symantec-enterprise-blogs.security.com Open in urlscan Pro
2606:4700:10::ac43:69c  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request daxin-backdoor-espionage Show response symantec-enterprise-blogs.security.com/blogs/threat-intelligence/	63 KB 17 KB	841ms 788ms	Document text/html	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d7968fb0c7255bcd99c46d3158a988d98fdb52c85bd93f0386bea7d0f5f3aef Security Headers Name Value Content-Security-Policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 01 Mar 2022 17:15:26 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-xss-protection 0 content-security-policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' cache-control public, max-age=60, s-maxage=600 vary Accept-Encoding via 1.1 vegur cf-cache-status EXPIRED expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6e5388dfeb949296-FRA content-encoding gzip
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	19 KB 7 KB	33ms 15ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de46b77a5b05ab09a32c1999473923ea2b42c8c1489a4a1fb15d551a45366df3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 01 Mar 2022 17:15:26 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 tIKwvumWYF6u8xFeFGeRKQ== age 1723 vary Accept-Encoding content-length 6486 x-ms-lease-status unlocked last-modified Mon, 28 Feb 2022 20:23:36 GMT server cloudflare etag 0x8D9FAF833271C8F expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 606ca165-601e-00e7-5de4-2cc8eb000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6e5388e509c69b6e-FRA
GET H2	200	v4.umd.js Show response play.vidyard.com/embed/	191 KB 49 KB	41ms 12ms	Script application/javascript	151.101.129.181 FASTLY
General Check archive.org Show headers Download Go to Full URL https://play.vidyard.com/embed/v4.umd.js Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.181 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f0832b67882260c646cf771ec5433e25bb0d0d0c98b8998778f329bb7deeec58 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:26 GMT content-encoding gzip vary X-ThumbnailAB, X-China, accept-language, Accept-Encoding age 1846737 x-cache HIT x-cache-hits 1 content-length 49646 x-served-by cache-hhn4077-HHN x-china 0 last-modified Tue, 11 Jan 2022 16:11:16 GMT etag "124a8e7f40464d4ce77f6e00242c9e0d" strict-transport-security max-age=31557600 content-type application/javascript via 1.1 varnish cache-control no-cache, no-store, must-revalidate accept-ranges bytes expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	styles.5f5e42e70fe054514204.css symantec-enterprise-blogs.security.com/blogs/	182 KB 24 KB	24ms 24ms	Stylesheet text/css	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/blogs/styles.5f5e42e70fe054514204.css Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 026da2d7e8eda5e7e5a2d34026d4e91073478d177a93ac58435814091535b965 Security Headers Name Value Content-Security-Policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 42304 date Tue, 01 Mar 2022 17:15:26 GMT x-xss-protection 0 last-modified Thu, 24 Feb 2022 23:37:56 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"2d819-17f2e192c20" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 via 1.1 vegur cache-control public, max-age=86400 content-security-policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' cf-ray 6e5388e4fd7a9296-FRA
GET H2	200	logo.svg symantec-enterprise-blogs.security.com/blogs/assets/	6 KB 2 KB	46ms 44ms	Image image/svg+xml	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://symantec-enterprise-blogs.security.com/blogs/assets/logo.svg Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2bdd9ade4ab2de5d78f5502a865b4c00f5734fadc300c173c95a8eecafc09c34 Security Headers Name Value Content-Security-Policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 33514 date Tue, 01 Mar 2022 17:15:26 GMT x-xss-protection 0 last-modified Thu, 24 Feb 2022 23:38:20 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"169f-17f2e1989e0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml via 1.1 vegur cache-control public, max-age=86400 content-security-policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' cf-ray 6e5388e53dec9296-FRA
