www.malcare.com Open in urlscan Pro
64.227.7.169 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.malcare.com/blog/wordpress-hacked-redirect/
Submission: On June 07 via manual (June 7th 2022, 9:51:17 am UTC) from RS — Scanned from DE

Summary HTTP 175 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 24 domains to perform 175 HTTP transactions. The main IP is 64.227.7.169, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.malcare.com.
TLS certificate: Issued by R3 on April 7th 2022. Valid for: 3 months.

This is the only time www.malcare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
62	64.227.7.169 64.227.7.169	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.248.37 18.66.248.37	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
5 6	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
1	13.225.84.17 13.225.84.17	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:27::... 2620:1ec:27::cafe:1824	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700:440... 2606:4700:4400::ac40:996f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:90c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	13.224.194.86 13.224.194.86	16509 (AMAZON-02) (AMAZON-02)
1	78.46.195.121 78.46.195.121	24940 (HETZNER-AS) (HETZNER-AS)
1	54.69.55.17 54.69.55.17	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
64	13.224.198.92 13.224.198.92	16509 (AMAZON-02) (AMAZON-02)
3	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
2	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
175	29

62 64.227.7.169 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 636807.cloudwaysapps.com

www.malcare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-37.dus51.r.cloudfront.net

script.tapfiliate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 138.199.37.226 (Frankfurt am Main, Germany) 5 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

www0f38.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-17.fra2.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1824 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:996f (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:90c (United States)

ASN13335 (CLOUDFLARENET, US)

in-automate.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-86.fra2.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.195.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.195.46.78.clients.your-server.de

app.blogvault.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.55.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-55-17.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 13.224.198.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-92.fra2.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 4817	751 KB
62	malcare.com www.malcare.com	559 KB
7	gstatic.com fonts.gstatic.com	69 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 534 b.clarity.ms — Cisco Umbrella Rank: 3654 c.clarity.ms — Cisco Umbrella Rank: 1052	26 KB
6	b-cdn.net 5 redirects www0f38.b-cdn.net	107 KB
5	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 5193 bootstrap.api.drift.com — Cisco Umbrella Rank: 5516	367 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	58 KB
3	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 23490	5 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6117	611 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	611 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	2 KB
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2592 api.amplitude.com — Cisco Umbrella Rank: 1305	23 KB
2	sendinblue.com in-automate.sendinblue.com — Cisco Umbrella Rank: 24759	239 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	315 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	114 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 210	553 B
1	blogvault.net app.blogvault.net	879 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 114	15 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1125	5 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	43 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	10 KB
1	tapfiliate.com script.tapfiliate.com — Cisco Umbrella Rank: 26856	4 KB
175	24

	Domain	Requested by
64	js.driftt.com	www.malcare.com js.driftt.com
62	www.malcare.com	www.malcare.com
7	fonts.gstatic.com	fonts.googleapis.com
6	www0f38.b-cdn.net	5 redirects www.malcare.com
3	metrics.api.drift.com	js.driftt.com
3	b.clarity.ms	www.clarity.ms
3	www.google-analytics.com	www.malcare.com www.google-analytics.com
3	sibautomation.com	www.malcare.com sibautomation.com static.cloudflareinsights.com
2	bootstrap.api.drift.com	js.driftt.com
2	c.clarity.ms	1 redirects
2	www.google.de	www.malcare.com
2	www.google.com	www.malcare.com
2	in-automate.sendinblue.com	sibautomation.com
2	www.facebook.com	www.malcare.com
2	www.clarity.ms	www.malcare.com www.clarity.ms
2	fonts.googleapis.com	www.malcare.com
2	connect.facebook.net	www.malcare.com connect.facebook.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	c.bing.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	api.amplitude.com	cdn.amplitude.com
1	app.blogvault.net	www.malcare.com
1	cdn.amplitude.com	www.malcare.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.cloudflareinsights.com	sibautomation.com
1	d3e54v103j8qbb.cloudfront.net	www.malcare.com
1	www.googletagmanager.com	www.malcare.com
1	cdnjs.cloudflare.com	www.malcare.com
1	script.tapfiliate.com	www.malcare.com
175	29

This site contains links to these domains. Also see Links.

Domain
app.malcare.com
malcare.com
blogvault.net
wordpress.org
codex.wordpress.org
api.wordpress.org
www.instagram.com
wpremote.com
airlift.net
twitter.com
www.facebook.com
socialsnap.com

Subject Issuer	Validity	Valid
malcare.com R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-16` - `2022-06-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
tapfiliate.com Amazon	`2021-11-22` - `2022-12-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
sendinblue.com Cloudflare Inc ECC CA-3	`2021-09-29` - `2022-09-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.blogvault.net AlphaSSL CA - SHA256 - G2	`2022-05-26` - `2023-06-27`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.malcare.com/blog/wordpress-hacked-redirect/
Frame ID: 14AE89988DC43DA52175A5E17FB0791F
Requests: 105 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=5lyhedpg07wo96izu8dry2j6
Frame ID: EF2522DEACFE98BF6DF82EB1EB4AE57A
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 64CE1516D91BB7E8F554B820644B8369
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: 16C9A80D3F8AE61363F0E1102336B2B8
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
Frame ID: BDD163BC1C5C2C7BF586C1B98C8E5F55
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

[Solved] WordPress Redirect Hack Malware - 2022 Guide

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

175
Requests

96 %
HTTPS

55 %
IPv6

24
Domains

29
Subdomains

29
IPs

4
Countries

1824 kB
Transfer

5951 kB
Size

17
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://app.malcare.com/users/signup
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://app.malcare.com/users/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://malcare.com/
Title: MalCare

Search URL Search Domain Scan URL

URL: https://blogvault.net/3-reasons-to-use-an-activity-log-on-your-website/
Title: activity logs

Search URL Search Domain Scan URL

URL: https://blogvault.net/
Title: take a backup

Search URL Search Domain Scan URL

URL: https://blogvault.net/recover-crashed-wordpress-site/
Title: crashed website

Search URL Search Domain Scan URL

URL: https://wordpress.org/download/releases/
Title: Download fresh installs of WordPress

Search URL Search Domain Scan URL

URL: https://codex.wordpress.org/WordPress_Files
Title: list of WordPress files

Search URL Search Domain Scan URL

URL: https://blogvault.net/restore-wordpress-from-backup/
Title: restore a backup manually

Search URL Search Domain Scan URL

URL: http://blogvault.net/
Title: Backing up your website

Search URL Search Domain Scan URL

URL: https://api.wordpress.org/secret-key/1.1/salt/
Title: WordPress generator

Search URL Search Domain Scan URL

URL: https://www.instagram.com/

Search URL Search Domain Scan URL

URL: https://wpremote.com/
Title: WP Remote

Search URL Search Domain Scan URL

URL: https://airlift.net/
Title: AirLift

Search URL Search Domain Scan URL

URL: https://twitter.com/malcaresecurity

Search URL Search Domain Scan URL

URL: https://www.facebook.com/malcare

Search URL Search Domain Scan URL

URL: https://app.malcare.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://socialsnap.com/?utm_source=WordPress&utm_medium=link&utm_campaign=inthewild
Title: Social Snap

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www0f38.b-cdn.net/wp-content/themes/wpremote/assets/images/malcare-white-logo.svg HTTP 302
https://www.malcare.com/wp-content/themes/wpremote/assets/images/malcare-white-logo.svg

Request Chain 39

https://www0f38.b-cdn.net/wp-content/themes/wpremote/assets/images/icon-menu.svg HTTP 302
https://www.malcare.com/wp-content/themes/wpremote/assets/images/icon-menu.svg

Request Chain 68

https://www0f38.b-cdn.net/wp-content/themes/wpremote/assets/images/dropdown-arrow-black.svg HTTP 302
https://www.malcare.com/wp-content/themes/wpremote/assets/images/dropdown-arrow-black.svg

Request Chain 80

https://www0f38.b-cdn.net/wp-content/uploads/2019/02/WordPress-Hacked-Redirect.png HTTP 302
https://www.malcare.com/wp-content/uploads/2019/02/WordPress-Hacked-Redirect.png

Request Chain 82

https://www0f38.b-cdn.net/wp-content/uploads/2021/08/wordpress-hacked-redirect-malware-symptoms-2.png HTTP 302
https://www.malcare.com/wp-content/uploads/2021/08/wordpress-hacked-redirect-malware-symptoms-2.png

Request Chain 101

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=D1A64609511E4890A835E4EEE3EF5DFC&RedC=c.clarity.ms&MXFR=15D2A1EC9867662E0281B0509C67687E HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=D1A64609511E4890A835E4EEE3EF5DFC&MUID=05E5215F60316452168C30E3615A6535

175 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.malcare.com/blog/wordpress-hacked-redirect/ 388 KB
50 KB 388ms
188ms Document
text/html 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 078185b582519bb6d5221da1004a005e62ee2112c89e5f565e4e0e4639bddf84

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 51202
content-type: text/html
date: Tue, 07 Jun 2022 09:51:10 GMT
etag: "c802-5debb8a26e7e9"
last-modified: Wed, 11 May 2022 12:25:41 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 31ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: c8aT50fO7GrbTlne7gMgiDGY+uN8/4JI6ucTbsG5nJZA27AKgR7n7842wwvqgusM7Vg4VJX7NA3qjyiEaFhGfQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Jun 2022 09:51:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
756 B 134ms
50ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;1,100;1,500;1,600&display=swap

Requested by

Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0af2e758f25422989b034afee970457904e5f266243be629224106d1f542fbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 09:51:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Jun 2022 09:51:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jun 2022 09:51:11 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 131ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;600&display=swap

Requested by

Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45a461b3b2925fe977e3a8aa3c718a703ecca88ffd89611a8c6a529a4323fa16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 09:51:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Jun 2022 09:51:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jun 2022 09:51:11 GMT

GET
H2 200 download-2.svg
www.malcare.com/wp-content/uploads/2021/09/ 941 B
630 B 173ms
170ms Image
image/svg+xml 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malcare.com/wp-content/uploads/2021/09/download-2.svg
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 504fe8febfe2539be5a046b02c656ef6dc4df985faefb31b7c047cc6f94651e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:36:04 GMT
server: nginx
etag: W/"614c2e64-3ad"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
www.malcare.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 98ms
96ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 06:26:18 GMT
server: nginx
etag: W/"628dcc0a-15b26"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
www.malcare.com/wp-includes/css/dist/components/ 103 KB
15 KB 101ms
99ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-includes/css/dist/components/style.min.css?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 6abba1c5cd542f8f5d4b9561b3315f05ff018a2647f216fbf6ac2002aca567cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 06:26:18 GMT
server: nginx
etag: W/"628dcc0a-19b81"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
www.malcare.com/wp-includes/css/dist/block-editor/ 119 KB
16 KB 159ms
156ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-includes/css/dist/block-editor/style.min.css?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: b84ee65602c75ea856b3934dd36fa2827eb13d73053d538ebf3944388d21c7e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 06:26:18 GMT
server: nginx
etag: W/"628dcc0a-1dc22"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
www.malcare.com/wp-includes/css/dist/nux/ 3 KB
932 B 160ms
157ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-includes/css/dist/nux/style.min.css?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 6da593bb41278863238449ee446ac7a689c10718f2351833aa9e6f1575c3ac21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 06:26:18 GMT
server: nginx
etag: W/"628dcc0a-ae2"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
www.malcare.com/wp-includes/css/dist/reusable-blocks/ 522 B
416 B 161ms
157ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-includes/css/dist/reusable-blocks/style.min.css?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: b065e641c0b9772a645e0596657a0bbabb8470f5ffbcfed95d5100f74c0da056

