc81.services.infinigrow.com/com.snowplowanalytics.snowplow/	2 B 685 B	454ms 454ms	XHR text/plain	65.9.66.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://63711288c40a0bdbd398bc81.services.infinigrow.com/com.snowplowanalytics.snowplow/tp2 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-105.fra56.r.cloudfront.net Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://get.armorblox.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Thu, 12 Jan 2023 19:44:46 GMT via 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront) x-amzn-remapped-content-length 2 x-amzn-remapped-server akka-http/10.0.9 x-amz-cf-pop FRA56-C1 x-amzn-requestid c8d16189-9034-45bd-91f1-4d0deaa2534b x-cache Miss from cloudfront p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" x-amz-apigw-id epRvTH9FvHcFZFw= content-length 2 x-amzn-trace-id Root=1-63c0632e-52f6fee63dd4f62f3bed7ae8;Sampled=0 vary Origin content-type text/plain; charset=UTF-8 access-control-allow-origin https://get.armorblox.com access-control-allow-credentials true x-amzn-remapped-date Thu, 12 Jan 2023 19:44:46 GMT x-amz-cf-id U0t387ZjK87nYhZ6Ckryatm9gTXjHIw00uI2ikJbE47_q5qgVbfw6Q==
OPTIONS H2	204	tp2 63711288c40a0bdbd398bc81.services.infinigrow.com/com.snowplowanalytics.snowplow/ Frame	0 0	443ms 443ms	Preflight	65.9.66.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://63711288c40a0bdbd398bc81.services.infinigrow.com/com.snowplowanalytics.snowplow/tp2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-105.fra56.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://get.armorblox.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,Content-Length,Content-Type access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD access-control-allow-origin https://get.armorblox.com access-control-max-age 43200 date Thu, 12 Jan 2023 19:44:46 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers via 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront) x-amz-apigw-id epRvPHVbvHcFj4A= x-amz-cf-id hbvDGN6vNM5DF4zIB8faytXokH1K9zf0H73MEjRcbVtsNTGO3-dgmQ== x-amz-cf-pop FRA56-C1 x-amzn-requestid 8bda1aaa-6684-4b16-8177-fe34925595db x-amzn-trace-id Root=1-63c0632e-74a7a5720eb5da5f73ee2d40;Sampled=0 x-cache Miss from cloudfront
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 494 B	226ms 226ms	Image image/gif	104.96.140.70 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=e44bb040-ecd4-4b50-8697-1b6b07881705&session=d55621ba-146a-423f-82e6-fa51d2a8a524&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2012%20Jan%202023%2019%3A44%3A46%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2012%20Jan%202023%2019%3A44%3A45%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20a%20free%202-week%20email%20risk%20assessment%20of%20Armorblox.%20See%20how%20the%20platform%20stops%20BEC%2C%20spear%20phishing%2C%20and%20other%20targeted%20attacks.%20Works%20on%20Office%20365%2C%20Google%20Workspace%2C%20and%20Exchange.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&pageViewId=c8f1d661-c55b-4a96-8825-0718cee7edaa&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-140-70.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:46 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu) etag "60bb2e15-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	220ms 220ms	Image image/gif	104.96.140.70 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=e44bb040-ecd4-4b50-8697-1b6b07881705&session=d55621ba-146a-423f-82e6-fa51d2a8a524&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2012%20Jan%202023%2019%3A44%3A47%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2012%20Jan%202023%2019%3A44%3A46%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20a%20free%202-week%20email%20risk%20assessment%20of%20Armorblox.%20See%20how%20the%20platform%20stops%20BEC%2C%20spear%20phishing%2C%20and%20other%20targeted%20attacks.%20Works%20on%20Office%20365%2C%20Google%20Workspace%2C%20and%20Exchange.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&pageViewId=c8f1d661-c55b-4a96-8825-0718cee7edaa&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-140-70.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:47 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
POST H2	200	bulk Show response metrics.api.drift.com/monitoring/metrics/event2/ Frame 3180	25 B 88 B	120ms 120ms	XHR application/json	50.16.7.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/event2/bulk Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-7-188.compute-1.amazonaws.com Software istio-envoy / Resource Hash f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ accept-language de-DE,de;q=0.9 Authorization User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type application/json Response headers date Thu, 12 Jan 2023 19:44:48 GMT strict-transport-security max-age=31536000; includeSubDomains server istio-envoy requestid fad809c5e9d5551e access-control-max-age 1209600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info vary Accept-Encoding access-control-allow-credentials true x-envoy-upstream-service-time 12 access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 25
OPTIONS H2	200	bulk metrics.api.drift.com/monitoring/metrics/event2/ Frame	0 0	255ms 254ms	Preflight text/plain	50.16.7.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/event2/bulk Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-7-188.compute-1.amazonaws.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://js.driftt.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info access-control-max-age 1209600 allow POST,OPTIONS content-length 13 content-type text/plain date Thu, 12 Jan 2023 19:44:48 GMT requestid drift5aeb12e45398db3cec866a47150 server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-envoy-upstream-service-time 0
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	226ms 226ms	Image image/gif	104.96.140.70 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=e44bb040-ecd4-4b50-8697-1b6b07881705&session=d55621ba-146a-423f-82e6-fa51d2a8a524&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2012%20Jan%202023%2019%3A44%3A48%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2012%20Jan%202023%2019%3A44%3A47%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20a%20free%202-week%20email%20risk%20assessment%20of%20Armorblox.%20See%20how%20the%20platform%20stops%20BEC%2C%20spear%20phishing%2C%20and%20other%20targeted%20attacks.%20Works%20on%20Office%20365%2C%20Google%20Workspace%2C%20and%20Exchange.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&pageViewId=c8f1d661-c55b-4a96-8825-0718cee7edaa&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-140-70.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:48 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	225ms 225ms	Image image/gif	104.96.140.70 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=e44bb040-ecd4-4b50-8697-1b6b07881705&session=d55621ba-146a-423f-82e6-fa51d2a8a524&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2012%20Jan%202023%2019%3A44%3A49%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2012%20Jan%202023%2019%3A44%3A48%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20a%20free%202-week%20email%20risk%20assessment%20of%20Armorblox.%20See%20how%20the%20platform%20stops%20BEC%2C%20spear%20phishing%2C%20and%20other%20targeted%20attacks.%20Works%20on%20Office%20365%2C%20Google%20Workspace%2C%20and%20Exchange.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Armorblox%20%7C%20Get%20Free%20Email%20Risk%20Assessment%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fget.armorblox.com%2Femail-risk-assessment%3Futm_medium%3Dnurture%26utm_source%3Demail%26utm_content%3Demail5%26utm_campaign%3DEC%2B20220130%2BPhishing%2BBOFU%2BMini%2BNurture%26mkt_tok%3DMTc2LVhNSi0wMzAAAAGJRa9CvANULD2sXjMXtwGNwfRp5ffH2d8VWxWZyi7xh9IdtYTNtY7N5t1bkU0DBet6-boRV_u8kTTAIDDrb1079rrGBe09GTLycAdyooKHzA&pageViewId=c8f1d661-c55b-4a96-8825-0718cee7edaa&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-140-70.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.armorblox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 12 Jan 2023 19:44:49 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT