shellshock.qwilr.com Open in urlscan Pro
2600:9000:2057:4400:6:a3a2:8fc0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url9254.weareshellshock.com/ls/click?upn=Mn0BFARFFqdGutN8QKOPjB44msUFHVTX-2FEdMQAeUhmFTZD9-2FFX0ao32S6GZAlFODq1rxa2YtH-2BBQd...
Effective URL:
https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Submission: On September 13 via api (September 13th 2021, 12:08:14 pm UTC) from US — Scanned from DE

Summary HTTP 162 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 29 domains to perform 162 HTTP transactions. The main IP is 2600:9000:2057:4400:6:a3a2:8fc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is shellshock.qwilr.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on June 2nd 2020. Valid for: 2 years.

This is the only time shellshock.qwilr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.52 167.89.118.52	11377 (SENDGRID) (SENDGRID)
15	2600:9000:205... 2600:9000:2057:4400:6:a3a2:8fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:804::200a	15169 (GOOGLE) (GOOGLE)
3	13.225.78.91 13.225.78.91	16509 (AMAZON-02) (AMAZON-02)
7	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
3	172.217.19.98 172.217.19.98	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::622	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.197.80 13.224.197.80	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
62	143.204.98.111 143.204.98.111	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
19	52.222.214.65 52.222.214.65	16509 (AMAZON-02) (AMAZON-02)
5	3.105.131.214 3.105.131.214	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
1	13.32.22.41 13.32.22.41	16509 (AMAZON-02) (AMAZON-02)
1	52.222.206.6 52.222.206.6	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:fb:... 2a02:26f0:fb:5b5::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.98.64 13.32.98.64	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.193.121 13.224.193.121	16509 (AMAZON-02) (AMAZON-02)
2	34.238.181.251 34.238.181.251	14618 (AMAZON-AES) (AMAZON-AES)
1	35.81.185.185 35.81.185.185	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	() ()
1	143.204.98.69 143.204.98.69	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:ac00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.75.159.38 54.75.159.38	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.79 18.66.112.79	16509 (AMAZON-02) (AMAZON-02)
1	52.36.204.98 52.36.204.98	16509 (AMAZON-02) (AMAZON-02)
162	33

1 167.89.118.52 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x52.outbound-mail.sendgrid.net

url9254.weareshellshock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2057:4400:6:a3a2:8fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

shellshock.qwilr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:804::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-91.fra2.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

qwilr.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.19.98 (United States)

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-80.fra2.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 143.204.98.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.222.214.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-65.fra56.r.cloudfront.net

analytics.hx-qwilr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.105.131.214 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-105-131-214.ap-southeast-2.compute.amazonaws.com

api.qwilr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o11981.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-41.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-6.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb:5b5::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.98.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-98-64.fra60.r.cloudfront.net

scripts.kissmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-121.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.238.181.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-181-251.compute-1.amazonaws.com

trk.kissmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.185.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-185-185.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (None, )

ASN- ()

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:ac00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.159.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-159-38.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.204.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-204-98.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com	729 KB
20	qwilr.com shellshock.qwilr.com api.qwilr.com	763 KB
19	hx-qwilr.com analytics.hx-qwilr.com	5 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	63 KB
4	gstatic.com fonts.gstatic.com	58 KB
4	unsplash.com images.unsplash.com	371 KB
4	stripe.com js.stripe.com m.stripe.com	69 KB
3	google.de www.google.de	784 B
3	google.com www.google.com	784 B
3	google-analytics.com www.google-analytics.com	20 KB
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	3 KB
3	googleadservices.com www.googleadservices.com	45 KB
3	imgix.net qwilr.imgix.net	149 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	stripe.network m.stripe.network	20 KB
2	kissmetrics.io trk.kissmetrics.io	752 B
2	facebook.net connect.facebook.net	114 KB
2	amplitude.com cdn.amplitude.com api.amplitude.com	18 KB
1	hotjar.io vc.hotjar.io	256 B
1	googletagmanager.com www.googletagmanager.com	41 KB
1	kissmetrics.com scripts.kissmetrics.com	12 KB
1	licdn.com snap.licdn.com	2 KB
1	sentry.io o11981.ingest.sentry.io sentry.io Failed	289 B
1	segment.com cdn.segment.com	84 KB
1	wistia.net fast.wistia.net	115 KB
1	weareshellshock.com 1 redirects url9254.weareshellshock.com	322 B
0	drift.com Failed metrics.api.drift.com Failed bootstrap.api.drift.com Failed
0	adroll.com Failed s.adroll.com Failed
162	29

	Domain	Requested by
62	js.driftt.com	shellshock.qwilr.com js.driftt.com
19	analytics.hx-qwilr.com	shellshock.qwilr.com
15	shellshock.qwilr.com	shellshock.qwilr.com
5	api.qwilr.com	shellshock.qwilr.com
4	fonts.gstatic.com	fonts.googleapis.com
4	images.unsplash.com	shellshock.qwilr.com
3	www.google.de	shellshock.qwilr.com
3	www.google.com	shellshock.qwilr.com
3	www.google-analytics.com	shellshock.qwilr.com
3	www.googleadservices.com	shellshock.qwilr.com cdn.segment.com www.googletagmanager.com
3	qwilr.imgix.net	shellshock.qwilr.com
3	js.stripe.com	shellshock.qwilr.com js.stripe.com
3	fonts.googleapis.com	shellshock.qwilr.com js.driftt.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	px.ads.linkedin.com	2 redirects
2	trk.kissmetrics.io	scripts.kissmetrics.com
2	connect.facebook.net	cdn.segment.com connect.facebook.net
2	googleads.g.doubleclick.net	www.googleadservices.com
1	m.stripe.com	m.stripe.network
1	vc.hotjar.io	shellshock.qwilr.com
1	in.hotjar.com	shellshock.qwilr.com
1	vars.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	shellshock.qwilr.com
1	www.linkedin.com	1 redirects
1	api.amplitude.com	shellshock.qwilr.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	shellshock.qwilr.com
1	www.googletagmanager.com	cdn.segment.com
1	scripts.kissmetrics.com	cdn.segment.com
1	snap.licdn.com	cdn.segment.com
1	cdn.amplitude.com	cdn.segment.com
1	static.hotjar.com	cdn.segment.com
1	o11981.ingest.sentry.io	shellshock.qwilr.com
1	cdn.segment.com	shellshock.qwilr.com
1	fast.wistia.net	shellshock.qwilr.com
1	url9254.weareshellshock.com	1 redirects
0	bootstrap.api.drift.com Failed	js.driftt.com
0	metrics.api.drift.com Failed	js.driftt.com
0	sentry.io Failed	js.driftt.com
0	s.adroll.com Failed	shellshock.qwilr.com
162	40

This site contains links to these domains. Also see Links.

Domain
www.weareshellshock.com
www.linkedin.com
mark
urchin.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
*.qwilr.com GeoTrust RSA CA 2018	`2020-06-02` - `2022-06-02`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.camp-fire.jp GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-20` - `2022-06-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
analytics.hx-qwilr.com Amazon	`2021-01-21` - `2022-02-18`	a year	crt.sh
*.ingest.sentry.io R3	`2021-08-25` - `2021-11-23`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
cdn.amplitude.com Amazon	`2020-11-18` - `2021-12-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
www.kissmetrics.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-15` - `2022-07-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh

This page contains 6 frames:

Primary Page: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Frame ID: 4DF573698174D5915395FB81034F1821
Requests: 76 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Frame ID: AA9A36EC15D58BA8A36905EBE0D0F611
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 5929C8A91952E3220316459583853E17
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 8CDD525E73353227101DF86E10E010BA
Requests: 3 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
Frame ID: AA68FB1614D6CFBDCD76B5762D301872
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
Frame ID: EEC4E71EA41263E78DCED04742A7457F
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shellshock One-Sheet

Page URL History Show full URLs

http://url9254.weareshellshock.com/ls/click?upn=Mn0BFARFFqdGutN8QKOPjB44msUFHVTX-2FEdMQAeUhmFTZD9-2FFX0ao32S6GZ... HTTP 302
https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_cam... Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

162
Requests

95 %
HTTPS

46 %
IPv6

29
Domains

40
Subdomains

33
IPs

5
Countries

2687 kB
Transfer

10018 kB
Size

26
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.weareshellshock.com/
Title: www.weareshellshock.com

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/frichards/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://mark%20began%20his%20career%20as%20a%20web%20designer%20at%20one%20pica%20inc.%20in%202011%20and%20then%20eventually%20worked%20his%20way%20up%20to%20creative%20director%20role%20overseeing%20the%20user%20experience%20and%20user%20design%20of%20online%20websites%20for%20companies%20such%20as%203m%2C%20mit%2C%20berklee%20college%20of%20music%2C%20and%20griffin.%20mark%20then%20went%20on%20to%20found%20shellshock%20which%20he%20built%20%26%20oversaw%20until%20it%20was%20acquired%20by%20cbdi%20in%20november%20of%202020.%20mark%20holds%20a%20bachelor%27s%20degree%20in%20computer%20science%20from%20the%20new%20england%20institute%20of%20art%20with%20a%20minor%20in%20graphic%20design/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://urchin.com/
Title: urchin.com

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/gazelleinteractive/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/oligee/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/aj-pigliacelli-78797728/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.weareshellshock.com/case-studies/bmi-of-texas/
Title: BMI of Texas

Search URL Search Domain Scan URL

URL: https://www.weareshellshock.com/case-studies/we-are-memphis/
Title: We Are Memphis

Search URL Search Domain Scan URL

URL: https://www.weareshellshock.com/case-studies/ready-robotics/
Title: Ready Robotics

Search URL Search Domain Scan URL

URL: https://www.weareshellshock.com/case-studies/midnight-boats/
Title: Midnight Express Boats

Search URL Search Domain Scan URL

URL: https://www.weareshellshock.com/case-studies/cbd-unlimited/
Title: CBD Unlimited

Search URL Search Domain Scan URL

URL: https://www.weareshellshock.com/case-studies/unanet/
Title: Unanet

Search URL Search Domain Scan URL

URL: https://www.weareshellshock.com/case-studies/best-in-show/
Title: Potter League

Search URL Search Domain Scan URL

URL: https://www.weareshellshock.com/case-studies/nutre/
Title: Go Nutre

Search URL Search Domain Scan URL

URL: https://www.weareshellshock.com/case-studies/magento/
Title: Magento

Search URL Search Domain Scan URL

URL: https://www.weareshellshock.com/case-studies/pbs/
Title: PBS

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Shellshock%20One-Sheet&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dqwilr%26utm_medium%3Dqwilr-social-sharing-buttons%26utm_campaign%3Dtwitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dqwilr%26utm_medium%3Dqwilr-social-sharing-buttons%26utm_campaign%3D&title=Shellshock%20One-Sheetlinkedin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dqwilr%26utm_medium%3Dqwilr-social-sharing-buttons%26utm_campaign%3Dfacebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url9254.weareshellshock.com/ls/click?upn=Mn0BFARFFqdGutN8QKOPjB44msUFHVTX-2FEdMQAeUhmFTZD9-2FFX0ao32S6GZAlFODq1rxa2YtH-2BBQdoLUz-2B-2BCBPa3ZpnnGYKfN-2BQ7mKy1E2BQm6Q-2B7aJkTSvuXO3ZieyjBWps1dW8EjDKW2Rt8Sb2a7cLx8aJ6uR7XTdF7h2R5mM-3DnKbN_arMtbJFDoVSLIyX3DVqz9cqD0fMCiISEO2s9Zp50X3wGfzPnwxO6Ie1n4laZYGPZtMCuuvh7ZxSB1VKUSl4yBcHV1eSePCB9kQs6MetYSWLoYcD34-2Bzp9hmJg7sepKu3YrKoaHqkdT097NtNxYdFORUG98CgsR74LeWJqZwOK0RqTrunoJ3MuHmhN3T8gKgSfpTP-2F0tzyGRoGvOXnpuFSdV6Nho19-2FZw-2Bul0ByY3MOnTXY33SnbLTZC1iMvpISzXpu4LYhCMGn2int8ZAv1wGJHnfvGmZ04P8uTdBui6epv5IxDV3jmcvrkecBoM7gZvO-2BD348MrLHVT52eIVHKPIInkNEM-2FVKeRDHFBgifnarIO0pXU9ZAPatVjVk-2BaLWKRqMAY9dVSKzEsK74ig3mLCayj2vK-2FgX4xGOf2kVj7k0vVRAbYyK5tSU7dSsNrRd3C HTTP 302
https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1631534876201&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D76193%26time%3D1631534876201%26url%3Dhttps%253A%252F%252Fshellshock.qwilr.com%252FShellshock-One-Sheet-qtEei0FCTc6X%253Futm_source%253Dapollo%2526utm_medium%253Demail%2526utm_campaign%253Dwebsite%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1631534876201&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1631534876201&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite&liSync=true&e_ipv6=AQLDf1RIVI5rRAAAAXvfDrDXDQlHmLw-uRB0-bGr2-al4HWLDN2GxrtKigQSCHDE0Hk0e3E

162 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Shellshock-One-Sheet-qtEei0FCTc6X Show response
shellshock.qwilr.com/
Redirect Chain

http://url9254.weareshellshock.com/ls/click?upn=Mn0BFARFFqdGutN8QKOPjB44msUFHVTX-2FEdMQAeUhmFTZD9-2FFX0ao32S6GZAlFODq1rxa2YtH-2BBQdoLUz-2B-2BCBPa3ZpnnGYKfN-2BQ7mKy1E2BQm6Q-2B7aJkTSvuXO3ZieyjBWps1dW...
https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

458 KB
50 KB

6336ms
1258ms

Document
text/html

2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / cloud66

Resource Hash

a2d15a03d312cd03a914ecedd0b081e36b3cbea3df38ca0636b52996d50badad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: shellshock.qwilr.com
:scheme: https
:path: /Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
date: Mon, 13 Sep 2021 12:07:40 GMT
server: nginx
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0
access-control-allow-credentials: true
x-powered-by: cloud66
content-encoding: gzip
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: YYj4Bx14LjKJFWG2-EpqlVbI5f6dAZDFfs8ydnSRAKnwdHSVjbKjUw==

Redirect headers

Server: nginx
Date: Mon, 13 Sep 2021 12:07:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 149
Connection: keep-alive
Location: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
X-Robots-Tag: noindex, nofollow

GET
H2 200 styles-PublicLoader-c2cb926300692fa124ad.css
shellshock.qwilr.com/Public/Assets/ 75 KB
5 KB 8ms
7ms Stylesheet
text/css 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.qwilr.com/Public/Assets/styles-PublicLoader-c2cb926300692fa124ad.css
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd8c7e0c683adc1426ae0a095ed20a68064d8c7028d6997ec95460165a403419

Request headers

:path: /Public/Assets/styles-PublicLoader-c2cb926300692fa124ad.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 17:29:09 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 04:35:47 GMT
server: AmazonS3
age: 6460712
etag: "96e4d2e8517229a237cf6a0a62740f5b"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 4963
x-amz-cf-id: 5nJj9VyvzFGu1z4uqYMYPiMiljIscn3_UUST_DYAc4ykJ96oZrkEBw==

GET
H2 200 css
fonts.googleapis.com/ 362 B
777 B 5119ms
44ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Damion

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f63eb7afed77b9242192a2d1b496831d8a92eb84fe9ed955de49eccf937ac259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 11:09:26 GMT
server: ESF
date: Mon, 13 Sep 2021 12:07:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 12:07:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
836 B 5120ms
44ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:300,400,700,400italic&subset=latin,latin-ext

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4247a80d875018599341cc3986078108328e639a8b465bcdac4760f7c67c671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 12:07:45 GMT
server: ESF
date: Mon, 13 Sep 2021 12:07:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 12:07:45 GMT

GET
H2 200 vendors-IdentityProtected-PDFLoader-Public-1607c595fb66022b0e57.js Show response
shellshock.qwilr.com/Public/Assets/ 508 KB
134 KB 35ms
34ms Script
application/javascript 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-PDFLoader-Public-1607c595fb66022b0e57.js
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 133ae1f7e8c7fb9af68a03174a4e9542c931bf77a62f8e4c5b613fa5d37a20dd

Request headers

:path: /Public/Assets/vendors-IdentityProtected-PDFLoader-Public-1607c595fb66022b0e57.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 00:50:45 GMT
content-encoding: br
last-modified: Wed, 08 Sep 2021 00:03:18 GMT
server: AmazonS3
age: 472616
etag: "ef001871fa66e8b00b14dd8803c02294"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 136527
x-amz-cf-id: -ssZKch-VGMiKR1i-BBOfDZpYWSfJprSOXwfzR5qnNAvopb8ZRchBA==

GET
H2 200 vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js Show response
shellshock.qwilr.com/Public/Assets/ 710 KB
119 KB 12ms
10ms Script
application/javascript 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 956624a0be6974a0bac30ce7e56591a51d232df2e7d307f8d338ffc80de45f08

Request headers

:path: /Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 00:50:45 GMT
content-encoding: br
last-modified: Wed, 08 Sep 2021 00:03:06 GMT
server: AmazonS3
age: 472616
etag: "14051d41e6cf995493ee8ec9816ec3df"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 121692
x-amz-cf-id: 68e5WAYx5y-4PXhla0i10YF--lxZf8hgizTzHIj_VVymQ3u8m0ltlw==

GET
H2 200 vendors-Public-9996f7abde2bf2b94787.js Show response
shellshock.qwilr.com/Public/Assets/ 1 MB
217 KB 24ms
23ms Script
application/javascript 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.qwilr.com/Public/Assets/vendors-Public-9996f7abde2bf2b94787.js
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 161de0f32cb3c4cb3091b0be7c47c4cb5f87f856705e75e680ff9ccf98cce9a7

Request headers

:path: /Public/Assets/vendors-Public-9996f7abde2bf2b94787.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 00:50:45 GMT
content-encoding: br
last-modified: Wed, 08 Sep 2021 00:03:10 GMT
server: AmazonS3
age: 472616
etag: "4ecc0c9e8d120c2a391ec41b5ae87436"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 221627
x-amz-cf-id: Bc4BxBVVfJ9A0wDbzj1pz06MqEimLMs-3R9WzFreN5w-jkB7B71hvA==

GET
H2 200 default-IdentityProtected-PDFLoader-Public-342de6e3d89f51116b69.js Show response
shellshock.qwilr.com/Public/Assets/ 22 KB
4 KB 31ms
30ms Script
application/javascript 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.qwilr.com/Public/Assets/default-IdentityProtected-PDFLoader-Public-342de6e3d89f51116b69.js
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0018f092741780ce8bc1f5fb9825eac163270f9daa468a46c5b1ab9d5c17956

Request headers

:path: /Public/Assets/default-IdentityProtected-PDFLoader-Public-342de6e3d89f51116b69.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 00:50:45 GMT
content-encoding: br
last-modified: Wed, 08 Sep 2021 00:03:09 GMT
server: AmazonS3
age: 472616
etag: "5696a99d0088d1f6f2100e955aa4c13f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 4009
x-amz-cf-id: 2KGSKVZPSk1XRnF5lShTZXa_js79J-MGBbB34XWdB20IBTQpx6O_pA==

GET
H2 200 default-IdentityProtected-Public-949498cdd42ef778422e.js Show response
shellshock.qwilr.com/Public/Assets/ 20 KB
5 KB 31ms
30ms Script
application/javascript 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.qwilr.com/Public/Assets/default-IdentityProtected-Public-949498cdd42ef778422e.js
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d02e0563e74ff7753d68427f91745617b6cfdbd4824c94103bea06ba3b2522

Request headers

:path: /Public/Assets/default-IdentityProtected-Public-949498cdd42ef778422e.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 00:50:45 GMT
content-encoding: br
last-modified: Wed, 08 Sep 2021 00:03:12 GMT
server: AmazonS3
age: 472616
etag: "42117786957db5672423207b069165da"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 4603
x-amz-cf-id: x24LGjB-S8kqdoAcUKdvmwRAYIMULWzWeWBjGU2gN2OTdYS9x6GlBg==

GET
H2 200 app-Public-9874a7ce441e8cc14518.js Show response
shellshock.qwilr.com/Public/Assets/ 1005 KB
130 KB 32ms
31ms Script
application/javascript 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.qwilr.com/Public/Assets/app-Public-9874a7ce441e8cc14518.js
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 257eaca77e4e9676c6a7ec8bf01e55945dc816ac7841862bf63ea99cbb831c7f

Request headers

:path: /Public/Assets/app-Public-9874a7ce441e8cc14518.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 00:50:45 GMT
content-encoding: br
last-modified: Wed, 08 Sep 2021 00:03:03 GMT
server: AmazonS3
age: 472616
etag: "4d5f6d551e7179d09a7ae06aac0295f1"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 132918
x-amz-cf-id: WUzCd8rsg2XeE5uMUMjRbXr47EyQOhOZTpeOrP-fDB9WUNLjxxTyzg==

GET
H2 200 app-PublicLoader-245973c7475f6faf5db7.js Show response
shellshock.qwilr.com/Public/Assets/ 2 KB
921 B 36ms
36ms Script
application/javascript 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.qwilr.com/Public/Assets/app-PublicLoader-245973c7475f6faf5db7.js
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbfc043260cc75d64f206ce1a36b5e0f079c9c9b0cefc1755703d562a5ce1798

Request headers

:path: /Public/Assets/app-PublicLoader-245973c7475f6faf5db7.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 04:43:22 GMT
content-encoding: br
last-modified: Tue, 07 Sep 2021 04:35:25 GMT
server: AmazonS3
age: 545058
etag: "bf6fccd8c472422a557181626062e7a3"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 541
x-amz-cf-id: SUePc6nZpL-xilcudaKYJgaUPvguT8VoMrQqoXYgCVs9poPZBCnEwQ==

GET
H2 200 / Show response
js.stripe.com/v3/ 248 KB
67 KB 10075ms
21ms Script
application/javascript 13.225.78.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-91.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

807d570c16663e8b11121736937e3855958062e08336811485c38f1df02b6c1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:06:26 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 86
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: CTCTVW10M02SR4TA
x-amz-id-2: c3D9hvFwJo35iQMmSw73/WoKjFyDM90+i6Gqs9C3o0lXyTpbGl+OBDAffSW0d4qNVj4w9lap3CE=
last-modified: Fri, 10 Sep 2021 19:24:03 GMT
server: AmazonS3
etag: W/"ff869cfad3b8b35353735d6844c726a1"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 5WezmYUZBxD_7_T8qjj9nrK-E7v3KRaI2Zq5bH0UB3_QQCcMKB1SGA==

GET
H2 200 styles-93b86facdcc85b602c61.css
shellshock.qwilr.com/Public/Assets/ 730 KB
49 KB 8ms
7ms Stylesheet
text/css 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shellshock.qwilr.com/Public/Assets/styles-93b86facdcc85b602c61.css
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16accd5e5bee7caede4ee6a16f9c0bf4217d1fa66029a015780cff2102260dc5

Request headers

:path: /Public/Assets/styles-93b86facdcc85b602c61.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 01:27:44 GMT
content-encoding: br
last-modified: Mon, 13 Sep 2021 00:18:42 GMT
server: AmazonS3
age: 38398
etag: "ccb0274f1052789353827cea11504674"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 49555
x-amz-cf-id: EZ1yLpF4NwCwD8Kxv748VzWFTxqGpZxyudkpkDqIYiDae6401LeTAw==

GET
H2 200 5NM-93QKBOOMurWbLjpLShDH5Y10mcJ3yxPI1Q.png
qwilr.imgix.net/ 7 KB
7 KB 5054ms
25ms Image
image/webp 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qwilr.imgix.net/5NM-93QKBOOMurWbLjpLShDH5Y10mcJ3yxPI1Q.png?auto=format&fit=max&w=2550

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

060a5700aadeaadf3f42ee252f109e67e9182d2d9bce2cb28c34baf6ecb76ddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Sep 2021 14:03:35 GMT
server: imgix
age: 338652
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 44fa742d23f426bd3e16a68a2774ac03aca32d3e
accept-ranges: bytes
content-length: 6852
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10030-SJC, cache-fra19152-FRA

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 44 KB
17 KB 5153ms
74ms Script
text/javascript 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

26fe64786c8b2e621e1a94a8643577cd7e3eb887b41f532e6fd61694c74f8d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17347
x-xss-protection: 0
server: cafe
etag: 7462534195738372373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 12:07:46 GMT

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ 611 KB
115 KB 5033ms
6ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5fe6fb5f161634a0e8d1f76a22b52a7cac1320794e04a772d4983f677433332

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:46 GMT
content-encoding: br
vary: Accept-Encoding
age: 2486
x-cache: HIT, HIT
content-length: 117777
x-served-by: cache-dca17783-DCA, cache-fra19164-FRA
access-control-allow-origin: *
x-browser-version: 92
last-modified: Thu, 09 Sep 2021 18:06:57 GMT
x-timer: S1631534867.681023,VS0,VE0
etag: "613a4d41-1cc11"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 107

GET
H2 200 uFYzUbOdMkJzeO4N4cUTjaFbzODwBii_05IV6g.png
qwilr.imgix.net/ 44 KB
45 KB 750ms
8ms Image
image/webp 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qwilr.imgix.net/uFYzUbOdMkJzeO4N4cUTjaFbzODwBii_05IV6g.png?auto=format

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

97d02b3a5bb5cf6fc24b2a015a2a19d813d3a3114afc140dbf1a8038b8212c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:46 GMT
x-content-type-options: nosniff
age: 2330474
x-ixtest-painter-type: mac
x-imgix-id: 33387c2c63694090fd9e82aadefc85ef5244ed8a
x-cache: HIT, HIT
content-length: 45300
x-served-by: cache-sjc10039-SJC, cache-fra19152-FRA
last-modified: Tue, 17 Aug 2021 12:46:31 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 photo-1546640646-89b557854b23
images.unsplash.com/ 111 KB
112 KB 5072ms
30ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1546640646-89b557854b23?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxMDE5OXwwfDF8c2VhcmNofDZ8fG5lb258ZW58MHx8fHwxNjI3NDEzODk0&ixlib=rb-1.2.1&q=80&w=1080

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

969ae5a33dca786a0d676818f5e0dcf37c14c38a17a17655525388f76b85e101

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:50 GMT
x-content-type-options: nosniff
fastly-restarts: 1
last-modified: Wed, 08 Sep 2021 15:48:25 GMT
server: imgix
age: 418765
x-cache: MISS, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: edfb85d355912af5677a3bbe3764f25a161ea791
accept-ranges: bytes
content-length: 114077
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10079-SJC, cache-sjc10048-SJC, cache-fra19164-FRA

GET
H2 200 MuxXG0RqHKC-jMFwjA4HW-xc6II-mm70pYtjtg.png
qwilr.imgix.net/ 98 KB
98 KB 757ms
16ms Image
image/webp 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qwilr.imgix.net/MuxXG0RqHKC-jMFwjA4HW-xc6II-mm70pYtjtg.png?auto=format

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

eb719e715e3bdbb905bef38bcd9c46b6dad1ed2ecc230b045b73f7c24716fa4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Sep 2021 20:52:36 GMT
server: imgix
age: 314110
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 63bd42e2c7acb8dd62ee0735a6d5bc941c6a3eb7
accept-ranges: bytes
content-length: 100050
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10060-SJC, cache-fra19152-FRA

GET
H2 200 photo-1488554378835-f7acf46e6c98
images.unsplash.com/ 114 KB
114 KB 5049ms
7ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1488554378835-f7acf46e6c98?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxMDE5OXwwfDF8c2VhcmNofDExfHxuZW9ufGVufDB8fHx8MTYyNzQxMzg5NQ&ixlib=rb-1.2.1&q=80&w=1080

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

8f7f695b09f97fead669fffee47ae65904c63411662180fb971a75d3ef304b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:50 GMT
x-content-type-options: nosniff
fastly-restarts: 1
last-modified: Sun, 22 Aug 2021 15:59:13 GMT
server: imgix
age: 1886956
x-cache: HIT, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 1f0eff66496306b35eda74a4e1f16e9e5d5e45d6
accept-ranges: bytes
content-length: 116501
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10041-SJC, cache-sjc10044-SJC, cache-fra19164-FRA

GET
H2 200 photo-1546458652-66d283f55a7e
images.unsplash.com/ 64 KB
64 KB 5065ms
24ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1546458652-66d283f55a7e?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxMDE5OXwwfDF8c2VhcmNofDMxfHxOZW9ufGVufDB8fHx8MTYyNzQyMTEyMQ&ixlib=rb-1.2.1&q=80&w=1080

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

6ddd9c1c68e34ac49bf369e33ec4c2a86ea2ed836ad01e83b636d43c298f181c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Sep 2021 03:24:04 GMT
server: imgix
age: 463426
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 43ac0fe43dcca5273b168edb43b957ce7cc7372b
accept-ranges: bytes
content-length: 65787
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10050-SJC, cache-fra19164-FRA

GET
H2 200 photo-1566055909643-a51b4271aa47
images.unsplash.com/ 80 KB
80 KB 5068ms
27ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1566055909643-a51b4271aa47?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxMDE5OXwwfDF8c2VhcmNofDE2fHxuZW9ufGVufDB8fHx8MTYyNzQxMzg5NQ&ixlib=rb-1.2.1&q=80&w=1080

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5f982832f9e592181d924441e1f02a9bc8cbd4f089696e2bf9d23d9289ea395d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Aug 2021 10:02:25 GMT
server: imgix
age: 3463526
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: ca24c71b4f3c60be4ca916824580da3a373ee3ba
accept-ranges: bytes
content-length: 82114
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10079-SJC, cache-fra19164-FRA

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 5053ms
18ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:300,400,700,400italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shellshock.qwilr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 19:57:15 GMT
x-content-type-options: nosniff
age: 576635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 19:57:15 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 5042ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:300,400,700,400italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shellshock.qwilr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 08:00:30 GMT
x-content-type-options: nosniff
age: 274040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 08:00:30 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
14 KB 5048ms
13ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:300,400,700,400italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shellshock.qwilr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 14:18:31 GMT
x-content-type-options: nosniff
age: 78559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 14:18:31 GMT

GET
H2 200 bullet.woff
shellshock.qwilr.com/Assets/fonts/bullet/ 1 KB
2 KB 7ms
7ms Font
font/woff 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shellshock.qwilr.com/Assets/fonts/bullet/bullet.woff

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/styles-93b86facdcc85b602c61.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / cloud66

Resource Hash

afc960c1b1194eb1128c49882776859655504dd2e4f333ab3e0ee5dd19ae7cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /Assets/fonts/bullet/bullet.woff
pragma: no-cache
origin: https://shellshock.qwilr.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Public/Assets/styles-93b86facdcc85b602c61.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shellshock.qwilr.com/Public/Assets/styles-93b86facdcc85b602c61.css
Origin: https://shellshock.qwilr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 18:21:53 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 63952
x-powered-by: cloud66
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 1472
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 03:29:24 GMT
server: nginx
etag: W/"5c0-17bcdc0b620"
expect-ct: max-age=0
x-download-options: noopen
content-type: font/woff
cache-control: public, max-age=604800
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: Ir88d2nAkZvUvKXkzTHW6e5Iv0gmIxG4aqZ2pbtZPhe4c5ll9r--zg==

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v23/ 13 KB
14 KB 5049ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:300,400,700,400italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shellshock.qwilr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 14:27:55 GMT
x-content-type-options: nosniff
age: 77995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 14:27:55 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/ 416 KB
84 KB 5040ms
10ms Script
text/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c36727eab6467d5dd50854a57f423043bb526af8043810cfa676e7e901938864

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: tk5FL.dIjP6WfRwiDKWzFNqpjCHuAoJL
content-encoding: gzip
etag: W/"33d0d3261305dd75c158c23f3ec5c8cd"
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Sat, 11 Sep 2021 04:57:39 GMT
server: AmazonS3
date: Mon, 13 Sep 2021 12:07:51 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: dW56zeIOsfwHWI0ksMmkXiIRQx_m-EfmEc3w4XLajI_YiXAkBW2x5A==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957165257/ 2 KB
2 KB 5131ms
56ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957165257/?random=1631534866879&cv=9&fst=1631534866879&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite&tiba=Shellshock%20One-Sheet&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51e3fc1aedbd5112b9de3894a5f72c2ba996877d3a10d40a1831d80898ec349e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 12:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hufwzswdze4i.js Show response
js.driftt.com/include/1631535000000/ 214 KB
61 KB 5159ms
130ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1631535000000/hufwzswdze4i.js

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c4f57d46aed962a8907d1af9388d0e4244933b4e0e65a83d72e057f9028cb4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: vgJ23iNlx9REbr_UBjz6ysdtmMGc59Cw
content-encoding: gzip
etag: W/"616274611dd32802d586ccd57be6eb33"
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 18:32:29 GMT
server: nginx
date: Mon, 13 Sep 2021 12:07:51 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r5pAbIFH2eHEAZuRmrNT-sbOSFY8TYdnJJGaa9EfHPqDd9OQzUrRsw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 5041ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4551
date: Mon, 13 Sep 2021 10:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 13 Sep 2021 12:52:00 GMT

OPTIONS
H2 200 events
analytics.hx-qwilr.com/ Frame 0
0 5907ms
865ms Preflight
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Protocol: H2
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shellshock.qwilr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 13 Sep 2021 12:07:52 GMT
x-amzn-requestid: b24299e4-541c-46d2-9890-63b5358794ce
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: FmbL6GIpywMF1cg=
access-control-allow-methods: GET,OPTIONS,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: t6DMe_reL30j40LN3NqqaJS8-BwZlF3iBiO81GeKCTmRMSbBBQUs9g==

GET
H2 200 boomerang-1.0.0.min.js Show response
shellshock.qwilr.com/Assets/scripts/ 144 KB
42 KB 8ms
8ms XHR
application/javascript 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shellshock.qwilr.com/Assets/scripts/boomerang-1.0.0.min.js?_=1631534866928

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / cloud66

Resource Hash

97a53d662bfb1069fa5fc27b400a2ea4d78c5e81dc411a6f90e955de8808b0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /Assets/scripts/boomerang-1.0.0.min.js?_=1631534866928
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
sec-fetch-dest: empty
:authority: shellshock.qwilr.com
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 18:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 63953
x-powered-by: cloud66
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 03:29:24 GMT
server: nginx
etag: W/"240eb-17bcdc0b620"
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: AEyvQ_5z-W1fuB3rtLbloNLbtIvOSHr-fmbPsJLrtmP_Nnph8kAUYA==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
608 B 1415ms
1415ms XHR
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash: 0f43deba2a8bb4dfca7da4de119ecdf98c4b6c07ff5ecd6971c826a2c4f54478

Request headers

Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 12:07:54 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 21cad43d-d9ad-4c99-862f-517247faf84a
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-613f3f19-260176537bf8d4446efb0952;Sampled=0
x-amz-apigw-id: FmbMDEgeSwMF38A=
content-length: 240
x-amz-cf-id: Uxw_AfCVSvodoDhJASBlKNAnsolr2Dl3khB07uCgjmZuFMZ6hnvSLw==

GET
H2 200 Twitter.svg Show response
shellshock.qwilr.com/Assets/icons/social/ 1 KB
1 KB 8ms
8ms XHR
image/svg+xml 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shellshock.qwilr.com/Assets/icons/social/Twitter.svg

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / cloud66

Resource Hash

72bf9a0c3112d057cb3045a7fce3a5da70ad89fb1773abc0e43b28b454ff95fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /Assets/icons/social/Twitter.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:scheme: https
sec-fetch-site: same-origin
sentry-trace: d7a349f2c78d4f51879905828b81137c-83f5daaca7dcb074-1
:method: GET
Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sentry-trace: d7a349f2c78d4f51879905828b81137c-83f5daaca7dcb074-1

Response headers

date: Sun, 12 Sep 2021 18:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 63953
x-powered-by: cloud66
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 03:29:24 GMT
server: nginx
etag: W/"41d-17bcdc0b620"
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: image/svg+xml
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 7j75EefkUg-uYlJ0BoSLrJyFAi7GBps7bjf9o0KqKUvg6c29HhU8lA==

GET
H2 200 Linkedin.svg Show response
shellshock.qwilr.com/Assets/icons/social/ 959 B
1 KB 8ms
8ms XHR
image/svg+xml 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shellshock.qwilr.com/Assets/icons/social/Linkedin.svg

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / cloud66

Resource Hash

5f844485ba9b6da518ef7bbba1a08536320174898d18db7dbdc0dea4e0ed4f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /Assets/icons/social/Linkedin.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:scheme: https
sec-fetch-site: same-origin
sentry-trace: d7a349f2c78d4f51879905828b81137c-aebdba436aa6d1db-1
:method: GET
Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sentry-trace: d7a349f2c78d4f51879905828b81137c-aebdba436aa6d1db-1

Response headers

date: Sun, 12 Sep 2021 18:21:54 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 63953
x-powered-by: cloud66
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 959
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 03:29:24 GMT
server: nginx
etag: W/"3bf-17bcdc0b620"
expect-ct: max-age=0
x-download-options: noopen
content-type: image/svg+xml
cache-control: public, max-age=604800
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: Ht_KLxsslLKGB3_2on5agUOobs20lo1OX42Dugjmr37Ihn7ZbO0WIw==

GET
H2 200 Facebook.svg Show response
shellshock.qwilr.com/Assets/icons/social/ 904 B
1 KB 8ms
8ms XHR
image/svg+xml 2600:9000:2057:4400:6:a3a2:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shellshock.qwilr.com/Assets/icons/social/Facebook.svg

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4400:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / cloud66

Resource Hash

ecade4e62b7c8918b0fe4eeb7674f870b298fc0136f8943b2432fcd7e3f669a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /Assets/icons/social/Facebook.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: shellshock.qwilr.com
referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
:scheme: https
sec-fetch-site: same-origin
sentry-trace: d7a349f2c78d4f51879905828b81137c-915c1440d93c72db-1
:method: GET
Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sentry-trace: d7a349f2c78d4f51879905828b81137c-915c1440d93c72db-1

Response headers

date: Sun, 12 Sep 2021 18:21:54 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 63953
x-powered-by: cloud66
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 904
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 03:29:24 GMT
server: nginx
etag: W/"388-17bcdc0b620"
expect-ct: max-age=0
x-download-options: noopen
content-type: image/svg+xml
cache-control: public, max-age=604800
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: AQ7YyYaNLfaituGfWJ47Zfqxegk0XhqxG6cz8SGaWntBOXhWCcYtzQ==

OPTIONS
H2 204 qtEei0FCTc6X
api.qwilr.com/web-api/boomerang/ Frame 0
0 6048ms
275ms Preflight 3.105.131.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.qwilr.com/web-api/boomerang/qtEei0FCTc6X

Protocol

Server

3.105.131.214 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-131-214.ap-southeast-2.compute.amazonaws.com

Software

nginx / cloud66

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shellshock.qwilr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 13 Sep 2021 12:07:53 GMT
server: nginx
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0
access-control-allow-origin: https://shellshock.qwilr.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: Accept,Content-Type,Origin,X-XSRF-TOKEN,X-Requested-With
x-powered-by: cloud66

POST
H2 200 qtEei0FCTc6X Show response
api.qwilr.com/web-api/boomerang/ 2 B
381 B 337ms
337ms XHR
text/plain 3.105.131.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.qwilr.com/web-api/boomerang/qtEei0FCTc6X

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.131.214 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-131-214.ap-southeast-2.compute.amazonaws.com

Software

nginx / cloud66

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 12:07:53 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: cloud66
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=0
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://shellshock.qwilr.com
x-permitted-cross-domain-policies: none
access-control-allow-credentials: true
x-dns-prefetch-control: off
vary: X-HTTP-Method-Override, Origin
content-length: 2
x-xss-protection: 0

POST
H2 200 / Show response
o11981.ingest.sentry.io/api/5792471/envelope/ 41 B
289 B 5108ms
13ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o11981.ingest.sentry.io/api/5792471/envelope/?sentry_key=4c121e229b894612824f2a7f93acbad4&sentry_version=7

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

980478fd3e0038c7bc424c5d7718b6eaf955b9ad894e8fbe98202713083ae69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 12:07:53 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://shellshock.qwilr.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 41

GET
H2 200 hotjar-218686.js Show response
static.hotjar.com/c/ 4 KB
2 KB 5070ms
10ms Script
application/javascript 13.32.22.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-218686.js?sv=6

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-41.fra56.r.cloudfront.net

Software

Resource Hash

7dc0ab0e4b48c9ef58cdd70f865e0c16a9370e37b27432dd968ebe2cdd0b9327

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:06:59 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 57
etag: W/9b8acd8039e0667fb20a4a3f80d1edfa
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-C2
content-length: 1963
via: 1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
x-amz-cf-id: bWlck6su6wNcG-bYbeS0umW7Nc__raEevs31dYocOyBEBSmHxlva9w==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 75ms
73ms Script
text/javascript 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
server: cafe
etag: 8182713160943572198
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 12:07:51 GMT

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 5066ms
11ms Script
application/javascript 52.222.206.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 01:09:14 GMT
content-encoding: gzip
age: 19911523
x-cache: Hit from cloudfront
content-length: 17889
access-control-allow-origin: *
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: _sJqd7HTfWROdbxb0Iu1ZIpfwl2QcvMl_Etu6JHYfzE5BGs7N18omg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 5059ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: 10hrM2wqm4+WyDYfjjrpkBdWA6YYuwUS3lrHjirUaWgcSp7PGyJVK3lRutw6MttAHPfAi1kJYn/8KtRbTpc1dQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 13 Sep 2021 12:07:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 5068ms
16ms Script
application/x-javascript 2a02:26f0:fb:5b5::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5b5::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 12:07:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=79078
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H/1.1 200
OK bb86df12b7c4bc535cf1d0ab770808ba6e380ac9.2.js Show response
scripts.kissmetrics.com/ 26 KB
12 KB 5066ms
11ms Script
application/x-javascript 13.32.98.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.kissmetrics.com/bb86df12b7c4bc535cf1d0ab770808ba6e380ac9.2.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.98.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-98-64.fra60.r.cloudfront.net
Software: nginx/1.6.2 /
Resource Hash: bbd3877879c3c2d802ca1f5360c3b53eb6efcc2ddbb9e51224ab891ee45c643e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 12:11:07 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 13 Aug 2020 13:15:30 GMT
Server: nginx/1.6.2
Age: 57
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
P3P: CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
Cache-Control: max-age=60
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P3
Content-Type: application/x-javascript; charset=utf-8
X-Amz-Cf-Id: 2YMr4s7lwmy3HHxZTNOluil_-JaglkLTjKt9nmMqFjgFxjX-TizLcw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 106 KB
41 KB 5078ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MLQKJ7&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7ce33f1abdd208a2e6a33bf13729b6e89a5583e029193d94481cfde828f86b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41446
x-xss-protection: 0
expires: Mon, 13 Sep 2021 12:07:56 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
151 B 14ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1209329596&t=pageview&_s=1&dl=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite&ul=en-us&de=UTF-8&dt=Shellshock%20One-Sheet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1137153356&gjid=1649906386&cid=895846310.1631534872&tid=UA-126627371-2&_gid=589414700.1631534872&_r=1&_slc=1&z=2072318158

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 12:07:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shellshock.qwilr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1209329596&t=event&_s=2&dl=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite&ul=en-us&de=UTF-8&dt=Shellshock%20One-Sheet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Project&ea=open&el=6100548c8b2326000628ddc7&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=895846310.1631534872&tid=UA-126627371-2&_gid=589414700.1631534872&z=1061346385

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Sep 2021 22:37:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48603
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
467 B 5055ms
14ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-126627371-2&cid=895846310.1631534872&jid=1137153356&gjid=1649906386&_gid=589414700.1631534872&_u=IEBAAEAAAAAAAC~&z=1071295548

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Sep 2021 12:07:57 GMT
content-type: text/plain
access-control-allow-origin: https://shellshock.qwilr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/957165257/ 42 B
569 B 5051ms
19ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957165257/?random=1631534866879&cv=9&fst=1631534400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite&tiba=Shellshock%20One-Sheet&fmt=3&is_vtc=1&random=241480660&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957165257/ 42 B
569 B 5064ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957165257/?random=1631534866879&cv=9&fst=1631534400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite&tiba=Shellshock%20One-Sheet&fmt=3&is_vtc=1&random=241480660&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 qtEei0FCTc6X Show response
api.qwilr.com/web-api/count-visit/ 2 B
364 B 1224ms
391ms XHR
text/plain 3.105.131.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.qwilr.com/web-api/count-visit/qtEei0FCTc6X?visitToken=

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.131.214 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-131-214.ap-southeast-2.compute.amazonaws.com

Software

nginx / cloud66

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:53 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: cloud66
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=0
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://shellshock.qwilr.com
x-permitted-cross-domain-policies: none
access-control-allow-credentials: true
x-dns-prefetch-control: off
vary: Origin
content-length: 2
x-xss-protection: 0

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
607 B 1250ms
1249ms XHR
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash: de83860522de31659f84f2198fc01e805bff902971ff49c356c1e330cba4b0a4

Request headers

Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 12:07:54 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: c7e85e31-85af-4db2-9f9c-d1c127fe9415
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-613f3f1a-6a4e0c974d982c2826f7b085;Sampled=0
x-amz-apigw-id: FmbMHHTwywMF_og=
content-length: 240
x-amz-cf-id: ngIBhv774GF-op8fhkfIPhAZWNkvj1Av9cuowD01RAUb7uLtOW6hug==

OPTIONS
H2 200 events
analytics.hx-qwilr.com/ Frame 0
0 863ms
863ms Preflight
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Protocol: H2
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shellshock.qwilr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 13 Sep 2021 12:07:52 GMT
x-amzn-requestid: 298e7b8b-a84a-4767-b953-968f4c7532dd
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: FmbL7ECvSwMFhHg=
access-control-allow-methods: GET,OPTIONS,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: svU6gMKrrh_4t9QzQI4cC_YwGM1FNCoYyfoY1NG0Mzw3xP0HrScxaQ==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
608 B 1250ms
1249ms XHR
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash: b227f0d063a3ad248f48f4e01e713989d85d88760ba5c034956f7ee040519c00

Request headers

Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 12:07:54 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 0ceb8309-1676-4b24-8964-9cc67b388ce4
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-613f3f1a-46358a65632edc355e9cff4f;Sampled=0
x-amz-apigw-id: FmbMMGy9SwMF03Q=
content-length: 240
x-amz-cf-id: -vKP0ZrleH8pOvdqOE2-K0LYGRU0pWC1LADDbEQ1tOpbwFH-tycMQg==

OPTIONS
H2 200 events
analytics.hx-qwilr.com/ Frame 0
0 877ms
877ms Preflight
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Protocol: H2
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shellshock.qwilr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 13 Sep 2021 12:07:53 GMT
x-amzn-requestid: 6c6345e6-e78f-41f7-93d1-ff3d48d9baee
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: FmbMBFBMSwMF3ag=
access-control-allow-methods: GET,OPTIONS,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: uuUZrpQ2YRWBYvo6rO4X4e41vx8kPo_GIehUtkXyKQaFfpxfLG2HJA==

GET
H2 200 modules.5fe2f4f38cf4833026a9.js Show response
script.hotjar.com/ 221 KB
59 KB 5038ms
9ms Script
application/javascript 13.224.193.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-218686.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-121.fra2.r.cloudfront.net

Software

Resource Hash

33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 363175
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59626
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 07:14:26 GMT
etag: "e8c5ca8d148a212696c04c37e713b2a1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: j4eheHb9m9ROJjkMYk2Q5pa5G5bCcmXu3EQeMFQKjfR2fM5KyEslyA==

GET
H2 200 1511546975772062 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 63ms
62ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1511546975772062?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f08a49f9f117949d520b3607b65637b1f8db03059c6b24615fb831d7a3606c6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: nsWbQs8EE2SB6xkXz2qv/8H2n22aNBQhnNxDKz5WeNu/GuQk2o8tvcids501whECVg3leGw6+M5EREx4lL/alA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 13 Sep 2021 12:07:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK e
trk.kissmetrics.io/ 43 B
376 B 5402ms
99ms Ping
image/gif 34.238.181.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.kissmetrics.io/e
Requested by: Host: scripts.kissmetrics.com
URL: https://scripts.kissmetrics.com/bb86df12b7c4bc535cf1d0ab770808ba6e380ac9.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.181.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-181-251.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Sep 2021 12:08:01 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 13 Sep 2021 12:08:00 GMT

POST
H/1.1 200
OK e
trk.kissmetrics.io/ 43 B
376 B 5406ms
101ms Ping
image/gif 34.238.181.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.kissmetrics.io/e
Requested by: Host: scripts.kissmetrics.com
URL: https://scripts.kissmetrics.com/bb86df12b7c4bc535cf1d0ab770808ba6e380ac9.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.181.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-181-251.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Sep 2021 12:08:01 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 13 Sep 2021 12:08:00 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
168 B 5503ms
168ms XHR
text/html 35.81.185.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.81.185.185 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-81-185-185.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 13 Sep 2021 12:08:01 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1631534876201&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26u...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D76193%26time%3D1631534876201%26url%3Dhttps%253A%252F%252Fshellshock.qwilr.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1631534876201&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26u...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1631534876201&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26...

0
155 B

5411ms
210ms

Image
application/javascript

108.174.10.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1631534876201&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite&liSync=true&e_ipv6=AQLDf1RIVI5rRAAAAXvfDrDXDQlHmLw-uRB0-bGr2-al4HWLDN2GxrtKigQSCHDE0Hk0e3E
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 -, , ASN (),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:08:12 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: cFMHKFdgpBaQPMRn5SoAAA==

Redirect headers

date: Mon, 13 Sep 2021 12:08:07 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1631534876201&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite&liSync=true&e_ipv6=AQLDf1RIVI5rRAAAAXvfDrDXDQlHmLw-uRB0-bGr2-al4HWLDN2GxrtKigQSCHDE0Hk0e3E
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: 1pq/6FVgpBZA3U8SxyoAAA==

GET
H2 200 m-outer-9475bd26486e6119b23924eebd3d561a.html Show response
js.stripe.com/v3/ Frame AA9A 215 B
951 B 35ms
35ms Document
text/html 13.225.78.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-91.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shellshock.qwilr.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: ay5jsEeYCN8RcAW+FwYUFPua0k+16nIu5J9BU9uUET7rPTLAbOrPtWl1vV81u6k/tjK4Zftdo2k=
x-amz-request-id: RTENWWX1V93NB3PE
last-modified: Wed, 01 Sep 2021 21:34:43 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Mon, 13 Sep 2021 12:03:12 GMT
cache-control: public, max-age=300
etag: "9475bd26486e6119b23924eebd3d561a"
x-cache: Hit from cloudfront
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: cxfdvOWFoP8fiXTIZEjIT2VXD6Gvwe2PhWuaGq1iti-cV9UqDxSThQ==
age: 285

GET
H2 200 box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response
vars.hotjar.com/ Frame 5929 2 KB
1 KB 5039ms
7ms Document
text/html 143.204.98.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-218686.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-69.fra50.r.cloudfront.net
Software: /
Resource Hash: 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shellshock.qwilr.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/

Response headers

content-type: text/html
content-length: 1044
date: Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "10714b84569172431728622d7c8098e4"
last-modified: Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tnw8fILagUo_ttexuqU8hpbvoHk6t3j24r9S4XreIW7mn34ZOPhhbg==
age: 4748576

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 52ms
52ms Script
text/javascript 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLQKJ7&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

cafe /

Resource Hash

88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
server: cafe
etag: 8182713160943572198
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 12:07:56 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957165257/ 2 KB
1 KB 352ms
51ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957165257/?random=1631534876607&cv=9&fst=1631534876607&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg910&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite&tiba=Shellshock%20One-Sheet&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf2600aff4ffa2b0c1910078e40fc82f91862b9545e71117bccd91e8af97af9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 12:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-f045e3b6b64aa0e635a6cabefc84daae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AA9A 1 KB
1 KB 20ms
20ms Script
application/javascript 13.225.78.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-91.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"01f873d478053c6a0368329ea08f7a10"
age: 191
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: PWH9VJMCPS58EH0R
x-amz-id-2: 3CVxDsSSs14D1X/NneLgfTj5+NICNMkGpJYH3jWrDjyx7GvFPCYTGXpwm++KHfA7rrom630faU8=
last-modified: Wed, 01 Sep 2021 21:34:46 GMT
server: AmazonS3
date: Mon, 13 Sep 2021 12:04:46 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: QVobgy7pKWo3sLSXw3R7tpQ5mjSB4p5TGUjDUZdc_P870TfRAFKAiw==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 8CDD 932 B
1 KB 5054ms
6ms Document
text/html 2600:9000:2057:ac00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ac00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Mon, 13 Sep 2021 12:05:21 GMT
cache-control: public, max-age=300
etag: W/"6114649b-3a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: MBXXcN5SusNY4nNcO7W1nVnsg-ZiZqea2M0SApTNweSQghCAJlI0GQ==
age: 160

GET
H2 200 /
www.google.com/pagead/1p-user-list/957165257/ 42 B
108 B 104ms
20ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957165257/?random=1631534876607&cv=9&fst=1631534400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg910&sendb=1&frm=0&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite&tiba=Shellshock%20One-Sheet&async=1&fmt=3&is_vtc=1&random=3861773835&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957165257/ 42 B
108 B 116ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957165257/?random=1631534876607&cv=9&fst=1631534400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg910&sendb=1&frm=0&url=https%3A%2F%2Fshellshock.qwilr.com%2FShellshock-One-Sheet-qtEei0FCTc6X%3Futm_source%3Dapollo%26utm_medium%3Demail%26utm_campaign%3Dwebsite&tiba=Shellshock%20One-Sheet&async=1&fmt=3&is_vtc=1&random=3861773835&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 58ms
31ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-126627371-2&cid=895846310.1631534872&jid=1137153356&_u=IEBAAEAAAAAAAC~&z=92664496

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 71ms
31ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-126627371-2&cid=895846310.1631534872&jid=1137153356&_u=IEBAAEAAAAAAAC~&z=92664496

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Shellshock-One-Sheet-qtEei0FCTc6X?utm_source=apollo&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
609 B 419ms
419ms XHR
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash: 6f50fef278a537c957533d09c7077f92f845b2f0997198e95aa4dd9747adb5eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 12:07:58 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: bd05b9c2-0365-4a69-a7a2-03dbb5e849af
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-613f3f1e-488339fe63e49f4b06316dd1;Sampled=0
x-amz-apigw-id: FmbMyGJ-SwMF7qw=
content-length: 240
x-amz-cf-id: CD0tdqWaP_OIaLpgcjZeSEwvN5joaptPlmVhMbx1RYSh9QBnUt0X_w==

OPTIONS
H2 200 events
analytics.hx-qwilr.com/ Frame 0
0 864ms
864ms Preflight
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Protocol: H2
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shellshock.qwilr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 13 Sep 2021 12:07:58 GMT
x-amzn-requestid: 92ef4509-9be2-40b9-98a2-185efef8d4b0
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: FmbMvFKzSwMFc8A=
access-control-allow-methods: GET,OPTIONS,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: VHnew9F7ZmF98piRWErAdvHO5M1r8yYPGrcUHNFxpsGIVF2XFQSqsQ==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
607 B 981ms
980ms XHR
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash: 6b16071df75cfbbec5c645c7f4088571eeb6708f2662c71d031b00a6498a86ca

Request headers

Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 12:08:00 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 909f2882-8d09-4651-b278-fecc87efd5f7
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-613f3f20-6d98fc127171e1eb55ba368f;Sampled=0
x-amz-apigw-id: FmbNFHyiywMFTrQ=
content-length: 240
x-amz-cf-id: Trm-qQZgmQIk-F5T91t14H3_SmtzeJ-Uzb21j30FeuMWgtFmscqYpg==

OPTIONS
H2 200 events
analytics.hx-qwilr.com/ Frame 0
0 1158ms
1158ms Preflight
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Protocol: H2
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shellshock.qwilr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 13 Sep 2021 12:07:59 GMT
x-amzn-requestid: 892e2d16-f9b6-486a-8a72-c1f36392f990
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: FmbM9F5hywMFTOA=
access-control-allow-methods: GET,OPTIONS,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 4iiLQtTXa1mmsinHdlzJy_wTaySSE7Rjs3Iw84F_XvobiYAFBa4cjg==

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/218686/ 147 B
322 B 5109ms
37ms XHR
application/json 54.75.159.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/218686/visit-data?sv=6
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.159.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-159-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c

Request headers

Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 12:08:06 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 218686 Show response
vc.hotjar.io/sessions/ 0
256 B 5064ms
35ms XHR
text/plain 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/218686?s=0.25&r=0.21512776697011327
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 12:08:06 GMT
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: zvoCYeAq3i19Olh7Rh18HywtrDoNOAzj5YBVcnE8UXK_sJSrk1lE2g==

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame 8CDD 85 KB
19 KB 9ms
8ms Script
application/x-javascript 2600:9000:2057:ac00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ac00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"6114649b-154bc"
age: 72
x-cache: Hit from cloudfront
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
server: nginx
date: Mon, 13 Sep 2021 12:06:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: siEeTr__XUQU9T7Y9PeDHUDwupl2CcB8ccVt0ahk-f8qZCQqKTFZqQ==

POST
H2 200 6 Show response
m.stripe.com/ Frame 8CDD 156 B
517 B 5505ms
173ms XHR
text/plain 52.36.204.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.36.204.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-204-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

96d2177175f0d12be7fec8e996dc51c29c8d40ac9ed3c5e72ee1726c8dcc5995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 12:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
608 B 960ms
960ms XHR
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash: 2dc32577f735a2e738e8213daa1f8e3e75b2009beba2fc0b778925e82816e2a4

Request headers

Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 12:08:04 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: eef04d93-bc2d-461a-b613-f759352a4776
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-613f3f24-79c8480309f026af00c1c967;Sampled=0
x-amz-apigw-id: FmbNsEYEywMFy0g=
content-length: 240
x-amz-cf-id: Ym8bxP4nmyBTulcEvP86Cnwxtq8uLnnqtfZZ7NX7lN6sQy_LUTA7fQ==

OPTIONS
H2 200 events
analytics.hx-qwilr.com/ Frame 0
0 869ms
869ms Preflight
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Protocol: H2
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shellshock.qwilr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 13 Sep 2021 12:08:03 GMT
x-amzn-requestid: 59028060-e893-4fcf-b2bd-bfa99ae4a8a1
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: FmbNjHh1ywMFl6Q=
access-control-allow-methods: GET,OPTIONS,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: p3Sb67Lic2pXj61_gSYEv3ZIyMoT8FFV4o0GvQqE163lPF9Yj2-WMA==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
609 B 944ms
943ms XHR
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash: 2f174ac91b582362df273e9dacd84d08551dd5605a8c913c05482b73be003ace

Request headers

Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 12:08:06 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 90fb3ff0-143b-4961-9a29-b3a2af09b760
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-613f3f26-233a85f47e8d38c8382f7718;Sampled=0
x-amz-apigw-id: FmbN-FzaywMFz8Q=
content-length: 240
x-amz-cf-id: 5_rIxc2_X9qhVvc4h0qrzoW9MAQytVVUvgt6qUYVQIfGI4cerR0PDQ==

OPTIONS
H2 200 events
analytics.hx-qwilr.com/ Frame 0
0 1161ms
1161ms Preflight
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Protocol: H2
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shellshock.qwilr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 13 Sep 2021 12:08:05 GMT
x-amzn-requestid: ff077aff-5a20-44c0-9a2b-7ad1c0aec855
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: FmbN2G3TywMF02A=
access-control-allow-methods: GET,OPTIONS,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: Kcu97sIzZYyQ4gjZClLm80L7N1gEMDGvYIjwFS916hpVikKG2bKHzA==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
607 B 1275ms
1275ms XHR
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash: c4db29d358e1cfdc8e4c811b2089ed2dbfd046ebb7e7b6cbef74f2f691231b01

Request headers

Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 12:08:09 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: ac14e1dd-46c2-41a3-bffb-ff6cb54f0a56
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-613f3f29-39e7bc023706920c22be9343;Sampled=0
x-amz-apigw-id: FmbOiEejSwMFbmg=
content-length: 240
x-amz-cf-id: PKJNqJljUEm5a5nGGCck1jHuLJy2BAyAo6Owfd7hIfqo03WafuXbmg==

OPTIONS
H2 200 events
analytics.hx-qwilr.com/ Frame 0
0 866ms
866ms Preflight
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Protocol: H2
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shellshock.qwilr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 13 Sep 2021 12:08:08 GMT
x-amzn-requestid: 5a75dfaf-9718-4450-853e-1e0607701dd6
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: FmbOXH4pywMFZhQ=
access-control-allow-methods: GET,OPTIONS,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: iZiaBmt_BvsOU4VZ897xsvg4hKFhRPRaG0cwv5G_joE0a4wjB8SJPA==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
609 B 972ms
972ms XHR
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash: 70a484e8c1bddc62ca4db4a30b6b9230cf5cd357c1cc93a79d5e75e482d27026

Request headers

Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 12:08:11 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 9d116fcd-e540-4f54-ba77-d2a24e29ee69
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-613f3f2b-170bba784d257ce04c10a764;Sampled=0
x-amz-apigw-id: FmbO4HujywMFhHA=
content-length: 240
x-amz-cf-id: GEErO3ZzO_nfJyNZaSgzE5a_D8UKqL7lB03qOZU05OhjIpoMIl4rDw==

OPTIONS
H2 200 events
analytics.hx-qwilr.com/ Frame 0
0 1158ms
1158ms Preflight
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Protocol: H2
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shellshock.qwilr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 13 Sep 2021 12:08:10 GMT
x-amzn-requestid: f19ef58d-f650-4411-a49e-746e4ef9e385
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: FmbOvFufSwMFS5A=
access-control-allow-methods: GET,OPTIONS,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: keTfj1gAAeK0u1URSdJ5U-ezrrq3fl5iBPxXHr8mSjdFEZHxyIGc-A==

GET
H2 200 core Show response
js.driftt.com/ Frame AA68 2 KB
1 KB 81ms
80ms Document
text/html 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1631535000000/hufwzswdze4i.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ce3a8e781c267770ccfd0915f0e3e220d3e4a867fb2a790b5d7672e3090a79e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shellshock.qwilr.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 09 Sep 2021 18:31:55 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: CiHjnzgVfjYG05SlDCTgzbdrdzfUIa3A
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 13 Sep 2021 12:08:12 GMT
cache-control: no-cache
etag: W/"544d0bc425b7cdb0d7414d98ff3b1d08"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: m4x3g855sEEve3Ih0ZagQSTpVIy3jS-3fQilMYXG5VQnzxxh-_-1tQ==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame EEC4 2 KB
1 KB 301ms
300ms Document
text/html 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1631535000000/hufwzswdze4i.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ce3a8e781c267770ccfd0915f0e3e220d3e4a867fb2a790b5d7672e3090a79e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shellshock.qwilr.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shellshock.qwilr.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 09 Sep 2021 18:31:55 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: CiHjnzgVfjYG05SlDCTgzbdrdzfUIa3A
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 13 Sep 2021 12:08:12 GMT
cache-control: no-cache
etag: W/"544d0bc425b7cdb0d7414d98ff3b1d08"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qgLG_cyl1TnkMHXwvTwlK6BG-VHsdXYXAUGUNSrE5-Wde5C9DUuiwg==

OPTIONS
H2 204 qtEei0FCTc6X
api.qwilr.com/web-api/boomerang/ Frame 0
0 276ms
275ms Preflight 3.105.131.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.qwilr.com/web-api/boomerang/qtEei0FCTc6X

Protocol

Server

3.105.131.214 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-131-214.ap-southeast-2.compute.amazonaws.com

Software

nginx / cloud66

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shellshock.qwilr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 13 Sep 2021 12:08:12 GMT
server: nginx
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0
access-control-allow-origin: https://shellshock.qwilr.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: Accept,Content-Type,Origin,X-XSRF-TOKEN,X-Requested-With
x-powered-by: cloud66

POST
H2 200 qtEei0FCTc6X Show response
api.qwilr.com/web-api/boomerang/ 2 B
381 B 315ms
314ms XHR
text/plain 3.105.131.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.qwilr.com/web-api/boomerang/qtEei0FCTc6X

Requested by

Host: shellshock.qwilr.com
URL: https://shellshock.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-28b457ae626dfd4ce854.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.131.214 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-131-214.ap-southeast-2.compute.amazonaws.com

Software

nginx / cloud66

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://shellshock.qwilr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 12:08:13 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: cloud66
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=0
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://shellshock.qwilr.com
x-permitted-cross-domain-policies: none
access-control-allow-credentials: true
x-dns-prefetch-control: off
vary: X-HTTP-Method-Override, Origin
content-length: 2
x-xss-protection: 0

GET roundtrip.js
s.adroll.com/j/ 0
0

GET
H2 200 runtime~main.68021def.js Show response
js.driftt.com/core/assets/js/ Frame AA68 6 KB
3 KB 9ms
8ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

50ae9d78a7b69111bb03ed33ca823d3ee0c755d610add835c6b361fcfd8cc65d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 18:31:54 GMT
content-encoding: gzip
age: 322577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 17:51:22 GMT
server: nginx
etag: W/"81bd56c63b8ffbe60b65dd05c43b438c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: K_A6pQmr5sP8jB8yh1IKOLGVWGnZ07La
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n_I1sYSw_I1DvDa3-MWK7Do3x_K_4pS9A9p2vjlY8H3juD8SgkFSQw==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 58 KB
20 KB 29ms
29ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AktpDdynrLhG5xR2In9XjG4c39UQFW2J-VIKOYYlsq8nb7WZU07z-w==

GET
H2 200 main~493df0b3.9484fac4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 6 KB
3 KB 13ms
13ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.9484fac4.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b6cd35027a476c7c738f691de0117aaf57c5e5d19aaabe57fdf3d44564985cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 15:26:46 GMT
content-encoding: gzip
age: 852086
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 14:38:35 GMT
server: nginx
etag: W/"300b7a64284a020b2477366d0ef314d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cYIE4PfTGmvduZkwkfOjG4yw.AHPOCjX
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hoY47Ud4whdFPgxhpuZxJyIyZNQBe6U5klQjXIt8wnIn6h9rzBZ_Ow==

GET
H2 200 42.84f5886d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 44 KB
13 KB 9ms
7ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

031b647213e760a66f8632e236f8e5449e4ffe32193461a3eeeb04a0ff83ceeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:41:58 GMT
content-encoding: gzip
age: 3882374
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Jul 2021 13:31:10 GMT
server: nginx
etag: W/"3dff2faf78d282147690e292eb6987fa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1YCzDLaWz5s9VmMBrNnONETxLHvnH5Mc
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3VdkH5q1WWmNCBfu2TqtZw80IejlvwjVx2efhLN65Pr9_i2aJG8OYg==

GET
H2 200 18.9c5cc161.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 44 KB
13 KB 36ms
34ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c5cc161.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

346d5677067b66df66edce6e6aba42394964c00e6de1daf7cda1005fdca27bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:46:52 GMT
content-encoding: gzip
age: 876080
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 01 Sep 2021 13:56:15 GMT
server: nginx
etag: W/"9628e411ea23d2bee3311d3ce5be363c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tH6yixdodWlxFA_WVMSHZAGEkCkSqYIj
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DQ8GjSS9ydN7rzc1g0Enzi6Bl26_HUkviUSw4eQfsWMqHLJnZAi0zQ==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 25 KB
8 KB 19ms
17ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 1792795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1I09NUqlw54C3qTPS3eShOaQpBS5lcLu
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f3Zy7jD4xJodWqmUFbJa8ddp2xonuIECX_6xjrqvCSTAf5fWKnSEEg==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 16 KB
5 KB 45ms
44ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s4NXlBQ7PgGRrADV8-SGd14d74VIsE6wIuVQzuoMCnSDOimlQdWDtw==

GET
H2 200 19.990a7667.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 68 KB
21 KB 46ms
45ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.990a7667.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

47e3482c9085cffebfe163e19c4bc6ab7a51a18cf30c12ed15033ff973fb14ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 14:03:24 GMT
content-encoding: gzip
age: 857088
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 13:37:01 GMT
server: nginx
etag: W/"e90795967e116591284f1b56d8085a5d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sqAeBNndNqCDnUDpxtBkko44xwryPo34
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GQwMQJ8lvgxPLvdMBGrdmQYwAappFy7QgqKPbf2KauG773sI4LtjYg==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 16 KB
6 KB 24ms
24ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 1792795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SPqSo.47y7907Wglh2zWsWSyACYHB_Zc
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: taKl-xYZaGGgCu-xLOfy8SziFQTWXMgiOJxm-kLtqvUs7-ODabvxXA==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 59 KB
19 KB 99ms
98ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S53NFw0Kw0up58DPcm-EhdVGmpXaoIuIV6u0jrV943Ul26Psg8dEgw==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 91 KB
28 KB 120ms
119ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IoTv_xFr-ZXwm7xg6oOWhUB0cNMGeB2hm-NxGSw3mC5toji4PF2rFw==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 23 KB
7 KB 50ms
50ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HbqY5zKCJq3nb7fwJkDk4fQHi0IkEhsSlKI5ItJ99Vc8wnOMjWnDNw==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 62 KB
19 KB 103ms
103ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LLzwsiUd2NiqZQoVd07PXwdOQohnuaRWE-P5AOG2cFmjnhtjLqU00w==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 105 KB
34 KB 152ms
151ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 1792795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9jXV8w0bWzHPQtgsCAjrFrN9PLNAN.Ap
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -Q-R8IPmekZt4A33QUCGEYqzuyEiIAjHXWEXGK45S8_wOx4lbrba7Q==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 12 KB
4 KB 150ms
150ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 1792795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ocjv..MVaCaOGNo5kiC5l3ewWVKjMwbS
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DDCk13qdI9qtQYpHd4IrHjpcGHRyE_dvORPUA4A3X-o-u3qFPFwowA==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 12 KB
5 KB 137ms
136ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sKiBZPDvBwN8je4edQqdsrmBhOCdVr-X47k9kf34YL_h9MJd-jRc_A==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 17 KB
7 KB 150ms
150ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 1792795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mlbxReFt8YmdLvOZ4ChXgFfj8NP88809
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9xBbsMpi3oA9_-Dds_9to8o9zkCinhLI81rDliuafkdJATBCs_Knjw==

GET
H2 200 7.e7855ffa.chunk.css
js.driftt.com/core/assets/css/ Frame AA68 12 KB
3 KB 152ms
152ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.e7855ffa.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ddbff1fdf55f5fcc80d6eca42f3a2efb36b38f4ddd1eea47ce8a0ba437ac8247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 1447927
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:20:59 GMT
server: nginx
etag: W/"7d15d8ca77c5224990008b95f855f068"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _KkaYuOVnNJgDqYnVHO6FMmLzVtkgHHQ
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U-4_YQOWc9tS8LI1a7QWnT0I3KqLB9i6_IYuitREdXHNun6BkAT5Tg==

GET
H2 200 7.91ba1517.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 70 KB
21 KB 141ms
140ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.91ba1517.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

475d17d786e093413ff089c2a04557fe87613a937a57b71cc4e52134334dd549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:40:31 GMT
content-encoding: gzip
age: 422861
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 08 Sep 2021 13:26:43 GMT
server: nginx
etag: W/"e31621c6ca6e135e537a9dfa1049434f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vczZQgXoO.uqP6FiSFSNBccGF7xrJ2AC
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SJXtQX_H0kDWTCYTViPn7mWpcH_mLoX5zeyjMEGPrMJfCV-M-qhZXA==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame AA68 24 B
666 B 152ms
152ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
age: 3256554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YES6B2Rv0QuUE3RZsFTHoJ6NmZHg7d3v1qotOerDCPQ3o6StIBprKA==

GET
H2 200 14.878d84dc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 71 KB
18 KB 153ms
152ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.878d84dc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1ab2216f41605ccbff090c54435afc67d7f258ac81815892dacdbf3deca54a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:40:31 GMT
content-encoding: gzip
age: 422861
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 08 Sep 2021 13:26:41 GMT
server: nginx
etag: W/"0ed7c022cdd25d839293a533b47491a2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JaFnYD_9ozyFk7Pk7zw3.oXS95ZlGb_e
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UOsj7JHDmF4NfeUWpr-4dGcJj7oo-g_V2NW5m2SPxS1ytN9lY077oA==

GET
H2 200 21.9e698d6e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 44 KB
12 KB 142ms
142ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.9e698d6e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

868fac3e15ca3d8e5c86566d30fab124a51d7c55f28b0f3e02fb0955637d33da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 18:31:55 GMT
content-encoding: gzip
age: 322577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 17:51:20 GMT
server: nginx
etag: W/"2f0af2235cd5cd822e0c7445048e2245"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _44YQTMrsnqAym_3I8FtblQ81g5W0oXV
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D-Kbq_5hmBWUFbHWi9ATKL8dX72sNo1xFAkgCeLVIgfzp0qYptB2cw==

GET
H2 200 13.12bf9006.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 37 KB
12 KB 146ms
146ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.12bf9006.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

bcd6abb1fcb410d9b061a036e15afa6ea6518b679757f5dd6bc87d27d50dd8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 18:31:55 GMT
content-encoding: gzip
age: 322577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 17:51:19 GMT
server: nginx
etag: W/"d98fd2c46bdc5c3cdfef54883342ef30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KfYbEafvN7r6n22gYUUeH.thV2azNFhH
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: e3rvIMJJYDf8DKsGgAVvC25aBnfkzyGLL_4O_DS6nUFxu355IOg_2w==

POST /
sentry.io/api/1485028/envelope/ Frame AA68 0
0

GET
H2 200 20.2c0861e6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 44 KB
13 KB 8ms
8ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2c0861e6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 3442272
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"c767d19b675d51ecfc93c77b8fa0f24d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U7TgEocsNTUyqtvAMfmAhBAaJWnrpVQx
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9Yjx2jLY8C9g9qvsKJzrPDyEyMumN5BpGV4PzwJ8Cam47_M27UJDng==

GET
H2 200 25.ff79a1b3.chunk.css
js.driftt.com/core/assets/css/ Frame AA68 8 KB
2 KB 9ms
9ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.ff79a1b3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fe4979bacb0e09f7aaed1c69dc2e0fc3d0134f62022d04bdbe4a8d4728701d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 15:26:46 GMT
content-encoding: gzip
age: 852087
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 14:38:30 GMT
server: nginx
etag: W/"ee2864ae799c33f0f2d115315233a9c8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WXr5O6YgCJ7Y3h3j4uzACRnTLS40F5Vg
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UkbHuYkaSmw_DnWmwkWPT_Y7UXVXqBB6kCOKu8dRWrK6qn9XOfG9jA==

GET
H2 200 25.29ce1042.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 11 KB
5 KB 9ms
9ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.29ce1042.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5195ae4475947a66e8a91207a3b6260a96d913592ef9c76d413efe8e825ffb3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 15:26:46 GMT
content-encoding: gzip
age: 852087
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 14:38:33 GMT
server: nginx
etag: W/"54f1c7356484fe9af4a4f1e3cc44a2ee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tLd0sjRaiv3zUl_LgNt_IpWX2iJj6ENL
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k_D6rkVEsoX57flSN-1GuZG8-uFnGRRbZ6bqpZzF3c7kHkU6dBN7Qw==

GET
H2 200 17.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame AA68 365 B
1007 B 8ms
8ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 15:26:46 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
age: 852087
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Fri, 03 Sep 2021 14:38:30 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UKSWsWGbGioCjmYeX_nlq0JBJLACRmtV
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _C0YGu0S-JJCHYwrEeaTCiPBUut18bH6oZ2kc8PRd9JBL5pu7HgvEw==

GET
H2 200 17.8fc08469.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AA68 83 KB
23 KB 9ms
9ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.8fc08469.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c08dfa477b41737222089142eac55a9303ca97a7200d1500d08b4c36f8eca562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=hufwzswdze4i&region=US&forceShow=false&skipCampaigns=false&sessionId=a06dd6af-dda7-4b5a-aa43-7da1097a8dc6&sessionStarted=1631534892.632&campaignRefreshToken=28ad01dd-d544-41df-b42d-5e2550472b19&hideController=false&pageLoadStartTime=1631534861648&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:40:31 GMT
content-encoding: gzip
age: 422862
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 08 Sep 2021 13:26:41 GMT
server: nginx
etag: W/"88b50e56f4905c6d04bd798e5e354ffc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EKP1IggF95nXhNGDKVeZGiwRfHDi_.G2
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Kqmvo4InkKzT5Gq9-ibkxvgAoqaX6J7WMzL_f5IQKY7MVIA8e6RctA==

GET
H2 200 runtime~main.68021def.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 6 KB
3 KB 7ms
7ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

50ae9d78a7b69111bb03ed33ca823d3ee0c755d610add835c6b361fcfd8cc65d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 18:31:54 GMT
content-encoding: gzip
age: 322578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 17:51:22 GMT
server: nginx
etag: W/"81bd56c63b8ffbe60b65dd05c43b438c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: K_A6pQmr5sP8jB8yh1IKOLGVWGnZ07La
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IR59TCknCIYYA5QOaQpUPkIxJI-0cqiyltIS0fAk829KquCZ_3J8xw==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 58 KB
20 KB 8ms
7ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256556
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cAVsFkjqtcC-CGx9dai4iB1OSMUZBYMZqij9GKCXngkkETK29_g0Ow==

GET
H2 200 main~493df0b3.9484fac4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 6 KB
3 KB 8ms
8ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.9484fac4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b6cd35027a476c7c738f691de0117aaf57c5e5d19aaabe57fdf3d44564985cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 15:26:46 GMT
content-encoding: gzip
age: 852087
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 14:38:35 GMT
server: nginx
etag: W/"300b7a64284a020b2477366d0ef314d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cYIE4PfTGmvduZkwkfOjG4yw.AHPOCjX
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mUSlp8l899CjnveDcOxsrgipuvUC3ijcyy0eMVxixdAbQDCHBdc_gw==

POST events
analytics.hx-qwilr.com/ 0
0

OPTIONS
H2 200 events
analytics.hx-qwilr.com/ Frame 0
0 1159ms
1159ms Preflight
application/json 52.222.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Protocol: H2
Server: 52.222.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-65.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shellshock.qwilr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 13 Sep 2021 12:08:14 GMT
x-amzn-requestid: 64917e0e-0735-40cf-b7b2-e756c579ec1d
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: FmbPOGU1SwMF_Zw=
access-control-allow-methods: GET,OPTIONS,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: VUkM9HQrumF_Wdf5Lx5POdlKFsIjAjfUhENhAgHFc3wcDN2Iaa9Gng==

GET
H2 200 42.84f5886d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 44 KB
13 KB 8ms
7ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

031b647213e760a66f8632e236f8e5449e4ffe32193461a3eeeb04a0ff83ceeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:41:58 GMT
content-encoding: gzip
age: 3882375
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Jul 2021 13:31:10 GMT
server: nginx
etag: W/"3dff2faf78d282147690e292eb6987fa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1YCzDLaWz5s9VmMBrNnONETxLHvnH5Mc
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: j9iq0MCTX0IVK0QOEHKFnvehhbEvgBkZb1aYYbaUYMOs_0NkQfPZPw==

GET
H2 200 18.9c5cc161.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 44 KB
13 KB 9ms
8ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c5cc161.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

346d5677067b66df66edce6e6aba42394964c00e6de1daf7cda1005fdca27bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:46:52 GMT
content-encoding: gzip
age: 876081
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 01 Sep 2021 13:56:15 GMT
server: nginx
etag: W/"9628e411ea23d2bee3311d3ce5be363c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tH6yixdodWlxFA_WVMSHZAGEkCkSqYIj
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wzY6YcXbGqvt_7-m_-5FNTzZLJm6tDK_Bs92TuomMsJ1V9nMP80z9w==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 25 KB
8 KB 9ms
9ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 1792796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1I09NUqlw54C3qTPS3eShOaQpBS5lcLu
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sliggDmXRivJrHRyZ7WTMrAfH-W3rpSYxDsEs0xuIErUIDWKRy5FMA==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 16 KB
5 KB 10ms
9ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1mcQPh7pbI3yFkzCBNIWtC5xEuAm7yR-jpmQBTE3fN2vXh3d5dS8nw==

GET
H2 200 19.990a7667.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 68 KB
21 KB 10ms
10ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.990a7667.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

47e3482c9085cffebfe163e19c4bc6ab7a51a18cf30c12ed15033ff973fb14ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 14:03:24 GMT
content-encoding: gzip
age: 857089
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 13:37:01 GMT
server: nginx
etag: W/"e90795967e116591284f1b56d8085a5d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sqAeBNndNqCDnUDpxtBkko44xwryPo34
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YL957hTliNmjoVii45IBXpPBqcmoZc8GdSv56cnoehfUoOCxaqQNfw==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 16 KB
6 KB 11ms
10ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 1792796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SPqSo.47y7907Wglh2zWsWSyACYHB_Zc
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: irFlGrxyI79M1dgthIVF6wOE7Psxbb1RSxOpYWbU6-xz7OIj4T3nKA==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 59 KB
19 KB 11ms
11ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JTkSZM7qzp82nSLqN-n65HMhGZG_YrPuJVsN5uI1sfzbKUawETYolg==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 91 KB
28 KB 12ms
12ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0QEiJdaB6ehJnpha6K5S-CbeYLinwxeEvAdVM85-pVdu0bBtSq1t2g==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 23 KB
7 KB 12ms
12ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E3ASh7gKKSZwDmLr9NE2AENvEewA61ifjQr9XNEeqxZluZrEyrVeyg==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 62 KB
19 KB 14ms
14ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z4_buwHNZUhLgZLfheKD9lg2bp_2ybhww_EZX9e62tRTLFtVoHHkjQ==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 105 KB
34 KB 14ms
14ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 1792796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9jXV8w0bWzHPQtgsCAjrFrN9PLNAN.Ap
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Tovivz57R691qpfG_l1lpEIyz2CmB3LR7HI3bTjSxy0BEdaxl-7fBg==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 12 KB
4 KB 16ms
16ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 1792796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ocjv..MVaCaOGNo5kiC5l3ewWVKjMwbS
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zmIQlE0elqYnZUGS8lLv_nW-8Gio4EICse_UwdNtkUw4VZueAlmiug==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 12 KB
5 KB 16ms
16ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 3256555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 09-1NGe_29HRZV0WH2TqswxeCS_0BkwBG-T4CzvzAjAye3v1wZ4BVA==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 17 KB
7 KB 17ms
16ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 1792796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mlbxReFt8YmdLvOZ4ChXgFfj8NP88809
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Zdb9J-nKI4uiNZ4RWfMo5CA72Xm_8LCBhSTmzoJHvevmkupV31-vHQ==

GET
H2 200 7.e7855ffa.chunk.css
js.driftt.com/core/assets/css/ Frame EEC4 12 KB
3 KB 17ms
17ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.e7855ffa.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ddbff1fdf55f5fcc80d6eca42f3a2efb36b38f4ddd1eea47ce8a0ba437ac8247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 1447928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:20:59 GMT
server: nginx
etag: W/"7d15d8ca77c5224990008b95f855f068"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _KkaYuOVnNJgDqYnVHO6FMmLzVtkgHHQ
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IqFoJxrWUBCHsztnJ_ISfsW0ZowoaDC4ZpzuZ2Y0tw1Kt7tgkX-OsA==

GET
H2 200 7.91ba1517.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 70 KB
21 KB 17ms
16ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.91ba1517.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

475d17d786e093413ff089c2a04557fe87613a937a57b71cc4e52134334dd549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:40:31 GMT
content-encoding: gzip
age: 422862
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 08 Sep 2021 13:26:43 GMT
server: nginx
etag: W/"e31621c6ca6e135e537a9dfa1049434f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vczZQgXoO.uqP6FiSFSNBccGF7xrJ2AC
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cI1Jnf4W8LZYm4gnpjDFg9lsr4VHB5WI566K59M3_8v3lmQZEwf5MQ==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame EEC4 24 B
667 B 19ms
18ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
age: 3256555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YKHRtjheAubHf1kZDHMal6T9s-dwWEMmBCNjlQQeHAzV-EEjkvkMUg==

GET
H2 200 14.878d84dc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 71 KB
18 KB 19ms
18ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.878d84dc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1ab2216f41605ccbff090c54435afc67d7f258ac81815892dacdbf3deca54a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:40:31 GMT
content-encoding: gzip
age: 422862
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 08 Sep 2021 13:26:41 GMT
server: nginx
etag: W/"0ed7c022cdd25d839293a533b47491a2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JaFnYD_9ozyFk7Pk7zw3.oXS95ZlGb_e
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E6lDn2dkQJUbw86OC7PGz3APynqdnp87yCSrCFq2FJzyT7lpPXKeNA==

GET
H2 200 21.9e698d6e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 44 KB
12 KB 19ms
19ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.9e698d6e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

868fac3e15ca3d8e5c86566d30fab124a51d7c55f28b0f3e02fb0955637d33da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 18:31:55 GMT
content-encoding: gzip
age: 322578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 17:51:20 GMT
server: nginx
etag: W/"2f0af2235cd5cd822e0c7445048e2245"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _44YQTMrsnqAym_3I8FtblQ81g5W0oXV
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PMVic07YVG3mjrG2BOKUamP6eCD0Gzb2110P-M0zqoy0WvGEHG_5YQ==

GET
H2 200 13.12bf9006.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 37 KB
12 KB 20ms
20ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.12bf9006.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

bcd6abb1fcb410d9b061a036e15afa6ea6518b679757f5dd6bc87d27d50dd8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 18:31:55 GMT
content-encoding: gzip
age: 322578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 17:51:19 GMT
server: nginx
etag: W/"d98fd2c46bdc5c3cdfef54883342ef30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KfYbEafvN7r6n22gYUUeH.thV2azNFhH
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: raJYmgyVZ0B2eugbmHp3aNlslHfHwq4rzXjk02HodFD5eVPxeQZ4yg==

POST /
sentry.io/api/1485028/envelope/ Frame EEC4 0
0

GET
H2 200 30.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame EEC4 6 KB
1 KB 14ms
7ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:29:47 GMT
content-encoding: gzip
age: 6554306
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 29 Jun 2021 15:10:44 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fetckuyHy7tVJ3YvictsA_agqEVkirdd
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: z1046mKm_4hq3JswtESdOFyso7tbiPmY0r2t46-lisdy0ora5dU-DQ==

GET
H2 200 30.894b0c48.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 2 KB
2 KB 84ms
77ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.894b0c48.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 1792796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"a4c169519747a3283936a635381e7676"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oTk.1igsNjrA3psg1hKGFNuJF2l7cLg8
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Howhx_POJJo1UzaXZjQXQW1-wD1PvsBP7xo_HLA-ePZiIpZGpE46iQ==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame EEC4 7 KB
2 KB 8ms
7ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 5847812
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hdWMgNKvLwZcep5QH7m9bqoRE1.SuP2b
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LUlrce0kd7-XQh2Y20Cgwhq4bKaPEQ9bgevhiPhgGRWHxqe9-c6mQg==

GET
H2 200 1.187c50a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 54 KB
16 KB 12ms
11ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.187c50a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 3442272
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:59 GMT
server: nginx
etag: W/"eeccccb655ee3b6bcb8b1a9b1da4fd30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bVTg0MSlE6rXjintZc.g75plFKA2.sd
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AFG6DRlu2vn3mecQyN5Cs0AjwxzIvBqCpf82olIak8wVhnqgTwZE0g==

GET
H2 200 0.74cb0a00.chunk.css
js.driftt.com/core/assets/css/ Frame EEC4 40 KB
7 KB 12ms
12ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.74cb0a00.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c71b0d1355ffa5efb6aff3b44f79210e14a04129b946efa39c9f1e3cd546325c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:36:35 GMT
content-encoding: gzip
age: 2136698
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 19 Aug 2021 17:56:35 GMT
server: nginx
etag: W/"1f6bbf72b2bba8102c81383a03c695a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Lf8x9tVb3mMVaREwOaIaliehk9zjSTkv
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wu2cLZhM9OLqwk_eLeua6QYGY30DyGGv-K_YBAoaxLI6f7esqn36Dw==

GET
H2 200 0.22d953d2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 64 KB
21 KB 12ms
12ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.22d953d2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

146945a8867e5050999f88b2fef23e4748fe575b9572ac8ba42560445e87e8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 14:03:24 GMT
content-encoding: gzip
age: 857089
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 13:37:00 GMT
server: nginx
etag: W/"f5ce70523656fcd9cdf86e6fdc73e526"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fOs0GdiFN5obF2XMGGj136F1vmf2OpUE
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4qJkAeHw1s5K7_tzPIonk1ku531WUss4LUZdOnzJ0tmxaSB4glXENQ==

GET
H2 200 28.a35d8593.chunk.css
js.driftt.com/core/assets/css/ Frame EEC4 11 KB
3 KB 13ms
13ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.a35d8593.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

561b202ea8a3cd9cf4878e88b0607b78016f428087923cc32472d578218d5e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 1447928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:20:59 GMT
server: nginx
etag: W/"4e87789253b9d2feb20461043b23122f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: J1sEuldtMhnAnjgvjFcK0h4LMaWYJ2d9
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gXfXfQHTjMKcHFSDG1ezuEsRISWKOsxZJmXvpYx7AzqNzMWu2P9RtA==

GET
H2 200 28.8f1d2644.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EEC4 11 KB
5 KB 15ms
15ms Script
application/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.8f1d2644.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.68021def.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fc2aaae86d63788ddeb3895417184cbf89d527fce2a94a2da520519694817620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1631534861648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 14:03:24 GMT
content-encoding: gzip
age: 857089
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 13:37:02 GMT
server: nginx
etag: W/"90e5543b49e9770e3fe32e36e996a6d0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oOwe9ihFLsb1DqsBLLAit9AJSinvX.XE
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KXWtFuyj4cmyQrwvY7QKcIW_bSpzCFfAsdPWYdqpAIpNRf7_upIKqg==

OPTIONS v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0

POST v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame AA68 0
0

POST ping
bootstrap.api.drift.com/widget_bootstrap/ Frame AA68 0
0

OPTIONS ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0

GET
H2 200 css
fonts.googleapis.com/ Frame AA68 4 KB
739 B 48ms
47ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/13.12bf9006.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 10:31:55 GMT
server: ESF
date: Mon, 13 Sep 2021 12:08:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 12:08:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js

Domain: sentry.io
URL: https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Domain: analytics.hx-qwilr.com
URL: https://analytics.hx-qwilr.com/events

Domain: sentry.io
URL: https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Domain: metrics.api.drift.com
URL: https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Domain: metrics.api.drift.com
URL: https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Domain: bootstrap.api.drift.com
URL: https://bootstrap.api.drift.com/widget_bootstrap/ping

Domain: bootstrap.api.drift.com
URL: https://bootstrap.api.drift.com/widget_bootstrap/ping

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.qwilr.com/	1970-01-19 21:22:19	Name: RT Value: "z=1&dm=qwilr.com&si=4aa57fbd-8a14-4dc8-8636-82f6700cfe88&ss=ktilq2ix&sl=0&tt=0"
.unsplash.com/	1970-01-20 05:57:50	Name: ugid Value: 0d4166fbec9565aad69d391c2ae57ec45438449
.qwilr.com/	1970-01-20 14:43:26	Name: _ga Value: GA1.2.895846310.1631534872
.qwilr.com/	1970-01-19 21:13:41	Name: _gid Value: GA1.2.589414700.1631534872
.qwilr.com/	1970-01-19 21:12:14	Name: _gat_gaIntegrationTracker Value: 1
.qwilr.com/	1969-12-31 23:59:59	Name: kvcd Value: 1631534876156
.qwilr.com/	1970-01-21 17:00:14	Name: km_ai Value: bthIapE6Ku6Q7Io8OF8OC3WKgGU%3D
.qwilr.com/	1970-01-19 21:12:16	Name: km_vs Value: 1
.qwilr.com/	1970-01-21 17:00:14	Name: km_lv Value: 1631534876
.qwilr.com/	1969-12-31 23:59:59	Name: amplitude_idundefinedqwilr.com Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.qwilr.com/	1970-01-23 12:48:14	Name: amplitude_id_e5e5d321dcee948b3a9b02c948ee0117qwilr.com Value: eyJkZXZpY2VJZCI6ImYyOTNjZmQ0LWE2MmYtNGVjZi1iYTQ4LTg3NmQ3MzE0NThmNlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTYzMTUzNDg3NjE3NywibGFzdEV2ZW50VGltZSI6MTYzMTUzNDg3NjE3NiwiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MSwic2VxdWVuY2VOdW1iZXIiOjF9
.qwilr.com/	1970-01-19 23:21:50	Name: _gcl_au Value: 1.1.558436203.1631534876
.doubleclick.net/	1970-01-20 06:33:50	Name: IDE Value: AHWqTUn0kWyHqV8GaOz-3WQzYwMk76fUcTOBDI_aNHSPyaggK2keMhnn4e0jryvV
.qwilr.com/	1970-01-20 05:57:50	Name: _hjid Value: 8ac464b0-9f92-4aa4-8d51-f675eef7ec02
.qwilr.com/	1970-01-19 21:12:16	Name: _hjFirstSeen Value: 1
shellshock.qwilr.com/	1970-01-19 21:12:15	Name: _hjIncludedInPageviewSample Value: 1
.qwilr.com/	1970-01-19 21:12:16	Name: _hjAbsoluteSessionInProgress Value: 1
.linkedin.com/	1970-01-19 21:55:26	Name: UserMatchHistory Value: AQIA88D6waURLAAAAXvfDptpq-znriDXRnT1_2w7GT2I0x0rzf0qKd4v5oftUmF3CTfVhKNAFwRLUg
.linkedin.com/	1970-01-19 21:55:26	Name: AnalyticsSyncHistory Value: AQLTX3lIQqzrkgAAAXvfDptp8WnTFeFg30yO6LaAuQrcq25Yt-cUxbrUk02gHECdUWRv1YSs3yl4B1EbVTFA-w
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:44:08	Name: bcookie Value: "v=2&b6cee6c8-9cdf-4b7f-8e63-d1b555f6f31a"
.linkedin.com/	1970-01-19 21:13:41	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2501:u=1:x=1:i=1631534881:t=1631621281:v=2:sig=AQGtMXfRU5eQo5-B8hckGyacaA4Pvd9Y"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:44:08	Name: bscookie Value: "v=1&20210913120806e13ef5d5-8950-49a8-8f88-3596c887ce5bAQGi61t089hSmOOkPrC-k_C0NrMbTrzJ"
.linkedin.com/	1970-01-20 14:36:48	Name: li_gc Value: MTswOzE2MzE1MzQ4ODY7MjswMjHTgnBznjoy5sDxn8jPJNBqPzc7spY1TbbFTOtxMjgsQw==
m.stripe.com/	1970-01-20 14:43:26	Name: m Value: d979fc84-ec85-496a-82f4-2262e75b25eac778c1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.hx-qwilr.com
api.amplitude.com
api.qwilr.com
bootstrap.api.drift.com
cdn.amplitude.com
cdn.segment.com
connect.facebook.net
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.unsplash.com
in.hotjar.com
js.driftt.com
js.stripe.com
m.stripe.com
m.stripe.network
metrics.api.drift.com
o11981.ingest.sentry.io
px.ads.linkedin.com
px4.ads.linkedin.com
qwilr.imgix.net
s.adroll.com
script.hotjar.com
scripts.kissmetrics.com
sentry.io
shellshock.qwilr.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
trk.kissmetrics.io
url9254.weareshellshock.com
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
analytics.hx-qwilr.com
bootstrap.api.drift.com
metrics.api.drift.com
s.adroll.com
sentry.io
108.174.10.14
13.224.193.121
13.224.197.80
13.225.78.91
13.32.22.41
13.32.98.64
143.204.98.111
143.204.98.69
167.89.118.52
172.217.19.98
18.66.112.79
2600:9000:2057:4400:6:a3a2:8fc0:93a1
2600:9000:2057:ac00:19:7d10:bd80:93a1
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:803::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c06::9b
2a00:1450:400d:804::200a
2a00:1450:400d:807::2002
2a02:26f0:fb:5b5::25ea
2a03:2880:f01c:216:face:b00c:0:3
2a04:4e42:3::720
2a04:4e42:400::622
3.105.131.214
34.120.195.249
34.238.181.251
35.81.185.185
52.222.206.6
52.222.214.65
52.36.204.98
54.75.159.38
031b647213e760a66f8632e236f8e5449e4ffe32193461a3eeeb04a0ff83ceeb
060a5700aadeaadf3f42ee252f109e67e9182d2d9bce2cb28c34baf6ecb76ddc
0f43deba2a8bb4dfca7da4de119ecdf98c4b6c07ff5ecd6971c826a2c4f54478
133ae1f7e8c7fb9af68a03174a4e9542c931bf77a62f8e4c5b613fa5d37a20dd
13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00
146945a8867e5050999f88b2fef23e4748fe575b9572ac8ba42560445e87e8b7
1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2
161de0f32cb3c4cb3091b0be7c47c4cb5f87f856705e75e680ff9ccf98cce9a7
16accd5e5bee7caede4ee6a16f9c0bf4217d1fa66029a015780cff2102260dc5
1ab2216f41605ccbff090c54435afc67d7f258ac81815892dacdbf3deca54a87
1f08a49f9f117949d520b3607b65637b1f8db03059c6b24615fb831d7a3606c6
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
257eaca77e4e9676c6a7ec8bf01e55945dc816ac7841862bf63ea99cbb831c7f
26fe64786c8b2e621e1a94a8643577cd7e3eb887b41f532e6fd61694c74f8d6c
2dc32577f735a2e738e8213daa1f8e3e75b2009beba2fc0b778925e82816e2a4
2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58
2f174ac91b582362df273e9dacd84d08551dd5605a8c913c05482b73be003ace
333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
346d5677067b66df66edce6e6aba42394964c00e6de1daf7cda1005fdca27bef
41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6
475d17d786e093413ff089c2a04557fe87613a937a57b71cc4e52134334dd549
47e3482c9085cffebfe163e19c4bc6ab7a51a18cf30c12ed15033ff973fb14ee
4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531
5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870
50ae9d78a7b69111bb03ed33ca823d3ee0c755d610add835c6b361fcfd8cc65d
5195ae4475947a66e8a91207a3b6260a96d913592ef9c76d413efe8e825ffb3d
51e3fc1aedbd5112b9de3894a5f72c2ba996877d3a10d40a1831d80898ec349e
561b202ea8a3cd9cf4878e88b0607b78016f428087923cc32472d578218d5e3a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5f844485ba9b6da518ef7bbba1a08536320174898d18db7dbdc0dea4e0ed4f0b
5f982832f9e592181d924441e1f02a9bc8cbd4f089696e2bf9d23d9289ea395d
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6b16071df75cfbbec5c645c7f4088571eeb6708f2662c71d031b00a6498a86ca
6ddd9c1c68e34ac49bf369e33ec4c2a86ea2ed836ad01e83b636d43c298f181c
6f50fef278a537c957533d09c7077f92f845b2f0997198e95aa4dd9747adb5eb
70a484e8c1bddc62ca4db4a30b6b9230cf5cd357c1cc93a79d5e75e482d27026
71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7
72bf9a0c3112d057cb3045a7fce3a5da70ad89fb1773abc0e43b28b454ff95fd
75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b
7dc0ab0e4b48c9ef58cdd70f865e0c16a9370e37b27432dd968ebe2cdd0b9327
807d570c16663e8b11121736937e3855958062e08336811485c38f1df02b6c1f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
868fac3e15ca3d8e5c86566d30fab124a51d7c55f28b0f3e02fb0955637d33da
88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8f7f695b09f97fead669fffee47ae65904c63411662180fb971a75d3ef304b14
94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c
956624a0be6974a0bac30ce7e56591a51d232df2e7d307f8d338ffc80de45f08
969ae5a33dca786a0d676818f5e0dcf37c14c38a17a17655525388f76b85e101
96d2177175f0d12be7fec8e996dc51c29c8d40ac9ed3c5e72ee1726c8dcc5995
97a53d662bfb1069fa5fc27b400a2ea4d78c5e81dc411a6f90e955de8808b0c1
97d02b3a5bb5cf6fc24b2a015a2a19d813d3a3114afc140dbf1a8038b8212c89
980478fd3e0038c7bc424c5d7718b6eaf955b9ad894e8fbe98202713083ae69e
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517
a2d15a03d312cd03a914ecedd0b081e36b3cbea3df38ca0636b52996d50badad
a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a5fe6fb5f161634a0e8d1f76a22b52a7cac1320794e04a772d4983f677433332
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754
afc960c1b1194eb1128c49882776859655504dd2e4f333ab3e0ee5dd19ae7cb2
b227f0d063a3ad248f48f4e01e713989d85d88760ba5c034956f7ee040519c00
b6cd35027a476c7c738f691de0117aaf57c5e5d19aaabe57fdf3d44564985cb9
b7d02e0563e74ff7753d68427f91745617b6cfdbd4824c94103bea06ba3b2522
bbd3877879c3c2d802ca1f5360c3b53eb6efcc2ddbb9e51224ab891ee45c643e
bcd6abb1fcb410d9b061a036e15afa6ea6518b679757f5dd6bc87d27d50dd8e1
c08dfa477b41737222089142eac55a9303ca97a7200d1500d08b4c36f8eca562
c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47
c36727eab6467d5dd50854a57f423043bb526af8043810cfa676e7e901938864
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c4db29d358e1cfdc8e4c811b2089ed2dbfd046ebb7e7b6cbef74f2f691231b01
c4f57d46aed962a8907d1af9388d0e4244933b4e0e65a83d72e057f9028cb4d3
c71b0d1355ffa5efb6aff3b44f79210e14a04129b946efa39c9f1e3cd546325c
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cd8c7e0c683adc1426ae0a095ed20a68064d8c7028d6997ec95460165a403419
ce3a8e781c267770ccfd0915f0e3e220d3e4a867fb2a790b5d7672e3090a79e0
cf2600aff4ffa2b0c1910078e40fc82f91862b9545e71117bccd91e8af97af9c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7ce33f1abdd208a2e6a33bf13729b6e89a5583e029193d94481cfde828f86b5
dbfc043260cc75d64f206ce1a36b5e0f079c9c9b0cefc1755703d562a5ce1798
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
ddbff1fdf55f5fcc80d6eca42f3a2efb36b38f4ddd1eea47ce8a0ba437ac8247
de83860522de31659f84f2198fc01e805bff902971ff49c356c1e330cba4b0a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6
eb719e715e3bdbb905bef38bcd9c46b6dad1ed2ecc230b045b73f7c24716fa4a
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ecade4e62b7c8918b0fe4eeb7674f870b298fc0136f8943b2432fcd7e3f669a0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0018f092741780ce8bc1f5fb9825eac163270f9daa468a46c5b1ab9d5c17956
f4247a80d875018599341cc3986078108328e639a8b465bcdac4760f7c67c671
f63eb7afed77b9242192a2d1b496831d8a92eb84fe9ed955de49eccf937ac259
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d
fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95
fc2aaae86d63788ddeb3895417184cbf89d527fce2a94a2da520519694817620
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf
fe4979bacb0e09f7aaed1c69dc2e0fc3d0134f62022d04bdbe4a8d4728701d67
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

shellshock.qwilr.com Open in urlscan Pro 2600:9000:2057:4400:6:a3a2:8fc0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

162 Requests

95 %HTTPS

46 %IPv6

29 Domains

40 Subdomains

33 IPs

5 Countries

2687 kBTransfer

10018 kBSize

26 Cookies

20 Outgoing links

Page URL History

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shellshock.qwilr.com Open in urlscan Pro
2600:9000:2057:4400:6:a3a2:8fc0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

95 %
HTTPS

46 %
IPv6

29
Domains

40
Subdomains

33
IPs

5
Countries

2687 kB
Transfer

10018 kB
Size

26
Cookies

162 HTTP transactions
0 data transactions