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 06:25:33 GMT
server: nginx
etag: W/"61f0e95d-20a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
www.malcare.com/wp-includes/css/dist/editor/ 20 KB
4 KB 161ms
157ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-includes/css/dist/editor/style.min.css?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 4abb7aa5439849a3cddb4085a9c39b6ef0a54da587c675c4cb4e9887974e5642

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 06:26:18 GMT
server: nginx
etag: W/"628dcc0a-4fac"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 404 blocks.style.build.css
www.malcare.com/wp-content/plugins/block-slider/dist-free/ 0
0 556ms
552ms Stylesheet
text/html 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/block-slider/dist-free/blocks.style.build.css
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.malcare.com/wp-json/>; rel="https://api.w.org/"
x-ua-compatible: IE=edge

GET
H2 200 blocks.style.build.css
www.malcare.com/wp-content/plugins/kioken-blocks/dist/ 165 KB
20 KB 161ms
158ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/kioken-blocks/dist/blocks.style.build.css?ver=1.3.9
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 5e8451b11024c29e6f0d616c7078888132cf13f2b9f643cb9ab6f16225fb82f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 08:09:08 GMT
server: nginx
etag: W/"614c3624-294b5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 index.css
www.malcare.com/wp-content/plugins/accordion-blocks/build/ 1 KB
746 B 189ms
186ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/accordion-blocks/build/index.css?ver=1.3.5
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 9aa24e56388ed458a18fc35ea6179e768f8074c4cc00e4b129bb608da64ef019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:28:40 GMT
server: nginx
etag: W/"614c2ca8-5ab"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 styles.css
www.malcare.com/wp-content/plugins/better-click-to-tweet/assets/css/ 2 KB
768 B 189ms
186ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/better-click-to-tweet/assets/css/styles.css?ver=3.0
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: ac588a22069fd96f7979ef0eb66728f0c45d9594c49bea515afe79d229591cdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 08:13:36 GMT
server: nginx
etag: W/"614c3730-809"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 socialsnap.css
www.malcare.com/wp-content/plugins/socialsnap/assets/css/ 67 KB
8 KB 191ms
188ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/socialsnap/assets/css/socialsnap.css?ver=1.1.16
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: b8bc5dcbe30b9542978d369b8c9123caa8e9694c34940447e131d57a6ca2b02b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:32:24 GMT
server: nginx
etag: W/"614c2d88-10bfa"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 pagenavi-css.css
www.malcare.com/wp-content/plugins/wp-pagenavi/ 374 B
399 B 191ms
188ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:42:48 GMT
server: nginx
etag: W/"614c2ff8-176"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 widget-areas.min.css
www.malcare.com/wp-content/themes/generatepress/assets/css/components/ 3 KB
855 B 191ms
188ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.0.2
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:50:52 GMT
server: nginx
etag: W/"614c31dc-d1e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 main.min.css
www.malcare.com/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 191ms
189ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.0.2
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 344ddf0d6056897c3f372babdcd25b8ebd575e42c48abd8537fe410b3ae31ec8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 08:12:45 GMT
server: nginx
etag: W/"614c36fd-4b80"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.css
www.malcare.com/wp-content/themes/wpremote/ 14 KB
4 KB 192ms
189ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/themes/wpremote/style.css?ver=1636442238
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: d5f8abdb31f82b34a29f24f096718328b7a2339a8968472a9458c949d2e81695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 07:17:18 GMT
server: nginx
etag: W/"618a207e-3702"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 sassy-social-share-public.css
www.malcare.com/wp-content/plugins/sassy-social-share/public/css/ 36 KB
10 KB 200ms
198ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.25
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 2c5b024ac47363f4d7bb9f9ba156f11847254f45d37783068345e1217ce3fd25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 06:11:30 GMT
server: nginx
etag: W/"6178ed92-8ff4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 sassy-social-share-default-svg-horizontal.css
www.malcare.com/wp-content/plugins/sassy-social-share/admin/css/ 115 KB
32 KB 219ms
217ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-default-svg-horizontal.css?ver=3.3.25
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 5415caccc5fb8dba5d23e4fbbce03b240a51dd8182b4e510dc109c647a3cd843

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 06:11:47 GMT
server: nginx
etag: W/"6178eda3-1cca1"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 sassy-social-share-hover-svg-horizontal.css
www.malcare.com/wp-content/plugins/sassy-social-share/admin/css/ 117 KB
32 KB 250ms
248ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-hover-svg-horizontal.css?ver=3.3.25
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: dd55038ce7e52ae5bc5793164c1fb0c82e3f0e2440329f6be3640dad81473356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 06:11:47 GMT
server: nginx
etag: W/"6178eda3-1d3df"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 sassy-social-share-svg.css
www.malcare.com/wp-content/plugins/sassy-social-share/admin/css/ 111 KB
35 KB 279ms
278ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.25
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 7f8fc2a8f340314b8c37cf2e52c17df22e0b6e756625c61dd87f650ee28fdb37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 06:11:30 GMT
server: nginx
etag: W/"6178ed92-1baf8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 tablepress-combined.min.css
www.malcare.com/wp-content/ 6 KB
3 KB 283ms
281ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/tablepress-combined.min.css?ver=14
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: dfbfabb2c803e0b3a45ae00f1b7df4aeefe5a9edf1bf80ad9d1dfa463bed3040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 09:47:16 GMT
server: nginx
etag: W/"619e0a24-16ed"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 normalize.css
www.malcare.com/wp-content/themes/wpremote/assets/css/ 8 KB
3 KB 283ms
281ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/themes/wpremote/assets/css/normalize.css?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 37743dc1ed092a174e95bd76c66f1a2e332d491882f1091627388cb7e490ca1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 08:10:21 GMT
server: nginx
etag: W/"614c366d-1e5b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 webflow.css
www.malcare.com/wp-content/themes/wpremote/assets/css/ 38 KB
9 KB 290ms
288ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/themes/wpremote/assets/css/webflow.css?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: ac06f9b1363a943d1f00c4c2226a53f010622487bdea8b2ced2ccefeb336323a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 08:01:06 GMT
server: nginx
etag: W/"614c3442-98c4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 wp-remote.webflow.css
www.malcare.com/wp-content/themes/wpremote/assets/css/ 268 KB
26 KB 324ms
322ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/themes/wpremote/assets/css/wp-remote.webflow.css?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: e14330bf22e4bb1192f29369dad8c6916e6fc5f3aec220f862456a105b0c552f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:34:35 GMT
server: nginx
etag: W/"614c2e0b-42efd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 mailin-front.css
www.malcare.com/wp-content/plugins/mailin/css/ 3 KB
909 B 325ms
323ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/mailin/css/mailin-front.css?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 3c288f0c3cb0999bbd6a9f6486f6b13064ead24052234ac35f8b053b9db9ae96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 12:27:30 GMT
server: nginx
etag: W/"620e3f32-a79"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
www.malcare.com/wp-includes/js/jquery/ 87 KB
30 KB 338ms
337ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 21:21:23 GMT
server: nginx
etag: W/"6109b353-15db1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
www.malcare.com/wp-includes/js/jquery/ 11 KB
4 KB 345ms
343ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 21:21:23 GMT
server: nginx
etag: W/"6109b353-2bd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 tapfiliate.js Show response
script.tapfiliate.com/ 11 KB
4 KB 38ms
10ms Script
text/javascript 18.66.248.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.tapfiliate.com/tapfiliate.js?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-37.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75cdd0cd8782116ba8444dabd993758b1b349843584c9631f4f24a4295b98940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 14:47:17 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 09:38:20 GMT
server: AmazonS3
age: 68635
etag: W/"3a5177f5482ab61da6a0eb7587446403"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: lcL0UutLCwaU4Xvtw8B4sL2iUNGEzfy7PEAQo6vtk2TuCUtIV0BxOw==

GET
H2 200 amplitude.js Show response
www.malcare.com/wp-content/plugins/wp_script_loader/js/ 2 KB
1 KB 345ms
344ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/wp_script_loader/js/amplitude.js?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: b0186a72bcf7ef32610a7b7a8c25b2c20d4c3a4cdf85c37e878aef6bf018fc74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 09:48:15 GMT
server: nginx
etag: W/"621debdf-8fa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 pricing.js Show response
www.malcare.com/wp-content/plugins/wp_script_loader/js/ 3 KB
1 KB 345ms
344ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/wp_script_loader/js/pricing.js?v=2.4&ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 9c10cb45c49a7942b3f9f4b59317b8d20a301603767ff94141c5e8d4c8e1b704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 07:14:19 GMT
server: nginx
etag: W/"6215decb-df4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 affpix.js Show response
www.malcare.com/wp-content/plugins/wp_script_loader/js/ 350 B
431 B 346ms
344ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/wp_script_loader/js/affpix.js?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 641e04b5719e99455a7e32ee34fab860209cbb9f1041a53f4f75217d57388565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 09:50:57 GMT
server: nginx
etag: W/"621dec81-15e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 mailin-front.js Show response
www.malcare.com/wp-content/plugins/mailin/js/ 12 KB
3 KB 346ms
345ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/mailin/js/mailin-front.js?ver=1645100850
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: d8469ad6e03ba1a6c2c9fee151001c818233baff45efada0b93f6d864c21dbb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 12:27:30 GMT
server: nginx
etag: W/"620e3f32-2fe7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 1076390.css
www.malcare.com/wp-content/uploads/custom-css-js/ 4 KB
1 KB 346ms
345ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/uploads/custom-css-js/1076390.css?v=9433
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 22ba628d4afe29b141ab2f48e06a0f2b813359eaeec7e0b87f7e65dbafe61126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 11:30:58 GMT
server: nginx
etag: W/"619f73f2-111c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 42 KB
10 KB 64ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.malcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1697950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9283
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEfHaeB%2Fk6zKL95S982WOss%2Bzjdw6ovF1rwJR8bsj6fP3KPyFh3YkYDy6QOK3qtbQYHK87Z%2F8ClLNpmJvVa5A2S25xQdB1RsAk53rCF0Aaj%2FjwwVr32r2A9cARrHYhB0jvXrO%2B1Yllaq3IbSTESugYKb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71787cdefd7e9b5d-FRA
expires: Sun, 28 May 2023 09:51:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
43 KB 140ms
52ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-703964467

Requested by

Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b40d31072ce6553358f2bd8a90da92c13f45841dd79ffc681b721a1c97cbd5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43209
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Jun 2022 09:51:11 GMT

GET
H2

200

malcare-white-logo.svg
www.malcare.com/wp-content/themes/wpremote/assets/images/
Redirect Chain

https://www0f38.b-cdn.net/wp-content/themes/wpremote/assets/images/malcare-white-logo.svg
https://www.malcare.com/wp-content/themes/wpremote/assets/images/malcare-white-logo.svg

13 KB
4 KB

95ms
95ms

Image
image/svg+xml

64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malcare.com/wp-content/themes/wpremote/assets/images/malcare-white-logo.svg
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 325077f3aa4112f63deba923253aef4868bf2f03eec6fd9452c2a63b6201e561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:52:43 GMT
server: nginx
etag: W/"614c324b-3460"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

Redirect headers

date: Tue, 07 Jun 2022 09:51:11 GMT
cdn-edgestorageid: 832
cdn-cachedat: 06/03/2022 08:21:35
cdn-pullzone: 749233
content-length: 154
server: BunnyCDN-DE1-832
cdn-proxyver: 1.02
cdn-requestpullcode: 302
content-type: text/html
location: https://www.malcare.com/wp-content/themes/wpremote/assets/images/malcare-white-logo.svg
cdn-uid: 01387614-f9e8-4427-84d8-770250b47ece
cdn-requestid: 2c1fc69c0a6d720edbb48c1ddabe8fcc
cdn-requestcountrycode: DE
cdn-cache: HIT
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

icon-menu.svg
www.malcare.com/wp-content/themes/wpremote/assets/images/
Redirect Chain

https://www0f38.b-cdn.net/wp-content/themes/wpremote/assets/images/icon-menu.svg
https://www.malcare.com/wp-content/themes/wpremote/assets/images/icon-menu.svg

408 B
341 B

95ms
94ms

Image
image/svg+xml

64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malcare.com/wp-content/themes/wpremote/assets/images/icon-menu.svg
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 6f6b157bb8a0accd0bbb8868450e4609ca7b841b4f05f7992f405532d6df335b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 08:09:31 GMT
server: nginx
etag: W/"614c363b-198"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

Redirect headers

date: Tue, 07 Jun 2022 09:51:11 GMT
cdn-edgestorageid: 832
cdn-cachedat: 05/14/2022 07:02:59
cdn-pullzone: 749233
content-length: 154
server: BunnyCDN-DE1-832
cdn-proxyver: 1.02
cdn-requestpullcode: 302
content-type: text/html
location: https://www.malcare.com/wp-content/themes/wpremote/assets/images/icon-menu.svg
cdn-uid: 01387614-f9e8-4427-84d8-770250b47ece
cdn-requestid: 5b71fece64d7db18f479603a6696ee66
cdn-requestcountrycode: DE
cdn-cache: HIT
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 1024007295079549 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 11ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1024007295079549?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e08850bb386b512144dda1270bbe145096f895a31c038807ba5e4812d88117af

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88831
x-xss-protection: 0
pragma: public
x-fb-debug: qobS22MRs7daBX9Sw6eKzi2y4CwNdYQw1thfqzqXArtVrRHslwDrpUbkDUIKfL/QiGr+WrKd4oriqBoS98Bo9w==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 07 Jun 2022 09:51:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 so-css-generatepress.css
www.malcare.com/wp-content/uploads/so-css/ 620 B
489 B 94ms
94ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/uploads/so-css/so-css-generatepress.css?ver=1633086376
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: aef346529b70c79840209a23f804f951d2fd23cf430d19b04c53bdc86416c4ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 11:06:16 GMT
server: nginx
etag: W/"6156eba8-26c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 main.min.css
www.malcare.com/wp-content/plugins/luckywp-table-of-contents/front/assets/ 3 KB
908 B 95ms
94ms Stylesheet
text/css 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/luckywp-table-of-contents/front/assets/main.min.css?ver=2.1.4
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 5978d7eee4b0fb37c9409a3315f1ca722ebd7dfd476a42e9efa8cb016c076414

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:42:00 GMT
server: nginx
etag: W/"614c2fc8-bd5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 404 custom_frontend.js
www.malcare.com/wp-content/plugins/block-slider/dist-free/ 0
0 301ms
301ms Script
text/html 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/block-slider/dist-free/custom_frontend.js
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.malcare.com/wp-json/>; rel="https://api.w.org/"
x-ua-compatible: IE=edge

GET
H2 200 core.min.js Show response
www.malcare.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 96ms
96ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 06:26:18 GMT
server: nginx
etag: W/"628dcc0a-50eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 datepicker.min.js Show response
www.malcare.com/wp-includes/js/jquery/ui/ 36 KB
11 KB 99ms
94ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 2e65f5c3b3b4c402074c19dee3d24d6bc02a8a86b19c8c992a4a6e78b254b2cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 06:26:18 GMT
server: nginx
etag: W/"628dcc0a-8f87"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 swiper.min.js Show response
www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/ 125 KB
33 KB 108ms
102ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/swiper.min.js?ver=4.5.0
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 60ea65c5df7567e92d3045440207c416bbf29a32a4274bcc38003f74ee18ba4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:29:30 GMT
server: nginx
etag: W/"614c2cda-1f397"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 anime.min.js Show response
www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/ 17 KB
7 KB 111ms
106ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/anime.min.js?ver=3.1.0
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:38:55 GMT
server: nginx
etag: W/"614c2f0f-4377"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 ScrollMagic.min.js Show response
www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/scrollmagic/ 17 KB
6 KB 112ms
107ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/scrollmagic/ScrollMagic.min.js?ver=2.0.7
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: da9dad45994fa30a773ffd383f0daba950926e1c95fc807b644554825ac34bf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:57:16 GMT
server: nginx
etag: W/"614c335c-4416"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 animation.anime.min.js Show response
www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/ 750 B
563 B 113ms
108ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/animation.anime.min.js?ver=1.0.0
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 70623b1280dea25e9785ed60ce0ae8f398cf454878ee8bd3838bfce991fe5285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:34:15 GMT
server: nginx
etag: W/"614c2df7-2ee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jarallax.min.js Show response
www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/jarallax/dist/ 15 KB
5 KB 114ms
109ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/jarallax/dist/jarallax.min.js?ver=1.12.0
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: a9e934f6ab1a45cf0e4cb01a607ad712bbde00573b82170eee5650aaf5038915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:46:41 GMT
server: nginx
etag: W/"614c30e1-3c7c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jarallax-video.min.js Show response
www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/jarallax/dist/ 17 KB
5 KB 116ms
111ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/jarallax/dist/jarallax-video.min.js?ver=1.10.7
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 95225801348e0cfbd9f7fcdd1bfe7c05b639f2747e51a8fc33e9457ad8242dc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:56:56 GMT
server: nginx
etag: W/"614c3348-4245"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 ResizeObserver.global.min.js Show response
www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/resize-observer-polyfill/ 8 KB
3 KB 120ms
116ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/kioken-blocks/dist/vendor/resize-observer-polyfill/ResizeObserver.global.min.js?ver=1.5.0
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 82c2f34fce10d76fe1ab747c69923e544f6c94dc497446dd556dc7e866abcc8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:47:35 GMT
server: nginx
etag: W/"614c3117-1e41"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 kiokenblocks-min.js Show response
www.malcare.com/wp-content/plugins/kioken-blocks/dist/js/ 32 KB
8 KB 122ms
117ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/kioken-blocks/dist/js/kiokenblocks-min.js?ver=1.3.9
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: bac7243051a702289aacfeb92111a3d2683ef504ad4916baae68e0eb61f49a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:32:47 GMT
server: nginx
etag: W/"614c2d9f-8136"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 accordion-blocks.min.js Show response
www.malcare.com/wp-content/plugins/accordion-blocks/js/ 3 KB
1 KB 122ms
117ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/accordion-blocks/js/accordion-blocks.min.js?ver=1.3.5
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: a204849a0777563cc401d76d1a8e1ab5c5a6c554d391c0b24493985b4a4f42af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:57:16 GMT
server: nginx
etag: W/"614c335c-a2c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 frontend.js Show response
www.malcare.com/wp-content/plugins/link-whisper-premium/js/ 9 KB
3 KB 122ms
118ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/link-whisper-premium/js/frontend.js?ver=1650876194
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 2b097154b541eccff5cad8e46948eea5cd7effa7cb61c534b1443c253c3ca2eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 08:43:14 GMT
server: nginx
etag: W/"62665f22-25c3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 socialsnap.js Show response
www.malcare.com/wp-content/plugins/socialsnap/assets/js/ 13 KB
4 KB 123ms
118ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/socialsnap/assets/js/socialsnap.js?ver=1.1.16
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: ccfee5e52ffcd8114f8f020db2175d6b70c6001fc354addced4f0691b2cf3d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 08:03:26 GMT
server: nginx
etag: W/"614c34ce-32d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 main.min.js Show response
www.malcare.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 123ms
119ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.2
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:51:45 GMT
server: nginx
etag: W/"614c3211-1c98"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
www.malcare.com/wp-content/plugins/thrive-leads/thrive-dashboard/js/dist/ 3 KB
1 KB 123ms
119ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/thrive-leads/thrive-dashboard/js/dist/frontend.min.js?ver=2.9
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 6e244abc7224f0d09a459628f4b146d1eab85dbeafad852405cd2dfca3648469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:55:57 GMT
server: nginx
etag: W/"614c330d-b69"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 sassy-social-share-public.js Show response
www.malcare.com/wp-content/plugins/sassy-social-share/public/js/ 43 KB
11 KB 126ms
122ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.25
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 04e107d701fdd6867cb72ba7ceaf313bd068ae7959ec429cab8449d96c30beff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 06:11:30 GMT
server: nginx
etag: W/"6178ed92-ac76"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 detectmobilebrowser.js Show response
www.malcare.com/wp-content/plugins/mystickysidebar/js/ 2 KB
2 KB 170ms
166ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/mystickysidebar/js/detectmobilebrowser.js?ver=1.2.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: f6072019ba53a652c426b2621fb6e94a4cbc3fba6f5c0a7106a1960156e2e83f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:48:36 GMT
server: nginx
etag: W/"614c3154-8a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 theia-sticky-sidebar.js Show response
www.malcare.com/wp-content/plugins/mystickysidebar/js/ 17 KB
4 KB 170ms
167ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/mystickysidebar/js/theia-sticky-sidebar.js?ver=1.2.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 1703069345adf5d12f98c3fc3f1b3b962f7166997840cea53ac0df14208ee51f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:59:08 GMT
server: nginx
etag: W/"614c33cc-4455"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 40ms
9ms Script
application/javascript 13.225.84.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=600c51b7eba1465e7f6daa06&ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-17.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 05:07:53 GMT
content-encoding: gzip
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
age: 19458
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Tq3JF6D1nZfbYXWda9o5DGSoW1G3izMD1Kpr0cbYNMstObMo96d_Qg==

GET
H2 200 webflow.js Show response
www.malcare.com/wp-content/themes/wpremote/assets/js/ 43 KB
13 KB 172ms
169ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/themes/wpremote/assets/js/webflow.js?ver=5.9.3
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: b23b45fbc35202e27d6331dda72c05480b16f6adc89584cee2cd31fca7d1fd40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:37:56 GMT
server: nginx
etag: W/"614c2ed4-aaa0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 main.min.js Show response
www.malcare.com/wp-content/plugins/luckywp-table-of-contents/front/assets/ 4 KB
2 KB 173ms
170ms Script
application/javascript 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/plugins/luckywp-table-of-contents/front/assets/main.min.js?ver=2.1.4
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/blog/wordpress-hacked-redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:58:35 GMT
server: nginx
etag: W/"614c33ab-e5e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 52m48ugl3d Show response
www.clarity.ms/tag/ 1 KB
2 KB 173ms
112ms Script
application/x-javascript 2620:1ec:27::cafe:1824
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/52m48ugl3d?ref=wordpress
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1824 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 4015b7c5d70fba675f3c74b8d14e60484c2a5709425c2b77dc39d2a76d45c666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
x-powered-by: ASP.NET
x-azure-ref: 0jx+fYgAAAAATx09hLJEtRJWEQxHTE1E/UFJHMDFFREdFMDYxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 sa.js Show response
sibautomation.com/ 8 KB
3 KB 86ms
48ms Script
text/javascript 2606:4700:4400::ac40:996f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/sa.js?key=5lyhedpg07wo96izu8dry2j6

Requested by

Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Sails <sailsjs.com>

Resource Hash

34bfb1c53f424622eaeb0088d84f3b25fbc4ecc69ed4c4f56cee6c686a1f1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1304
x-powered-by: Sails <sailsjs.com>
x-xss-protection: 1
x-sib-server: SENDINBLUE-web2-3
cf-bgj: minify
server: cloudflare
etag: W/"29a2-gRmwV3XPXh5L7NMphJcvqKdlvX8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-polished: origSize=10658
cf-ray: 71787ce288526983-FRA
expires: Tue, 07 Jun 2022 13:51:11 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 136ms
50ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;1,100;1,500;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:25:01 GMT
x-content-type-options: nosniff
age: 483970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:25:01 GMT

GET
H2

200

dropdown-arrow-black.svg
www.malcare.com/wp-content/themes/wpremote/assets/images/
Redirect Chain

https://www0f38.b-cdn.net/wp-content/themes/wpremote/assets/images/dropdown-arrow-black.svg
https://www.malcare.com/wp-content/themes/wpremote/assets/images/dropdown-arrow-black.svg

175 B
327 B

95ms
95ms

Image
image/svg+xml

64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malcare.com/wp-content/themes/wpremote/assets/images/dropdown-arrow-black.svg
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 9ae9ad5edded5a9585ffcf733c18929868b964ba927983b89b5ab62744152813

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 08:15:53 GMT
server: nginx
etag: W/"614c37b9-af"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

Redirect headers

date: Tue, 07 Jun 2022 09:51:11 GMT
cdn-edgestorageid: 832
cdn-cachedat: 06/03/2022 08:21:35
cdn-pullzone: 749233
content-length: 154
server: BunnyCDN-DE1-832
cdn-proxyver: 1.02
cdn-requestpullcode: 302
content-type: text/html
location: https://www.malcare.com/wp-content/themes/wpremote/assets/images/dropdown-arrow-black.svg
cdn-uid: 01387614-f9e8-4427-84d8-770250b47ece
cdn-requestid: a0a6360bc52a7ff349c685e224e84f21
cdn-requestcountrycode: DE
cdn-cache: HIT
cdn-status: 302
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 305 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a72b40cab80d207f6b7e087f03a6d86c100028b694352a5e937cee8083f149a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 685 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4c8ea9766d350cc3b7f100da44dc7d247c2ed83093cf016ae40cad27ca43af9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 751 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e711aacb5fdf99673f75dba5376d1e21edd31b36df1d916ffe9221701421775a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 339 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06468867329ad335b5dcbe2ad8e8870155f089e89fb9529982ed16981e904aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 132ms
75ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;1,100;1,500;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:25:01 GMT
x-content-type-options: nosniff
age: 483970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:25:01 GMT

GET
H2 200 -F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2
fonts.gstatic.com/s/ibmplexmono/v12/ 13 KB
14 KB 97ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexmono/v12/-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35119f009978d34825a2c5de94294bde9bca2f932298b5dd7451302b7ee1a1e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:03:39 GMT
x-content-type-options: nosniff
age: 575252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13656
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 18:03:39 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 162ms
106ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;1,100;1,500;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 483971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:25:00 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 9 KB
9 KB 155ms
99ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;1,100;1,500;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:25:13 GMT
x-content-type-options: nosniff
age: 483958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8724
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:25:13 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 138ms
82ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;1,100;1,500;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:27:48 GMT
x-content-type-options: nosniff
age: 483803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8504
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:30:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:27:48 GMT

GET
H2 200 -F6qfjptAgt5VM-kVkqdyU8n3vAOwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v12/ 14 KB
14 KB 144ms
89ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexmono/v12/-F6qfjptAgt5VM-kVkqdyU8n3vAOwlBFgg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3081f8324018aabea6799ce710d1dd62989fe1fb95ebe8e3ea76906c8e9ee35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:04:26 GMT
x-content-type-options: nosniff
age: 575205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14604
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:53:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 18:04:26 GMT

GET
H2 200 SpaceGrotesk-Bold.woff2
www.malcare.com/wp-content/themes/wpremote/assets/fonts/ 34 KB
34 KB 136ms
136ms Font
application/font-woff2 64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malcare.com/wp-content/themes/wpremote/assets/fonts/SpaceGrotesk-Bold.woff2
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/wp-content/themes/wpremote/assets/css/wp-remote.webflow.css?ver=5.9.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 2f88bd4ecd4244c6dce04eee19c6fe471bc29a6fdcfc5d190aba1eeab2ec212a

Request headers

Referer: https://www.malcare.com/wp-content/themes/wpremote/assets/css/wp-remote.webflow.css?ver=5.9.3
Origin: https://www.malcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
last-modified: Thu, 23 Sep 2021 07:51:20 GMT
server: nginx
etag: "614c31f8-8738"
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 34616

GET
H2

200

WordPress-Hacked-Redirect.png
www.malcare.com/wp-content/uploads/2019/02/
Redirect Chain

https://www0f38.b-cdn.net/wp-content/uploads/2019/02/WordPress-Hacked-Redirect.png
https://www.malcare.com/wp-content/uploads/2019/02/WordPress-Hacked-Redirect.png

26 KB
26 KB

96ms
95ms

Image
image/png

64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malcare.com/wp-content/uploads/2019/02/WordPress-Hacked-Redirect.png
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 71ab6e6aa5f1a68ede54856970b1d7e4c65bfd997172bd92e3a51c0f0ec8ba84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
last-modified: Thu, 23 Sep 2021 07:48:40 GMT
server: nginx
etag: "614c3158-6932"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 26930

Redirect headers

date: Tue, 07 Jun 2022 09:51:11 GMT
cdn-edgestorageid: 832
cdn-cachedat: 06/03/2022 13:34:03
cdn-pullzone: 749233
content-length: 154
server: BunnyCDN-DE1-832
cdn-proxyver: 1.02
cdn-requestpullcode: 302
content-type: text/html
location: https://www.malcare.com/wp-content/uploads/2019/02/WordPress-Hacked-Redirect.png
cdn-uid: 01387614-f9e8-4427-84d8-770250b47ece
cdn-requestid: bad1a49514427a86831f5b24a4acbf9c
cdn-requestcountrycode: DE
cdn-cache: HIT
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 Screenshot-2021-03-30-at-15.21.55-1024x422.png
www0f38.b-cdn.net/wp-content/uploads/2021/03/ 105 KB
105 KB 8ms
8ms Image
image/png 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www0f38.b-cdn.net/wp-content/uploads/2021/03/Screenshot-2021-03-30-at-15.21.55-1024x422.png
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: 7f33a3574451ba7144672513afd122b508797dbf16aa59ff565e8a0a0108b775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
cdn-edgestorageid: 832
cdn-cachedat: 05/02/2022 10:26:32
cdn-pullzone: 749233
content-length: 107111
server: BunnyCDN-DE1-832
last-modified: Mon, 04 Apr 2022 08:32:47 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "624aad2f-1a267"
content-type: image/png
cdn-cache: HIT
cdn-uid: 01387614-f9e8-4427-84d8-770250b47ece
cache-control: public, max-age=2592000
cdn-requestid: 67421319e1ee0863fb5751696bba1eeb
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

wordpress-hacked-redirect-malware-symptoms-2.png
www.malcare.com/wp-content/uploads/2021/08/
Redirect Chain

https://www0f38.b-cdn.net/wp-content/uploads/2021/08/wordpress-hacked-redirect-malware-symptoms-2.png
https://www.malcare.com/wp-content/uploads/2021/08/wordpress-hacked-redirect-malware-symptoms-2.png

34 KB
34 KB

95ms
94ms

Image
image/png

64.227.7.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malcare.com/wp-content/uploads/2021/08/wordpress-hacked-redirect-malware-symptoms-2.png
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/
Protocol: H2
Server: 64.227.7.169 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 636807.cloudwaysapps.com
Software: nginx /
Resource Hash: 8889f9df9e70d68e6871016dee9dc3bebbbcf2276c97d9b706a9d72c4f9286c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
last-modified: Thu, 23 Sep 2021 08:15:20 GMT
server: nginx
etag: "614c3798-8908"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 35080

Redirect headers

date: Tue, 07 Jun 2022 09:51:11 GMT
cdn-edgestorageid: 832
cdn-cachedat: 06/01/2022 09:29:30
cdn-pullzone: 749233
content-length: 154
server: BunnyCDN-DE1-832
cdn-proxyver: 1.02
cdn-requestpullcode: 302
content-type: text/html
location: https://www.malcare.com/wp-content/uploads/2021/08/wordpress-hacked-redirect-malware-symptoms-2.png
cdn-uid: 01387614-f9e8-4427-84d8-770250b47ece
cdn-requestid: bb8c1b2d8ad3163e68259306788185d1
cdn-requestcountrycode: DE
cdn-cache: HIT
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 31ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1024007295079549&ev=PageView&dl=https%3A%2F%2Fwww.malcare.com%2Fblog%2Fwordpress-hacked-redirect%2F&rl=&if=false&ts=1654595471839&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654595471837.1637983975&it=1654595471188&coo=false&exp=p0&rqm=GET

Requested by

Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 07 Jun 2022 09:51:11 GMT

GET
H2 200 cm.html Show response
sibautomation.com/ Frame EF25 3 KB
2 KB 25ms
25ms Document
text/html 2606:4700:4400::ac40:996f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/cm.html?key=5lyhedpg07wo96izu8dry2j6

Requested by

Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=5lyhedpg07wo96izu8dry2j6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Sails <sailsjs.com>

Resource Hash

60dbe8eaf69ff82e86951f9ef5190326994240464dd1a192af07b121dd5a51bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.malcare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 20575
cache-control: public, max-age=7200
cf-apo-via: origin,host
cf-cache-status: HIT
cf-ray: 71787ce339c76983-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 Jun 2022 09:51:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 07 Jun 2022 11:51:11 GMT
last-modified: Tue, 07 Jun 2022 04:08:16 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Sails <sailsjs.com>
x-sib-server: SENDINBLUE-web1-2
x-xss-protection: 1

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame EF25 14 KB
5 KB 85ms
51ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=5lyhedpg07wo96izu8dry2j6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://sibautomation.com/
Origin: https://sibautomation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:12 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 71787ce3ff539b8e-FRA

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.34/ 53 KB
23 KB 112ms
112ms Script
application/javascript 2620:1ec:27::cafe:1824
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/52m48ugl3d?ref=wordpress
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1824 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:11 GMT
content-encoding: br
etag: "1d8778699f9e854"
last-modified: Fri, 03 Jun 2022 20:15:00 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0jx+fYgAAAAAjZCt35poCR45r1jWX0L4hUFJHMDFFREdFMDYxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 204 cm Show response
in-automate.sendinblue.com/ Frame EF25 0
203 B 112ms
78ms XHR
text/plain 2606:4700::6811:90c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.sendinblue.com/cm?uuid=be66a984-a8e9-4660-af42-ce6b658f1b10&key=5lyhedpg07wo96izu8dry2j6&cuid=6aa5ef8f-1d3d-4973-a011-c3d16f6fcdd9
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=5lyhedpg07wo96izu8dry2j6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sibautomation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache
cf-apo-via: origin,host
cf-ray: 71787ce40d4e9078-FRA

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 158ms
59ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-703964467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Jun 2022 09:51:12 GMT

GET
H2 200 amplitude-4.2.1-min.gz.js Show response
cdn.amplitude.com/libs/ 68 KB
23 KB 47ms
9ms Script
application/javascript 13.224.194.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-4.2.1-min.gz.js
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/wp-content/plugins/wp_script_loader/js/amplitude.js?ver=5.9.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-86.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56e81c364da2cf5172aa095f02558ee2f440585d21cbe8d6746a0e473c0c8e2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 19:00:15 GMT
content-encoding: gzip
age: 13704658
x-cache: Hit from cloudfront
content-length: 23404
access-control-allow-origin: *
last-modified: Mon, 21 Oct 2019 15:45:35 GMT
server: AmazonS3
etag: "addb3457c5f65c867ae2be9606542893"
x-amz-version-id: 2PesFonHu677Rw5PZ53UUToyHVzesxrU
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: urhUr-OgmKL1xfNEMTuwUY5S5aL8F-4fp-1JWSuZIN4RrQD21M7o-Q==

GET
H/1.1 200
OK affpix.js Show response
app.blogvault.net/assets/ 923 B
879 B 54ms
17ms Script
application/javascript 78.46.195.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.blogvault.net/assets/affpix.js
Requested by: Host: www.malcare.com
URL: https://www.malcare.com/wp-content/plugins/wp_script_loader/js/affpix.js?ver=5.9.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.195.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.195.46.78.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1542af552f0720b6d61b8648a4331b7769182f00e749f5f87e94b5a3d5a03427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Runtime: 0.001876
Date: Tue, 07 Jun 2022 09:51:12 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"1542af552f0720b6d61b8648a4331b7769182f00e749f5f87e94b5a3d5a03427"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: ca115c2c-e053-4d96-ab5c-e6a99ca2061a

POST
H2 200 rum Show response
sibautomation.com/cdn-cgi/ Frame EF25 0
81 B 18ms
17ms XHR
text/plain 2606:4700:4400::ac40:996f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sibautomation.com/cm.html?key=5lyhedpg07wo96izu8dry2j6
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Jun 2022 09:51:12 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 71787ce45be96983-FRA
x-frame-options: DENY

POST
H2 200 / Show response
api.amplitude.com/ 7 B
168 B 532ms
173ms XHR
text/html 54.69.55.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-4.2.1-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.55.17 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-55-17.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.malcare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Jun 2022 09:51:12 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 986
date: Tue, 07 Jun 2022 09:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Jun 2022 11:34:46 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/703964467/ 2 KB
2 KB 129ms
48ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/703964467/?random=1654595472152&cv=9&fst=1654595472152&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malcare.com%2Fblog%2Fwordpress-hacked-redirect%2F&tiba=%5BSolved%5D%20WordPress%20Redirect%20Hack%20Malware%20-%202022%20Guide&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

653b8f46ab48136b0fd3f4bc345bfa3176d38ee87007789f04410832e6ab86bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 09:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
175 B 489ms
290ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.malcare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.malcare.com
date: Tue, 07 Jun 2022 09:51:11 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 204 p Show response
in-automate.sendinblue.com/ 0
36 B 73ms
73ms XHR
text/plain 2606:4700::6811:90c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.sendinblue.com/p?key=5lyhedpg07wo96izu8dry2j6&cuid=6aa5ef8f-1d3d-4973-a011-c3d16f6fcdd9&ma_url=https%3A%2F%2Fwww.malcare.com%2Fblog%2Fwordpress-hacked-redirect%2F&sib_type=page&ma_title=%5BSolved%5D%20WordPress%20Redirect%20Hack%20Malware%20-%202022%20Guide&sib_name=%5BSolved%5D%20WordPress%20Redirect%20Hack%20Malware%20-%202022%20Guide&ma_referrer=&ma_path=%2Fblog%2Fwordpress-hacked-redirect%2F
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=5lyhedpg07wo96izu8dry2j6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache
cf-apo-via: origin,host
cf-ray: 71787ce5981f9078-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/703964467/ 42 B
548 B 137ms
51ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/703964467/?random=1654595472152&cv=9&fst=1654592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malcare.com%2Fblog%2Fwordpress-hacked-redirect%2F&tiba=%5BSolved%5D%20WordPress%20Redirect%20Hack%20Malware%20-%202022%20Guide&async=1&fmt=3&is_vtc=1&random=2606150346&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 09:51:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/703964467/ 42 B
548 B 136ms
50ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/703964467/?random=1654595472152&cv=9&fst=1654592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malcare.com%2Fblog%2Fwordpress-hacked-redirect%2F&tiba=%5BSolved%5D%20WordPress%20Redirect%20Hack%20Malware%20-%202022%20Guide&async=1&fmt=3&is_vtc=1&random=2606150346&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 09:51:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 97 KB
38 KB 132ms
53ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-592FKPF&cid=1704951691.1654595472

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e8d0f0da894de0b63dcaf04f0845502bccad3b15e31c7471000888fc14cf50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:51:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38704
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Jun 2022 09:51:12 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 64CE 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.malcare.com
Referer: https://www.malcare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.malcare.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 09:51:12 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=D1A64609511E4890A835E4EEE3EF5DFC&RedC=c.clarity.ms&MXFR=15D2A1EC9867662E0281B0509C67687E
https://c.clarity.ms/c.gif?CtsSyncId=D1A64609511E4890A835E4EEE3EF5DFC&MUID=05E5215F60316452168C30E3615A6535

42 B
390 B

27ms
26ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=D1A64609511E4890A835E4EEE3EF5DFC&MUID=05E5215F60316452168C30E3615A6535
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 09:51:12 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 07 Jun 2022 09:51:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A0059B9A5212474799B87D8BCFCB3EA3 Ref B: FRAEDGE1411 Ref C: 2022-06-07T09:51:12Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=D1A64609511E4890A835E4EEE3EF5DFC&MUID=05E5215F60316452168C30E3615A6535
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 46ms
45ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=699283831&t=pageview&_s=1&dl=https%3A%2F%2Fwww.malcare.com%2Fblog%2Fwordpress-hacked-redirect%2F&ul=en-us&de=UTF-8&dt=%5BSolved%5D%20WordPress%20Redirect%20Hack%20Malware%20-%202022%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBACEADRAAAAC~&jid=733361279&gjid=1425522382&cid=1704951691.1654595472&tid=UA-643559-9&_gid=2010624331.1654595472&_r=1&_slc=1&z=1060024046

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malcare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 09:51:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.malcare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-643559-9&cid=1704951691.1654595472&jid=733361279&gjid=1425522382&_gid=2010624331.1654595472&_u=KGBACEACRAAAAC~&z=1921136923

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malcare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Jun 2022 09:51:12 GMT
content-type: text/plain
access-control-allow-origin: https://www.malcare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 158ms
75ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-643559-9&cid=1704951691.1654595472&jid=733361279&_u=KGBACEACRAAAAC~&z=296535408

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 09:51:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 156ms
75ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-643559-9&cid=1704951691.1654595472&jid=733361279&_u=KGBACEACRAAAAC~&z=296535408

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 09:51:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 95ms
94ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.malcare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.malcare.com
date: Tue, 07 Jun 2022 09:51:12 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 6a4zd4drxi2e.js Show response
js.driftt.com/include/1654595700000/ 232 KB
66 KB 178ms
136ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1654595700000/6a4zd4drxi2e.js

Requested by

Host: www.malcare.com
URL: https://www.malcare.com/blog/wordpress-hacked-redirect/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

0c0e51a6dd50a49e6e78ef7a72e722ded7067bf343502bd1d957979d62276403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malcare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: qr0nVG8PpXQ99gGHm4IIxSWqkktINQ78
content-encoding: gzip
etag: W/"d1a911c563c823e797c2e2a350ec2ba9"
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 14:46:25 GMT
server: nginx
date: Tue, 07 Jun 2022 09:51:13 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QcIDExiIH1429ikjLgKzCExb_iNN9KJPlB0wu2k7bhUzbfz4rBHe4g==

GET
H2 200 core Show response
js.driftt.com/ Frame 16C9 2 KB
1 KB 304ms
304ms Document
text/html 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1654595700000/6a4zd4drxi2e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ee12e41b862f305fabc249aaaea68c41613dac9685ee4cdcdb79280b49c96ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malcare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 Jun 2022 09:51:14 GMT
etag: W/"cf5f6587396fc06b93d388853e078689"
last-modified: Thu, 02 Jun 2022 14:46:16 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-id: f_d6ExhSMN9ZNDeVwjZVsrjUYZR_DwnsoCqp9tGYCEf_WjEvf6p85w==
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 8Z6lIpsMfd9wSMnfBmAY.lzvgg5csKMO
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame BDD1 2 KB
1 KB 115ms
115ms Document
text/html 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1654595700000/6a4zd4drxi2e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ee12e41b862f305fabc249aaaea68c41613dac9685ee4cdcdb79280b49c96ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malcare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 Jun 2022 09:51:13 GMT
etag: W/"cf5f6587396fc06b93d388853e078689"
last-modified: Thu, 02 Jun 2022 14:46:16 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-id: _8DPWQl3XaGK9ZDYlEReVeFpAGqZ91-3_apen6Au8-uGRRFOkPcMdg==
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 8Z6lIpsMfd9wSMnfBmAY.lzvgg5csKMO
x-cache: RefreshHit from cloudfront

GET
H2 200 runtime~main.e599a21e.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 6 KB
3 KB 8ms
7ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

6b3c450e5b8f5cb79a624242aec4509f3d8eca253c498b0d04193adb70e1d74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 14:46:15 GMT
content-encoding: gzip
age: 414299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 14:16:28 GMT
server: nginx
etag: W/"73df1f645b86319ca39b587ae84d39ba"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: r5YVzo01wVt4IiHVpJH.RTHjRLq9TJsz
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CF7bIqbkIuq-WLkLqnG9in9KBDEBzcKmvk0o6ep7svrySkhbZSrG7A==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 58 KB
20 KB 9ms
8ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:23:24 GMT
content-encoding: gzip
age: 3922070
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: maOqxpaNnzt0tyNj0PV8pU.OmUMXI5V_
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h3TSPesJ0MJvD9XUWfWhvPxJJedXDF9qzrvjMKK4yZc2V5rUcoFmpg==

GET
H2 200 main~493df0b3.e4b52ccf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 6 KB
3 KB 9ms
9ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e4b52ccf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 1698844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:08 GMT
server: nginx
etag: W/"69362f73a04491df20548a6acabbd746"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2zxmXJCeUVcrAdxDs6oDiJa7iJ7fH8N.
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jv9hqW7m9Em8toKzsqFdBqy5efKVVBs_GAM9IGK7FI3bqNE1AwPhiA==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 47 KB
14 KB 9ms
8ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 4964500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B5nQx62kfGixFNs6i7158XuE6Q0q4UA8
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: g5Ciu_0l9m8rjyow1hlUfHaLqhLGOMARRsoSMH-WAK-_XL9MNlverw==

GET
H2 200 19.c2c4ec2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 44 KB
13 KB 9ms
8ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c2c4ec2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:26 GMT
content-encoding: gzip
age: 3669348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"ca27a219f5babe50f6eb7c982fa61d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GP6AWJ95Oeeek71gysVMlYSExP067DB1
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mP75xIYcgRU5EwlMe8fZmcUtygeC6WOl8b3X0io8opWkmacPGs0ocA==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 25 KB
8 KB 10ms
9ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 5471060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:20 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vKbfuupFATroRl3aNDGfs3ThogQLzb9z
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Cq6agw9idKDk-1-PztQO7XOs1LttSWQclrlGWVP-IblMM4O5lYfM7g==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 16 KB
5 KB 10ms
9ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 13283852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sDkvSR3EhczvImf3L_2nGyvK-RYuo1bbTX3_0_DCPl0PTueqMLPqIw==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 72 KB
22 KB 10ms
9ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 5471060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ilpiiyhlyh6s3iuNf.37uZlW5ugPpx91
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Wu-GA-k7okDIPuRWeWSKfwJknCNhJj1dfB2fA2zgQjQ3s_uMcmkhbQ==

GET
H2 200 34.4825f131.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 11 KB
5 KB 11ms
10ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.4825f131.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

bcf935328b872f254a1b956b0aa6a653907ab015480080a4090813c322220ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:24:19 GMT
content-encoding: gzip
age: 937615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 19:30:06 GMT
server: nginx
etag: W/"b7eb750a2537cbe3b711904b767cfc8e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1Q8Tn3bLtqIW1U1a6zoXf15.CuFwocex
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -YKSvzAU4vlwNoa8r1foBKlj7N760mmOtKil6MgikpDzcOU_cv5iXw==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 59 KB
19 KB 11ms
10ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 4566364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6QFFV552d_qyZ9pcsgZNY8fkBisjodK4
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Fiw0IF3AXvH7GzuOgxviYhPcbuMFpVm2wxiy3sMy6cDx2vfLA3-7qw==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 91 KB
28 KB 12ms
11ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6140828
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:35 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IO06C9jhzvCi9VImuydD04sGtIPTZ6T.
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CGdERMnNNyDUtYYuBEEtRnrC8HK6dtX58hl3HBNm0GyEB7tROvgKpQ==

GET
H2 200 10.b73b895d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 23 KB
7 KB 13ms
12ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.b73b895d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 12 May 2022 17:56:16 GMT
content-encoding: gzip
age: 2217298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 17:28:59 GMT
server: nginx
etag: W/"5c6cb58ced9f55b696578307366a68ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 42s0ZS8AeOMe_PH.Rce3w4xkhbhmKcpn
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RNR6IwnFxvMTgZCDxRAnTdODHXHzbjmXmUfXLkMDxeUHiwDd7dfrCA==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 62 KB
20 KB 14ms
13ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 13283853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4AH1YWZMSQtNBNgOOi4vqmFKPfqwTYw5Z3e7KZOf_Uznw4n96HRmwQ==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 105 KB
34 KB 15ms
14ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 4964500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mxBFWZx1wZ1xN.1nj_wZKtLvuDeu4lk_
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jIEeUm-l029P-TfRGx_5h4-ahMyokFdzrJkhJ7-tn7BRRd5Pt1xozQ==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 12 KB
4 KB 16ms
15ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 5485128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:20 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0Zui0kJ5MSbHpImulx8UM9hDRN0gPHQk
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZbqQMCZO5ZsNepbpTF23If2Z4FONV-J-TCWynyQGnreE8D19RgNF0g==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 12 KB
5 KB 16ms
15ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 4566364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Kb9jiolYAspdT0T2FEuoVylYgxdOCuEs
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l30y2yIr2w7PnwerVq_nmk7KoqhIVXtrnqes7BzGWd0UxcDGkapx6w==

GET
H2 200 18.3ca2a055.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 17 KB
7 KB 16ms
16ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.3ca2a055.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 1698844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"4cfccba39f0ab35f70bc772f1d0eb4c2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AOsH7T1Yo.NhD3RTtLUBAEdTLdlQFzkv
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3AyuRj6SCqRET8d-HXcA6uZutD10jM7R6i79vv4O7XhU2VlsrFPdZQ==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame BDD1 11 KB
3 KB 16ms
15ms Stylesheet
text/css 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6140828
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8ZsEKgx7NBbOWsOo7y482B7LIK3_mShC
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Fh0Nan2-9zSmDdJBKDDVDc21iiYOeqHvasgCPnErr2qc5nFOuUe0nA==

GET
H2 200 8.5fbd69d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 70 KB
22 KB 16ms
15ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.5fbd69d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

946e4dd225b51376533446d20da312e3a25554fba768e0e06f8da5d2b8d80036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 1090131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:59 GMT
server: nginx
etag: W/"cd43284d05406552f494bbd44734ee0c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XsFmR2GAc1_QnHVkrdDFEKicPq3qlHBV
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AalYJ_JT3MxS4wtR3LJ8EnoVERVZvY3jBfV1HTlfJmCPweF2PxtO9g==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame BDD1 24 B
665 B 17ms
16ms Stylesheet
text/css 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
age: 13283853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BLpYPZp_Fs19sEUGrtPvcW_ek60XQ_k0KYBm1wOuIuMf36UIX8-Llw==

GET
H2 200 15.9a7b783c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 78 KB
20 KB 17ms
16ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.9a7b783c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

0157ac2ffc801dbd94534b6c3bae2999697912e970c8281d7c7d736f00a597cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 1090131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"36f679f36770acf3a24e07795d54926d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PCpq1M7KNBx.60DMcPGYQas..FYGHvAh
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7B0MmWvCEXge4KJHq4bx9yYw9CAgiTrjHG_S5se8lM1-uIiKXYOQUw==

GET
H2 200 22.6f487465.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 47 KB
13 KB 17ms
17ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6f487465.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

09f9370d4f6c68191a996dc948f16e1b1f6d3a417e34b907c778c7d82b8718a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 1090131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"e07a6f8e3170641ee90cd70e1515d1cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: E.s_VR33a7iHVinnc1SG22v5OxH76qwY
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LuLEG5g2W1KnPhdHm584DSQgSQg_LGCa2jJ-emvyyW9KdnOKFp2WbQ==

GET
H2 200 13.a2c6ab28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 40 KB
13 KB 18ms
17ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.a2c6ab28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e1e778e15bf75d50527c49a9efc6469f6ddbedbc43428c6d809a453504a396a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 14:46:15 GMT
content-encoding: gzip
age: 414299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 14:16:25 GMT
server: nginx
etag: W/"e2ba663c7e6c1059b5823d43722a46af"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Rl__iyMeFKy5oliRbhZgGhr88e_EUC0d
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fFOOY2ASbqBicmEwJW-ZSuNFE8-hMGCgRbJmjeosLeKP7qUNjUspzQ==

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame BDD1 3 KB
1 KB 8ms
7ms Stylesheet
text/css 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 5485128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:17 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: o4YHS2mkjmPJ8FYb.psnWR.Z9AgjdeMR
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HR15L1iQ6ZkUynEq60mb2Ozi2fIzLugkbV0b0eC0597rUERHGTIHyw==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 3 KB
2 KB 8ms
8ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 01:21:23 GMT
content-encoding: gzip
age: 7374590
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 09 Mar 2022 19:39:00 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nKLZ1eCZgJyATnvQHZL81PT0kMSSnbMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JJq8g4ZZsO0blh7yyJnP0DLdESS4HH1UciCyYhMAAL-lFOkP_EfKVg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 9 KB
3 KB 8ms
7ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6140828
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:34 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f0vFdvUsVaxkS7BUVekCPez6OhG1f.hd
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oK8rceV0FB-BAQZ60btjaUgYRvoYZD7KNZFRG_VWhqM-md9xfQIvag==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame BDD1 7 KB
2 KB 8ms
8ms Stylesheet
text/css 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6140827
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eJJ8iIcGQeeOyHqQZhPH9NjVmZe46DWE
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OTnvyAsPjledstCkjLF9qkPyMFCYGXm3Esh3_awLXgcxI_x0TRWKtw==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 54 KB
16 KB 9ms
9ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 23:30:53 GMT
content-encoding: gzip
age: 5739621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 18:31:22 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kk3GS24HgDEmPXUslSsjyTbGLAUWg7zo
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uPxUuCxn6S5HgzKk4z_cuYkq8vo6Shgtogu5SiJ1-7lsDBNV-A_39Q==

GET
H2 200 1.e5dfd51a.chunk.css
js.driftt.com/core/assets/css/ Frame BDD1 43 KB
7 KB 10ms
9ms Stylesheet
text/css 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e5dfd51a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 02 May 2022 15:02:23 GMT
content-encoding: gzip
age: 3091731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:46 GMT
server: nginx
etag: W/"2c40725f3e291f40133c5dd42e2d2809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NDVBsNLgITAyanG2chz6_hhZC25SbNrt
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yXITb_cVgX_0spIcO9fT6U-L3lu21QA2fAfpCnsJ1BwZMgyUbtYzYg==

GET
H2 200 1.f298ec7a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 73 KB
25 KB 10ms
9ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.f298ec7a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

be288a41ffdf2321d64b08c841c0bca688111ccd5391b07d1ed945696d08a143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:24:19 GMT
content-encoding: gzip
age: 937615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 19:30:04 GMT
server: nginx
etag: W/"d1a9c9ea5357be9b463d43c3d40b1a21"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gSWr7DGPKjOvUOObAOXMn_SedMUUGNba
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VHpR0Dy0t-BIi2TZDcePhFuaMCXxC_TjX68uJGK-wQ9i8GLuTVKoZg==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame BDD1 12 KB
3 KB 10ms
10ms Stylesheet
text/css 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6140827
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pHw9X_j3lnHYAPELEWozrhov_rOIKMZh
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n9hRxa7jaRqVQj3j3aa7rIzIcJ6k3UcalWN_12FuZFVvTAiS5dFiqg==

GET
H2 200 30.b309d6ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BDD1 11 KB
5 KB 11ms
10ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.b309d6ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

2d0cdd09c5006ed29290e45afc7c2cd37751bb446e99fc5767252b5f0111be59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654595471210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 1090131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"7dd277950241bcebd0bdbbb7d9cdab6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hKJsDkMxRQ0R_AMuTupCkkz.ZnAAlr5B
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YuQsgPe9lqrD96RGyp9Vm-JBWoxk0EGuH-cCYvwNeLZDrZGEvIgFEg==

GET
H2 200 runtime~main.e599a21e.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 6 KB
3 KB 8ms
7ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

6b3c450e5b8f5cb79a624242aec4509f3d8eca253c498b0d04193adb70e1d74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 14:46:15 GMT
content-encoding: gzip
age: 414299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 14:16:28 GMT
server: nginx
etag: W/"73df1f645b86319ca39b587ae84d39ba"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: r5YVzo01wVt4IiHVpJH.RTHjRLq9TJsz
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lY9gSheg5J7hRXg-3Cr1ze63UATOm06bNp1kmdSgR8l8l45CX8tgFg==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 58 KB
20 KB 9ms
8ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:23:24 GMT
content-encoding: gzip
age: 3922070
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: maOqxpaNnzt0tyNj0PV8pU.OmUMXI5V_
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bTNJjTBJjuL542ASJgYZOBjdC0eRb-I_Uuh7Yr_k2gkuiWnl3mJrcA==

GET
H2 200 main~493df0b3.e4b52ccf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 6 KB
3 KB 10ms
9ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e4b52ccf.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 1698844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:08 GMT
server: nginx
etag: W/"69362f73a04491df20548a6acabbd746"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2zxmXJCeUVcrAdxDs6oDiJa7iJ7fH8N.
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SjsPXvy1GHm7Vcttc7FPqr0fP4T7pBGQsi-l0HwpQmSENTpz5O7c6g==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 47 KB
14 KB 8ms
7ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 4964500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B5nQx62kfGixFNs6i7158XuE6Q0q4UA8
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mZQ82Eh2hX9H207UnbGEy_c0XatWuVwN1D14jYBd9My5YgELDkLv_g==

GET
H2 200 19.c2c4ec2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 44 KB
13 KB 9ms
8ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c2c4ec2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:26 GMT
content-encoding: gzip
age: 3669348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"ca27a219f5babe50f6eb7c982fa61d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GP6AWJ95Oeeek71gysVMlYSExP067DB1
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zl9WSX_-L-WHAqYVKeKaqJDLbmBsVN_Y6FmR99guY5oXbMMKI739Fw==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 25 KB
8 KB 10ms
9ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 5471060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:20 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vKbfuupFATroRl3aNDGfs3ThogQLzb9z
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d4FztdJMWhCUGz_jdSiWDNDGuqQiq5eGmWI6Fg9k9GOKR31uKuyTVQ==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 16 KB
5 KB 10ms
9ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 13283852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UlR72UHH9pTfScD8Lm0nY9znsUehW27qZlVWa_F_lVXrtKL1mAHO7g==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 72 KB
22 KB 10ms
10ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 5471060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ilpiiyhlyh6s3iuNf.37uZlW5ugPpx91
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1DpQ4u-9cdELuOLRUP8agsXCj2uVTWzNNHvxXEIiPL76y8TcE1t7WQ==

GET
H2 200 34.4825f131.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 11 KB
5 KB 11ms
10ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.4825f131.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

bcf935328b872f254a1b956b0aa6a653907ab015480080a4090813c322220ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:24:19 GMT
content-encoding: gzip
age: 937615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 19:30:06 GMT
server: nginx
etag: W/"b7eb750a2537cbe3b711904b767cfc8e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1Q8Tn3bLtqIW1U1a6zoXf15.CuFwocex
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oRwjKYjwb3SAusff5mY1uolvQ8-Vk7l17ZB_ut1n0icWqPd_tqjCbg==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 59 KB
19 KB 11ms
10ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 4566364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6QFFV552d_qyZ9pcsgZNY8fkBisjodK4
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WhKw-jUL_s21rqXOZ3NLdtwNBCGkXIpVjUxEItOfuTWoH8g0IDBNRQ==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 91 KB
28 KB 12ms
11ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6140828
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:35 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IO06C9jhzvCi9VImuydD04sGtIPTZ6T.
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 22SJXTGi4lepiDSY2rXmxxVkSsK3tP9r6bR95IpmQgXJHv26Ei6ucA==

GET
H2 200 10.b73b895d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 23 KB
7 KB 12ms
11ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.b73b895d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 12 May 2022 17:56:16 GMT
content-encoding: gzip
age: 2217298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 17:28:59 GMT
server: nginx
etag: W/"5c6cb58ced9f55b696578307366a68ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 42s0ZS8AeOMe_PH.Rce3w4xkhbhmKcpn
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AgLjEmjAE-zM8LQZNMxzfCkuGuWm1ocCSaMkaV_sTZPA8m7xMSJ3jA==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 62 KB
20 KB 12ms
12ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 13283853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Gv5Rz-ka_ZV8rnk76q0wb-ZxSQkvEkkrJSNbjczn9LxXs5YoFqQSZQ==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 105 KB
34 KB 13ms
13ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 4964500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mxBFWZx1wZ1xN.1nj_wZKtLvuDeu4lk_
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E58uSc266qClTSeAh4WJFJAwKxt6QoSTjREYeD7VuJq0ZXZxeu50GQ==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 12 KB
4 KB 14ms
13ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 5485128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:20 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0Zui0kJ5MSbHpImulx8UM9hDRN0gPHQk
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FW9VHPU_Y-dN3wGHxK7SDYbtO1Ah-dMrS7fWLLhKT77DOsUqNHMVNw==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 12 KB
5 KB 14ms
13ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 4566364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Kb9jiolYAspdT0T2FEuoVylYgxdOCuEs
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xlrwVpnDkWzow2KK2jAOXT1ybpufPbctMkFYVHrBDOSfZY7jaSz-SQ==

GET
H2 200 18.3ca2a055.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 17 KB
7 KB 15ms
14ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.3ca2a055.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 1698844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"4cfccba39f0ab35f70bc772f1d0eb4c2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AOsH7T1Yo.NhD3RTtLUBAEdTLdlQFzkv
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BH7pVmVmsRepp_dvRna43O5nuXUmAiEgMblCEJChSdFdL2-fA6_Gsg==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 16C9 11 KB
3 KB 15ms
14ms Stylesheet
text/css 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6140828
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8ZsEKgx7NBbOWsOo7y482B7LIK3_mShC
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G6YhY4KeI41RJZ2Io6RMMIh8oQiSCpsAlY8trAsoUmaP3i4kiIz2Hw==

GET
H2 200 8.5fbd69d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 70 KB
22 KB 15ms
14ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.5fbd69d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

946e4dd225b51376533446d20da312e3a25554fba768e0e06f8da5d2b8d80036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 1090131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:59 GMT
server: nginx
etag: W/"cd43284d05406552f494bbd44734ee0c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XsFmR2GAc1_QnHVkrdDFEKicPq3qlHBV
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HzBQkAvucKC56PTberP5z5S184KV9_fj_VSxuccdbf2Cm8g-m-ZuKQ==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 16C9 24 B
667 B 16ms
15ms Stylesheet
text/css 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
age: 13283853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: x1PF0pNyAXLjFXKh4qZc-vmkpux9-WIfXvmdvzRu6fyYdVpRPRQMRw==

GET
H2 200 15.9a7b783c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 78 KB
20 KB 16ms
15ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.9a7b783c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

0157ac2ffc801dbd94534b6c3bae2999697912e970c8281d7c7d736f00a597cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 1090131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"36f679f36770acf3a24e07795d54926d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PCpq1M7KNBx.60DMcPGYQas..FYGHvAh
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cRYrwm66eH-e-4HfawLVcJjEuRAPjUYBrIr_4pHn8QaAU-uKqLkCqw==

GET
H2 200 22.6f487465.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 47 KB
13 KB 16ms
16ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6f487465.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

09f9370d4f6c68191a996dc948f16e1b1f6d3a417e34b907c778c7d82b8718a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 1090131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"e07a6f8e3170641ee90cd70e1515d1cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: E.s_VR33a7iHVinnc1SG22v5OxH76qwY
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2YFsjya2jN9yG9Qs-Sh0ETjI5Vmp99iJm8qCWt4eeOxQu4MFwGvsXQ==

GET
H2 200 13.a2c6ab28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 40 KB
13 KB 17ms
16ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.a2c6ab28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e1e778e15bf75d50527c49a9efc6469f6ddbedbc43428c6d809a453504a396a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 14:46:15 GMT
content-encoding: gzip
age: 414299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 14:16:25 GMT
server: nginx
etag: W/"e2ba663c7e6c1059b5823d43722a46af"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Rl__iyMeFKy5oliRbhZgGhr88e_EUC0d
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bp2mGTMeibyuLqTb3A0Wx6THYjDiJCQ5btNd047_PALXI2VcSHWQZw==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 9 KB
3 KB 10ms
8ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6140828
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:34 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f0vFdvUsVaxkS7BUVekCPez6OhG1f.hd
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GSTKrsKaY_TNT3FwRZvsJJCdegE4JQ0U6Yk6H4RMunVMsL0lhsPepA==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 33 KB
10 KB 11ms
10ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 5485128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dJ6wMYR.EkVgKolqllYLjIlhrPfZzaVa
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FX2MBXyA9XzXzFAtEk5uSLoTpkcihkKFGG-zBcKRnFHFoG4HxC4K2w==

GET
H2 200 25.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame 16C9 8 KB
2 KB 10ms
9ms Stylesheet
text/css 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6140828
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Yw4dEFczUjGKvjvS8RVZki_SV8inukYJ
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Vfu1Ngiik2k5UOmPVcQ6sFqlFqQkNkKyQTlYe3N5MRUYSt2sxStglw==

GET
H2 200 25.b36a979b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 12 KB
5 KB 12ms
11ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.b36a979b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9a5c3883eada0e4577732081b0979554f9c24570ec71bd766e9a2658e7703603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 1090131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"bb1fc605abd6c0ba2c1eb7021ba58d04"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SjE9cVAK33cTH9HWQZWwr9_vpF1Vn6tr
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3dKX1xN_bZJJ9H7LcGDS_AuHowHaK4ac7YiN_OrwjFp84XVkju4vrg==

GET
H2 200 17.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 16C9 365 B
1006 B 11ms
10ms Stylesheet
text/css 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
age: 1698844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Wed, 18 May 2022 17:52:03 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8PhpnUwCKVw_tmw5w1.GT3kRVBeTcpzl
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kNhupAGCBwJmuS1rKyEdziwqHNS7iSngegojlFda1stukBw1xsIkjA==

GET
H2 200 17.7b994cc5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 16C9 87 KB
24 KB 12ms
12ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.7b994cc5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e599a21e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e2e24bba7214b140e312e089c80452a978a14cb198a2dbb82dd2c20fbf6fcfe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=6a4zd4drxi2e&region=US&forceShow=false&skipCampaigns=false&sessionId=5ee7b292-d956-44a8-a8b8-560f6748d9e9&sessionStarted=1654595473.92&campaignRefreshToken=b14378c9-d1c1-420d-aaa2-1dd1e7900218&hideController=false&pageLoadStartTime=1654595471210&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 14:46:16 GMT
content-encoding: gzip
age: 414298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 14:16:25 GMT
server: nginx
etag: W/"c6056275d03be343b9ffd6b999188234"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .L3U85mY_h3aikeKYsa0xVIU.8h_SsY6
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1wCJ2NX073SAsDkddctaTWfZWeN6thCNBD2gcz79yRqzBvDACcFa6Q==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 16C9 25 B
122 B 115ms
115ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Jun 2022 09:51:14 GMT
server: istio-envoy
requestid: 98801241735fa86
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 333ms
104ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 07 Jun 2022 09:51:14 GMT
requestid: driftf0432744591962c48375384b316
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 16C9 147 B
245 B 102ms
101ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

d2643453044c8627dd5a97466fcce4e8cefe805cd1fb05187150c7629e0939ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Jun 2022 09:51:14 GMT
server: istio-envoy
requestid: 4b36841091ad83b5
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 322ms
101ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 07 Jun 2022 09:51:14 GMT
requestid: drift4482aba4badb1941dfba7d11b13
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 95ms
94ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.malcare.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.malcare.com
date: Tue, 07 Jun 2022 09:51:15 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 16C9 0
0

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 103ms
102ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 07 Jun 2022 09:51:16 GMT
requestid: driftdbe166f4c399d94c2f08b905372
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: metrics.api.drift.com
URL: https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.malcare.com/	1970-01-20 05:46:11	Name: _fbp Value: fb.1.1654595471837.1637983975
.www.malcare.com/	1970-01-20 07:58:07	Name: sib_cuid Value: 6aa5ef8f-1d3d-4973-a011-c3d16f6fcdd9
www.clarity.ms/	1970-01-20 12:22:11	Name: CLID Value: 072094aa23484eb0aeccdcec50fdcfbe.20220607.20230607
sibautomation.com/	1970-01-20 07:58:07	Name: uuid Value: be66a984-a8e9-4660-af42-ce6b658f1b10
.malcare.com/	1970-01-20 05:46:11	Name: _gcl_au Value: 1.1.2144997400.1654595472
.malcare.com/	1970-01-23 19:12:35	Name: amplitude_id_3025946e27773d6c350007b09a075ef3malcare.com Value: eyJkZXZpY2VJZCI6ImZmNWU3ZTdmLTY5MjktNDQ0MC1hODIyLWIwOTM2NTRhZTE3N1IiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY1NDU5NTQ3MjA4MCwibGFzdEV2ZW50VGltZSI6MTY1NDU5NTQ3MjA4MSwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9
.malcare.com/	1970-01-20 12:22:11	Name: _clck Value: 1b4zxbo\|1\|f24\|0
.doubleclick.net/	1970-01-20 03:36:36	Name: test_cookie Value: CheckForPermission
.malcare.com/	1970-01-20 21:07:47	Name: _ga Value: GA1.2.1704951691.1654595472
.malcare.com/	1970-01-20 03:38:01	Name: _gid Value: GA1.2.2010624331.1654595472
.malcare.com/	1970-01-20 03:36:35	Name: _gat Value: 1
.c.bing.com/	1970-01-20 12:58:11	Name: SRM_B Value: 05E5215F60316452168C30E3615A6535
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:58:11	Name: MUID Value: 05E5215F60316452168C30E3615A6535
.c.clarity.ms/	1970-01-20 03:36:36	Name: ANONCHK Value: 0
.malcare.com/	1970-01-20 03:38:01	Name: _clsk Value: 1t5vwyr\|1654595472704\|1\|1\|b.clarity.ms/collect
www.malcare.com/	1970-01-20 03:36:37	Name: drift_campaign_refresh Value: b14378c9-d1c1-420d-aaa2-1dd1e7900218

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.malcare.com/wp-content/plugins/block-slider/dist-free/blocks.style.build.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.malcare.com/wp-content/plugins/block-slider/dist-free/custom_frontend.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
app.blogvault.net
b.clarity.ms
bootstrap.api.drift.com
c.bing.com
c.clarity.ms
cdn.amplitude.com
cdnjs.cloudflare.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in-automate.sendinblue.com
js.driftt.com
metrics.api.drift.com
script.tapfiliate.com
sibautomation.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.malcare.com
www0f38.b-cdn.net
metrics.api.drift.com
13.224.194.86
13.224.198.92
13.225.84.17
138.199.37.226
172.217.18.2
18.66.248.37
20.234.93.27
20.75.32.255
2606:4700:4400::ac40:996f
2606:4700:440e::6812:2fe6
2606:4700::6811:190e
2606:4700::6811:90c
2620:1ec:27::cafe:1824
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:801::2004
2a00:1450:4001:809::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:400c:c0b::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
50.16.7.188
54.147.21.139
54.69.55.17
64.227.7.169
78.46.195.121
0157ac2ffc801dbd94534b6c3bae2999697912e970c8281d7c7d736f00a597cb
02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04e107d701fdd6867cb72ba7ceaf313bd068ae7959ec429cab8449d96c30beff
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
06468867329ad335b5dcbe2ad8e8870155f089e89fb9529982ed16981e904aa4
078185b582519bb6d5221da1004a005e62ee2112c89e5f565e4e0e4639bddf84
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
09f9370d4f6c68191a996dc948f16e1b1f6d3a417e34b907c778c7d82b8718a3
0a72b40cab80d207f6b7e087f03a6d86c100028b694352a5e937cee8083f149a
0af2e758f25422989b034afee970457904e5f266243be629224106d1f542fbee
0c0e51a6dd50a49e6e78ef7a72e722ded7067bf343502bd1d957979d62276403
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e8d0f0da894de0b63dcaf04f0845502bccad3b15e31c7471000888fc14cf50d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1542af552f0720b6d61b8648a4331b7769182f00e749f5f87e94b5a3d5a03427
1703069345adf5d12f98c3fc3f1b3b962f7166997840cea53ac0df14208ee51f
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b
22ba628d4afe29b141ab2f48e06a0f2b813359eaeec7e0b87f7e65dbafe61126
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f
2b097154b541eccff5cad8e46948eea5cd7effa7cb61c534b1443c253c3ca2eb
2c5b024ac47363f4d7bb9f9ba156f11847254f45d37783068345e1217ce3fd25
2d0cdd09c5006ed29290e45afc7c2cd37751bb446e99fc5767252b5f0111be59
2e65f5c3b3b4c402074c19dee3d24d6bc02a8a86b19c8c992a4a6e78b254b2cd
2f88bd4ecd4244c6dce04eee19c6fe471bc29a6fdcfc5d190aba1eeab2ec212a
325077f3aa4112f63deba923253aef4868bf2f03eec6fd9452c2a63b6201e561
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
344ddf0d6056897c3f372babdcd25b8ebd575e42c48abd8537fe410b3ae31ec8
34bfb1c53f424622eaeb0088d84f3b25fbc4ecc69ed4c4f56cee6c686a1f1c61
35119f009978d34825a2c5de94294bde9bca2f932298b5dd7451302b7ee1a1e0
37743dc1ed092a174e95bd76c66f1a2e332d491882f1091627388cb7e490ca1e
3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d
3c288f0c3cb0999bbd6a9f6486f6b13064ead24052234ac35f8b053b9db9ae96
4015b7c5d70fba675f3c74b8d14e60484c2a5709425c2b77dc39d2a76d45c666
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
45a461b3b2925fe977e3a8aa3c718a703ecca88ffd89611a8c6a529a4323fa16
494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4abb7aa5439849a3cddb4085a9c39b6ef0a54da587c675c4cb4e9887974e5642
504fe8febfe2539be5a046b02c656ef6dc4df985faefb31b7c047cc6f94651e0
5415caccc5fb8dba5d23e4fbbce03b240a51dd8182b4e510dc109c647a3cd843
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
56e81c364da2cf5172aa095f02558ee2f440585d21cbe8d6746a0e473c0c8e2c
5978d7eee4b0fb37c9409a3315f1ca722ebd7dfd476a42e9efa8cb016c076414
5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e8451b11024c29e6f0d616c7078888132cf13f2b9f643cb9ab6f16225fb82f6
60dbe8eaf69ff82e86951f9ef5190326994240464dd1a192af07b121dd5a51bf
60ea65c5df7567e92d3045440207c416bbf29a32a4274bcc38003f74ee18ba4e
641e04b5719e99455a7e32ee34fab860209cbb9f1041a53f4f75217d57388565
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d
653b8f46ab48136b0fd3f4bc345bfa3176d38ee87007789f04410832e6ab86bb
6abba1c5cd542f8f5d4b9561b3315f05ff018a2647f216fbf6ac2002aca567cf
6b3c450e5b8f5cb79a624242aec4509f3d8eca253c498b0d04193adb70e1d74c
6da593bb41278863238449ee446ac7a689c10718f2351833aa9e6f1575c3ac21
6e244abc7224f0d09a459628f4b146d1eab85dbeafad852405cd2dfca3648469
6f6b157bb8a0accd0bbb8868450e4609ca7b841b4f05f7992f405532d6df335b
70623b1280dea25e9785ed60ce0ae8f398cf454878ee8bd3838bfce991fe5285
71ab6e6aa5f1a68ede54856970b1d7e4c65bfd997172bd92e3a51c0f0ec8ba84
731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1
73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb
75cdd0cd8782116ba8444dabd993758b1b349843584c9631f4f24a4295b98940
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f33a3574451ba7144672513afd122b508797dbf16aa59ff565e8a0a0108b775
7f8fc2a8f340314b8c37cf2e52c17df22e0b6e756625c61dd87f650ee28fdb37
82c2f34fce10d76fe1ab747c69923e544f6c94dc497446dd556dc7e866abcc8f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c
8889f9df9e70d68e6871016dee9dc3bebbbcf2276c97d9b706a9d72c4f9286c3
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
946e4dd225b51376533446d20da312e3a25554fba768e0e06f8da5d2b8d80036
95225801348e0cfbd9f7fcdd1bfe7c05b639f2747e51a8fc33e9457ad8242dc7
995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5c3883eada0e4577732081b0979554f9c24570ec71bd766e9a2658e7703603
9aa24e56388ed458a18fc35ea6179e768f8074c4cc00e4b129bb608da64ef019
9ae9ad5edded5a9585ffcf733c18929868b964ba927983b89b5ab62744152813
9c10cb45c49a7942b3f9f4b59317b8d20a301603767ff94141c5e8d4c8e1b704
9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a204849a0777563cc401d76d1a8e1ab5c5a6c554d391c0b24493985b4a4f42af
a9e934f6ab1a45cf0e4cb01a607ad712bbde00573b82170eee5650aaf5038915
ac06f9b1363a943d1f00c4c2226a53f010622487bdea8b2ced2ccefeb336323a
ac588a22069fd96f7979ef0eb66728f0c45d9594c49bea515afe79d229591cdd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
aef346529b70c79840209a23f804f951d2fd23cf430d19b04c53bdc86416c4ef
b0186a72bcf7ef32610a7b7a8c25b2c20d4c3a4cdf85c37e878aef6bf018fc74
b065e641c0b9772a645e0596657a0bbabb8470f5ffbcfed95d5100f74c0da056
b23b45fbc35202e27d6331dda72c05480b16f6adc89584cee2cd31fca7d1fd40
b40d31072ce6553358f2bd8a90da92c13f45841dd79ffc681b721a1c97cbd5dc
b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0
b84ee65602c75ea856b3934dd36fa2827eb13d73053d538ebf3944388d21c7e1
b8bc5dcbe30b9542978d369b8c9123caa8e9694c34940447e131d57a6ca2b02b
bac7243051a702289aacfeb92111a3d2683ef504ad4916baae68e0eb61f49a1e
bcf935328b872f254a1b956b0aa6a653907ab015480080a4090813c322220ce1
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be288a41ffdf2321d64b08c841c0bca688111ccd5391b07d1ed945696d08a143
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
ccfee5e52ffcd8114f8f020db2175d6b70c6001fc354addced4f0691b2cf3d15
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d2643453044c8627dd5a97466fcce4e8cefe805cd1fb05187150c7629e0939ce
d4c8ea9766d350cc3b7f100da44dc7d247c2ed83093cf016ae40cad27ca43af9
d5f8abdb31f82b34a29f24f096718328b7a2339a8968472a9458c949d2e81695
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d8469ad6e03ba1a6c2c9fee151001c818233baff45efada0b93f6d864c21dbb3
d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9
da9dad45994fa30a773ffd383f0daba950926e1c95fc807b644554825ac34bf7
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd55038ce7e52ae5bc5793164c1fb0c82e3f0e2440329f6be3640dad81473356
dfbfabb2c803e0b3a45ae00f1b7df4aeefe5a9edf1bf80ad9d1dfa463bed3040
e08850bb386b512144dda1270bbe145096f895a31c038807ba5e4812d88117af
e14330bf22e4bb1192f29369dad8c6916e6fc5f3aec220f862456a105b0c552f
e1e778e15bf75d50527c49a9efc6469f6ddbedbc43428c6d809a453504a396a0
e2e24bba7214b140e312e089c80452a978a14cb198a2dbb82dd2c20fbf6fcfe4
e3081f8324018aabea6799ce710d1dd62989fe1fb95ebe8e3ea76906c8e9ee35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab
e711aacb5fdf99673f75dba5376d1e21edd31b36df1d916ffe9221701421775a
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ee12e41b862f305fabc249aaaea68c41613dac9685ee4cdcdb79280b49c96ae8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6072019ba53a652c426b2621fb6e94a4cbc3fba6f5c0a7106a1960156e2e83f
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

www.malcare.com Open in urlscan Pro 64.227.7.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

175 Requests

96 %HTTPS

55 %IPv6

24 Domains

29 Subdomains

29 IPs

4 Countries

1824 kBTransfer

5951 kBSize

17 Cookies

18 Outgoing links

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.malcare.com Open in urlscan Pro
64.227.7.169 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

96 %
HTTPS

55 %
IPv6

24
Domains

29
Subdomains

29
IPs

4
Countries

1824 kB
Transfer

5951 kB
Size

17
Cookies

175 HTTP transactions
4 data transactions