GET H2	200	Hero_1296072836.jpg.webp symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_wide/public/2022-02/	58 KB 59 KB	81ms 80ms	Image image/webp	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_wide/public/2022-02/Hero_1296072836.jpg.webp?h=d0633ac3&itok=qaYDHoKg Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b152ca4e2b0b5ccd496ba8acd69f628f579eef203039aa7729342844206bf22c Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:26 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status HIT age 5628 cf-ray 6e5388e53dee9296-FRA x-cache HIT, HIT x-cache-hits 1, 1 vary Accept-Encoding content-length 59762 x-served-by cache-mdw17343-MDW, cache-hhn4073-HHN expires Sun, 19 Nov 1978 05:00:00 GMT last-modified Tue, 01 Mar 2022 11:02:46 GMT server cloudflare traceparent 00-55bf2289205a429591f116f32f4c2735-3bc60ba264d5eda0-00 x-timer S1646149299.648195,VS0,VE2 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains content-language en x-styx-req-id 2024658d-994f-11ec-b9e9-a25457e2e6e6 x-generator Drupal 9 (https://www.drupal.org) x-cloud-trace-context 55bf2289205a429591f116f32f4c2735/4307142885730807200;o=0 cache-control max-age=300, public, s-maxage=86400 permissions-policy interest-cohort=() x-ua-compatible IE=edge accept-ranges bytes content-type image/webp x-pantheon-styx-hostname styx-fe4-a-c8f79d547-l62rj
GET H2	200	author-profile-default.jpg.webp symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_author_avatar_small/public/2017-10/	2 KB 3 KB	82ms 81ms	Image image/webp	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_author_avatar_small/public/2017-10/author-profile-default.jpg.webp?h=6386ac74&itok=yMcB1DYB Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bea188790d2737ccb95bb0dd69e95196662ba7a2a4fcf799e590a7e0a5376223 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:26 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status HIT age 33338 cf-ray 6e5388e53def9296-FRA x-cache HIT, HIT x-cache-hits 1, 1 vary Accept-Encoding content-length 2372 x-served-by cache-mdw17321-MDW, cache-fra19164-FRA expires Sun, 19 Nov 1978 05:00:00 GMT last-modified Mon, 28 Feb 2022 23:54:04 GMT server cloudflare traceparent 00-48d756e223d94c8cabcdc3e27a121b4b-2b5d00d6f22e1482-00 x-timer S1646121588.269624,VS0,VE1 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains content-language en x-styx-req-id b53f2e52-98f1-11ec-8e84-ca085943ceb7 x-generator Drupal 9 (https://www.drupal.org) x-cloud-trace-context 48d756e223d94c8cabcdc3e27a121b4b/3124654639651099778;o=0 cache-control max-age=300, public, s-maxage=86400 permissions-policy interest-cohort=() x-ua-compatible IE=edge accept-ranges bytes content-type image/webp x-pantheon-styx-hostname styx-fe4-b-97f8fd4b8-qd9pk
GET H2	200	Fig1.jpg.webp symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_inline_medium/public/2022-02/	37 KB 37 KB	73ms 72ms	Image image/webp	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_inline_medium/public/2022-02/Fig1.jpg.webp?itok=Zg4-p-Lo Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40506b4739ce8294298b90f1c2b5954753bd390b63c300cae1843645fceda029 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:26 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status HIT age 20915 cf-ray 6e5388e53df29296-FRA x-cache HIT, HIT x-cache-hits 1, 1 vary Accept-Encoding content-length 37458 x-served-by cache-mdw17322-MDW, cache-fra19163-FRA expires Sun, 19 Nov 1978 05:00:00 GMT last-modified Tue, 01 Mar 2022 10:10:28 GMT server cloudflare traceparent 00-136ab028b1134d5984cd8b77547ec471-98438c786bd18cfa-00 x-timer S1646134012.722907,VS0,VE1 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains content-language en x-styx-req-id d1bb4cb0-9947-11ec-bfc5-8a587e610aab x-generator Drupal 9 (https://www.drupal.org) x-cloud-trace-context 136ab028b1134d5984cd8b77547ec471/10971767566037519610;o=0 cache-control max-age=300, public, s-maxage=86400 permissions-policy interest-cohort=() x-ua-compatible IE=edge accept-ranges bytes content-type image/webp x-pantheon-styx-hostname styx-fe4-b-97f8fd4b8-8szp5
GET H2	200	author-profile-default.jpg.webp symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_author_bio_large/public/2017-10/	12 KB 12 KB	77ms 76ms	Image image/webp	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_author_bio_large/public/2017-10/author-profile-default.jpg.webp?h=6386ac74&itok=0czhl3gL Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bc1f4dcf3134d9d3ff86b2a316339726a712d0c578cb51c212bd3c19e5717ed Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:26 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status HIT age 25827 cf-ray 6e5388e53df59296-FRA x-cache HIT, HIT x-cache-hits 1, 1 vary Accept-Encoding content-length 12160 x-served-by cache-mdw17377-MDW, cache-hhn4076-HHN expires Sun, 19 Nov 1978 05:00:00 GMT last-modified Mon, 28 Feb 2022 23:40:00 GMT server cloudflare traceparent 00-76f28ac08ba6406f92f697e3ebe4d377-c0f6daff2759edbb-00 x-timer S1646129099.326685,VS0,VE7 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains content-language en x-styx-req-id bea1603e-98ef-11ec-b262-1699029cfdb7 x-generator Drupal 9 (https://www.drupal.org) x-cloud-trace-context 76f28ac08ba6406f92f697e3ebe4d377/13904541688964705723;o=0 cache-control max-age=300, public, s-maxage=86400 permissions-policy interest-cohort=() x-ua-compatible IE=edge accept-ranges bytes content-type image/webp x-pantheon-styx-hostname styx-fe4-b-97f8fd4b8-spkqr
GET H2	200	Wiper.jpg.webp symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_related_large/public/2022-02/	12 KB 13 KB	80ms 79ms	Image image/webp	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_related_large/public/2022-02/Wiper.jpg.webp?h=ae1dc364&itok=_R3mtNwv Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a4b48cf52cb4e9453803bf406359363252f4fe9d2d1123197053447e5800509 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:26 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status HIT age 42304 cf-ray 6e5388e53df79296-FRA x-cache HIT, HIT x-cache-hits 1, 1 vary Accept-Encoding content-length 12496 x-served-by cache-mdw17322-MDW, cache-hhn4050-HHN expires Sun, 19 Nov 1978 05:00:00 GMT last-modified Mon, 28 Feb 2022 23:03:56 GMT server cloudflare traceparent 00-2367521b43bf4b2d8554db7dd17db059-b813164b00ca8b96-00 x-timer S1646112622.138357,VS0,VE1 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains content-language en x-styx-req-id b47d4a88-98ea-11ec-b369-4a906dc3d02c x-generator Drupal 9 (https://www.drupal.org) x-cloud-trace-context 2367521b43bf4b2d8554db7dd17db059/13263969838927874966;o=0 cache-control max-age=300, public, s-maxage=86400 permissions-policy interest-cohort=() x-ua-compatible IE=edge accept-ranges bytes content-type image/webp x-pantheon-styx-hostname styx-fe4-b-97f8fd4b8-bgf5g
GET H2	200	Antlion_Hero.jpg.webp symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_related_large/public/2022-02/	23 KB 23 KB	76ms 75ms	Image image/webp	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_related_large/public/2022-02/Antlion_Hero.jpg.webp?h=eb8cd1ba&itok=V8aRXd1u Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9b99c89e1de07bf8d41bf40a9e9b45a996b91f01f312b1a92053c51f8a79b14 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:26 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status HIT age 30921 cf-ray 6e5388e53dff9296-FRA x-cache HIT, HIT x-cache-hits 1, 1 vary Accept-Encoding content-length 23346 x-served-by cache-mdw17362-MDW, cache-fra19149-FRA expires Sun, 19 Nov 1978 05:00:00 GMT last-modified Mon, 28 Feb 2022 23:40:00 GMT server cloudflare traceparent 00-bbf3ef637cd6434ea61c70bf704c2397-b6a9f6218eb1bbb2-00 x-timer S1646124005.228578,VS0,VE1 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains content-language en x-styx-req-id be9fb09f-98ef-11ec-b262-1699029cfdb7 x-generator Drupal 9 (https://www.drupal.org) x-cloud-trace-context bbf3ef637cd6434ea61c70bf704c2397/13162322009955351474;o=0 cache-control max-age=300, public, s-maxage=86400 permissions-policy interest-cohort=() x-ua-compatible IE=edge accept-ranges bytes content-type image/webp x-pantheon-styx-hostname styx-fe4-b-97f8fd4b8-spkqr
GET H2	200	1317362609.jpg.webp symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_related_large/public/2022-01/	18 KB 19 KB	88ms 87ms	Image image/webp	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_related_large/public/2022-01/1317362609.jpg.webp?h=d0633ac3&itok=Ku3Ey7yf Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d03c06a3361ae3281bea67a810ea62f57b81d5da31ec97c8c16d387577574433 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:26 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status HIT age 68661 cf-ray 6e5388e54e039296-FRA x-cache HIT, HIT x-cache-hits 1, 1 vary Accept-Encoding content-length 18794 x-served-by cache-mdw17371-MDW, cache-fra19152-FRA expires Sun, 19 Nov 1978 05:00:00 GMT last-modified Sun, 27 Feb 2022 23:37:59 GMT server cloudflare traceparent 00-7d3e235590344ea3bca55f244d6427c8-1f5f01a86c6b4337-00 x-timer S1646086265.220220,VS0,VE3 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains content-language en x-styx-req-id 4c158208-9826-11ec-bfc5-8a587e610aab x-generator Drupal 9 (https://www.drupal.org) x-cloud-trace-context 7d3e235590344ea3bca55f244d6427c8/2260527360848380727;o=0 cache-control max-age=300, public, s-maxage=86400 permissions-policy interest-cohort=() x-ua-compatible IE=edge accept-ranges bytes content-type image/webp x-pantheon-styx-hostname styx-fe4-b-97f8fd4b8-8szp5
GET H2	200	GettyImages-1283443958.jpg.webp symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_related_large/public/2022-01/	23 KB 24 KB	77ms 77ms	Image image/webp	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://symantec-enterprise-blogs.security.com/sites/default/files/styles/blogs_hero_related_large/public/2022-01/GettyImages-1283443958.jpg.webp?h=9dd951d5&itok=drnFNL2n Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a0618fbdea82d594fa79e0766a27c795050bddce3a7201363f8dd54dd05ddd7 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:26 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status HIT age 25827 cf-ray 6e5388e54e049296-FRA x-cache HIT, HIT x-cache-hits 1, 1 vary Accept-Encoding content-length 23930 x-served-by cache-mdw17323-MDW, cache-fra19161-FRA expires Sun, 19 Nov 1978 05:00:00 GMT last-modified Mon, 28 Feb 2022 23:40:00 GMT server cloudflare traceparent 00-0fc837d2005c4bec9333566d68c34715-471802783e1e55fb-00 x-timer S1646129099.326483,VS0,VE2 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains content-language en x-styx-req-id bea14994-98ef-11ec-b262-1699029cfdb7 x-generator Drupal 9 (https://www.drupal.org) x-cloud-trace-context 0fc837d2005c4bec9333566d68c34715/5122847291595445755;o=0 cache-control max-age=300, public, s-maxage=86400 permissions-policy interest-cohort=() x-ua-compatible IE=edge accept-ranges bytes content-type image/webp x-pantheon-styx-hostname styx-fe4-b-97f8fd4b8-spkqr
GET H2	200	logo--white.svg symantec-enterprise-blogs.security.com/blogs/assets/	6 KB 2 KB	24ms 23ms	Image image/svg+xml	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://symantec-enterprise-blogs.security.com/blogs/assets/logo--white.svg Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc3d601a30591a4b197d3a0cd419f76aea58728bdc00b27044e6510f3a76a126 Security Headers Name Value Content-Security-Policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 29773 date Tue, 01 Mar 2022 17:15:26 GMT x-xss-protection 0 last-modified Thu, 24 Feb 2022 23:38:20 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"172e-17f2e1989e0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml via 1.1 vegur cache-control public, max-age=86400 content-security-policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' cf-ray 6e5388e54e059296-FRA
GET H2	200	runtime-es2015.2d1e4b353c3839062425.js Show response symantec-enterprise-blogs.security.com/blogs/	2 KB 1 KB	32ms 32ms	Script application/javascript	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/blogs/runtime-es2015.2d1e4b353c3839062425.js Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd1ee536b136f8c19d80eb207f35c9e462a99075de07e75c0ee1a1644902e1e2 Security Headers Name Value Content-Security-Policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Origin https://symantec-enterprise-blogs.security.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 42304 date Tue, 01 Mar 2022 17:15:26 GMT x-xss-protection 0 last-modified Thu, 24 Feb 2022 23:37:57 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"8f1-17f2e193008" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 via 1.1 vegur cache-control public, max-age=86400 content-security-policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' cf-ray 6e5388e53ddd9296-FRA
GET H2	200	polyfills-es2015.39c6d1a34aa70ba894e8.js Show response symantec-enterprise-blogs.security.com/blogs/	37 KB 13 KB	41ms 39ms	Script application/javascript	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3229feeea82a36081dd9f3c368ff629eaa25f39dc6e5e8848675593a8f0d7100 Security Headers Name Value Content-Security-Policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Origin https://symantec-enterprise-blogs.security.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 42304 date Tue, 01 Mar 2022 17:15:26 GMT x-xss-protection 0 last-modified Thu, 24 Feb 2022 23:38:14 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"9326-17f2e197270" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 via 1.1 vegur cache-control public, max-age=86400 content-security-policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' cf-ray 6e5388e53de59296-FRA
GET H2	200	main-es2015.45b95ccf4a180447528f.js Show response symantec-enterprise-blogs.security.com/blogs/	505 KB 140 KB	26ms 24ms	Script application/javascript	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/blogs/main-es2015.45b95ccf4a180447528f.js Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fada418fa532acebe7763392afed8ff72bda1b88829fa2f404851887368821a0 Security Headers Name Value Content-Security-Policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Origin https://symantec-enterprise-blogs.security.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 42304 date Tue, 01 Mar 2022 17:15:26 GMT x-xss-protection 0 last-modified Thu, 24 Feb 2022 23:38:13 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"7e313-17f2e196e88" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 via 1.1 vegur cache-control public, max-age=86400 content-security-policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' cf-ray 6e5388e53dea9296-FRA
GET H2	200	v652eace1692a40cfa3763df669d7439c1639079717194 Show response static.cloudflareinsights.com/beacon.min.js/	14 KB 5 KB	78ms 53ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers Referer https://symantec-enterprise-blogs.security.com/ Origin https://symantec-enterprise-blogs.security.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:26 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 19:55:17 GMT server cloudflare etag W/2021.12.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 6e5388e56dde9067-FRA
GET H2	200	301196e0-93ad-473e-a572-975514574496.json Show response cdn.cookielaw.org/consent/301196e0-93ad-473e-a572-975514574496/	4 KB 2 KB	46ms 28ms	XHR application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/301196e0-93ad-473e-a572-975514574496/301196e0-93ad-473e-a572-975514574496.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b411eae49b03def2f4c3a20d121c26fda2850b9dbcea2eacd3100ba2a4ec3f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 01 Mar 2022 17:15:26 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 FnJf+fNxvE3beUIrfdES/Q== age 7476 vary Accept-Encoding content-length 1488 x-ms-lease-status unlocked last-modified Wed, 02 Feb 2022 23:33:14 GMT server cloudflare etag 0x8D9E6A461F8C5A2 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 12604737-f01e-0103-0a8f-189db4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6e5388e54c789267-FRA expires Tue, 01 Mar 2022 21:15:26 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	172 KB 55 KB	44ms 21ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KF7XWD Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b04b13a5a1a09de685219b2dd6f0736fca8639c3688ac00ec1848f927e329e43 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:26 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55427 x-xss-protection 0 last-modified Tue, 01 Mar 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 01 Mar 2022 17:15:26 GMT
GET H2	200	Gotham-Book_Web.7fa96aa06775160ee646.woff2 symantec-enterprise-blogs.security.com/blogs/	41 KB 41 KB	39ms 39ms	Font font/woff2	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/blogs/Gotham-Book_Web.7fa96aa06775160ee646.woff2 Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/styles.5f5e42e70fe054514204.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e Security Headers Name Value Content-Security-Policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://symantec-enterprise-blogs.security.com/blogs/styles.5f5e42e70fe054514204.css Origin https://symantec-enterprise-blogs.security.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' via 1.1 vegur x-content-type-options nosniff cf-cache-status HIT age 42304 date Tue, 01 Mar 2022 17:15:26 GMT vary Accept-Encoding content-length 41728 x-xss-protection 0 last-modified Thu, 24 Feb 2022 23:37:56 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"a300-17f2e192c20" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type font/woff2 cache-control public, max-age=86400 accept-ranges bytes cf-ray 6e5388e54e139296-FRA
GET H2	200	Gotham-Medium_Web.1ddab6f832b5d19ddd8f.woff2 symantec-enterprise-blogs.security.com/blogs/	41 KB 41 KB	36ms 36ms	Font font/woff2	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/blogs/Gotham-Medium_Web.1ddab6f832b5d19ddd8f.woff2 Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/styles.5f5e42e70fe054514204.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303 Security Headers Name Value Content-Security-Policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://symantec-enterprise-blogs.security.com/blogs/styles.5f5e42e70fe054514204.css Origin https://symantec-enterprise-blogs.security.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' via 1.1 vegur x-content-type-options nosniff cf-cache-status HIT age 42304 date Tue, 01 Mar 2022 17:15:26 GMT vary Accept-Encoding content-length 41488 x-xss-protection 0 last-modified Thu, 24 Feb 2022 23:37:56 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"a210-17f2e192c20" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type font/woff2 cache-control public, max-age=86400 accept-ranges bytes cf-ray 6e5388e54e179296-FRA
GET H2	200	Gotham-Bold_Web.d23d96aefe768329255e.woff2 symantec-enterprise-blogs.security.com/blogs/	38 KB 38 KB	35ms 34ms	Font font/woff2	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/blogs/Gotham-Bold_Web.d23d96aefe768329255e.woff2 Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/styles.5f5e42e70fe054514204.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1 Security Headers Name Value Content-Security-Policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://symantec-enterprise-blogs.security.com/blogs/styles.5f5e42e70fe054514204.css Origin https://symantec-enterprise-blogs.security.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com privacyportal.onetrust.com script.crazyegg.com sed-cms.broadcom.com staging-symantec-enterprise-blogs.security.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com;img-src 'self' cdn.vidyard.com play.vidyard.com symantec-enterprise-blogs.security.com www.google-analytics.com i.ytimg.com;script-src 'self' cdn.cookielaw.org geolocation.onetrust.com js.driftt.com play.vidyard.com script.crazyegg.com static.cloudflareinsights.com www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com www.youtube.com 'unsafe-inline' 'unsafe-eval';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;frame-ancestors 'self';script-src-attr 'none' via 1.1 vegur x-content-type-options nosniff cf-cache-status HIT age 40182 date Tue, 01 Mar 2022 17:15:26 GMT vary Accept-Encoding content-length 39264 x-xss-protection 0 last-modified Thu, 24 Feb 2022 23:37:56 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"9960-17f2e192c20" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type font/woff2 cache-control public, max-age=86400 accept-ranges bytes cf-ray 6e5388e54e189296-FRA
GET H2	200	kznvvwk7m85s.js Show response js.driftt.com/include/1646155200000/	228 KB 65 KB	195ms 147ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/include/1646155200000/kznvvwk7m85s.js Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 36a812e3009bc06685082e8b416e86c3998ba3a177fa6a325c3d202544f5d72c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip x-amz-cf-pop AMS54-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:25:14 GMT server nginx etag W/"409d8b51f56bf98e578b0d27c682a924" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id s7mbKXQBeTe7Ti1ObHYPw9olyh3FYJod via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control no-cache access-control-allow-credentials true content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id sBwfpM8oIZDZ7u_MSa_e8f2Q2qhaRCqhvZ76bmOKN5hSdrguIx2cDg==
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	182 B 456 B	48ms 25ms	XHR application/json	2606:4700:10::6814:b844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6afee29defad466d4261ffa3473a90050d6202d9270147a8ea95b49dcde213c3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://symantec-enterprise-blogs.security.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6e5388e5da5b6945-FRA access-control-allow-headers Content-Type
GET H2	200	blogs Show response symantec-enterprise-blogs.security.com/blogs/api/v1/	2 MB 477 KB	50ms 50ms	XHR application/json	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/blogs/api/v1/blogs?aid=IOTVy1 Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 333c41bce6cbd004056633955c9e5dc9d721bfb849d2b376c523e0b8836d9771 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-encoding gzip x-pantheon-styx-hostname styx-fe4-a-c8f79d547-bx2wh content-type application/json x-served-by cache-mdw17325-MDW, cache-hhn4055-HHN x-timer S1646154927.124704,VS0,VE1 x-frame-options SAMEORIGIN etag W/"1646154740" vary Accept-Encoding, Cookie content-language en x-styx-req-id c9754b35-9982-11ec-b00d-82f0b347621f x-generator Drupal 9 (https://www.drupal.org) x-cloud-trace-context 89fe14f9a83c4c689309bc732acf4696/18443782956933602123;o=0 cache-control max-age=600, public x-cache-hits 1, 1 date Tue, 01 Mar 2022 17:15:27 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status EXPIRED x-cache HIT, HIT x-drupal-dynamic-cache MISS content-length 487889 x-ua-compatible IE=edge last-modified Tue, 01 Mar 2022 17:12:20 GMT server cloudflare traceparent 00-89fe14f9a83c4c689309bc732acf4696-fff57ae1466e5b4b-00 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains expires Sun, 19 Nov 1978 05:00:00 GMT permissions-policy interest-cohort=() accept-ranges bytes cf-ray 6e5388e648329296-FRA x-drupal-cache HIT
GET H2	200	announcement Show response symantec-enterprise-blogs.security.com/blogs/api/v1/blogs/	44 B 592 B	61ms 61ms	XHR application/json	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/blogs/api/v1/blogs/announcement?aid=IOTVy1 Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d5de519d6ec314d664a272eb96cbc6b1cd36e995a3de2fe545568dfc099ac6d Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-encoding gzip x-pantheon-styx-hostname styx-fe4-b-97f8fd4b8-spkqr content-type application/json x-served-by cache-mdw17378-MDW, cache-hhn4058-HHN x-timer S1646154927.124488,VS0,VE1 x-frame-options SAMEORIGIN etag W/"1646153762" vary Accept-Encoding, Cookie content-language en x-styx-req-id 79dc7e69-9980-11ec-b262-1699029cfdb7 x-generator Drupal 9 (https://www.drupal.org) x-cloud-trace-context c545a77d5d9243c5b876bff4e36d322c/14407198268302462378;o=0 cache-control max-age=600, public x-cache-hits 1, 1 date Tue, 01 Mar 2022 17:15:27 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status EXPIRED x-cache HIT, HIT x-drupal-dynamic-cache MISS content-length 59 x-ua-compatible IE=edge last-modified Tue, 01 Mar 2022 16:56:02 GMT server cloudflare traceparent 00-c545a77d5d9243c5b876bff4e36d322c-c7f0a67e0eca8daa-00 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains expires Sun, 19 Nov 1978 05:00:00 GMT permissions-policy interest-cohort=() accept-ranges bytes cf-ray 6e5388e648359296-FRA x-drupal-cache MISS
GET H2	200	api.js Show response www.google.com/recaptcha/	913 B 992 B	53ms 30ms	Script text/javascript	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=explicit&onload=ng2recaptchaloaded Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/main-es2015.45b95ccf4a180447528f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ce15ac770ae625cb1abbbb64ae6d513f01cc8d16287565868c59f9f0d7c841ee Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 579 x-xss-protection 1; mode=block expires Tue, 01 Mar 2022 17:15:27 GMT
GET H2	200	by-alias Show response symantec-enterprise-blogs.security.com/blogs/api/v1/content-item/	205 KB 50 KB	36ms 36ms	XHR application/json	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/blogs/api/v1/content-item/by-alias?aid=IOTVy1&alias=blog/threat-intelligence Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61b2dbdbd915520b00dff9e06ec417e10222870a18b93c0367eb0cc1ae80a696 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-encoding gzip age 78 x-pantheon-styx-hostname styx-fe4-b-97f8fd4b8-qd9pk x-served-by cache-mdw17347-MDW, cache-hhn4072-HHN x-timer S1646154849.215177,VS0,VE109 x-frame-options SAMEORIGIN etag W/"1646154076" vary Accept-Encoding, Cookie content-type application/json x-styx-req-id a876a008-9982-11ec-8e84-ca085943ceb7 x-generator Drupal 9 (https://www.drupal.org) x-cloud-trace-context 0848ca6e4e8041fa9cb8b10734f4b545/403875754272645119;o=0 cache-control max-age=600, public x-cache-hits 1, 0 date Tue, 01 Mar 2022 17:15:27 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status HIT x-cache HIT, MISS x-drupal-dynamic-cache HIT content-length 51020 x-ua-compatible IE=edge last-modified Tue, 01 Mar 2022 17:01:16 GMT server cloudflare traceparent 00-0848ca6e4e8041fa9cb8b10734f4b545-059adadbd2d05fff-00 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains content-language en expires Sun, 19 Nov 1978 05:00:00 GMT permissions-policy interest-cohort=() accept-ranges bytes cf-ray 6e5388e678889296-FRA x-drupal-cache HIT
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.30.0/	332 KB 79 KB	16ms 15ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.30.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a23d89046025811db05e44c327b9d4d02b23874663aacc3c1ca7703f3f455d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 5oE+t+daHCCmdsXYZnY9oQ== age 3556 vary Accept-Encoding content-length 80901 x-ms-lease-status unlocked last-modified Mon, 31 Jan 2022 17:10:47 GMT server cloudflare etag 0x8D9E4DC9FB57A81 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id e0f9010c-f01e-00cb-7fbe-2c4ad6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6e5388e68dc79b6e-FRA
GET H2	200	js Show response www.googletagmanager.com/gtag/	156 KB 58 KB	32ms 31ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7F7J5PJRQ5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KF7XWD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 013cc38b3ff02ae715a10d50286fb520a6f6a2c2aca6ff008c441091cde5074f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:27 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 59090 x-xss-protection 0 expires Tue, 01 Mar 2022 17:15:27 GMT
GET H2	200	2903.js Show response script.crazyegg.com/pages/scripts/0020/	5 KB 2 KB	53ms 16ms	Script text/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0020/2903.js?457265 Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c67c84722e461c9e5b377b9668cf2134d574c4d707f21f17751e468b40776da0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip cf-cache-status HIT age 78338 cf-polished origSize=4899 cf-ray 6e5388e6d8ba691f-FRA ce-version 11.1.385 last-modified Mon, 28 Feb 2022 19:29:49 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 timing-allow-origin * cf-bgj minify
GET H2	200	by-alias Show response symantec-enterprise-blogs.security.com/blogs/api/v1/content-item/	234 KB 52 KB	32ms 32ms	XHR application/json	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/blogs/api/v1/content-item/by-alias?aid=IOTVy1&alias=blog-post/daxin-backdoor-espionage&display-context=221 Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a38ff442edcc13485b86d4cb04fa2ed9ca425bb35475c41b06ebb0666e281e2b Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-encoding gzip age 78 x-pantheon-styx-hostname styx-fe4-b-97f8fd4b8-qd9pk x-served-by cache-mdw17366-MDW, cache-fra19170-FRA x-timer S1646154849.446807,VS0,VE1 x-frame-options SAMEORIGIN etag W/"1646153762" vary Accept-Encoding, Cookie content-type application/json x-styx-req-id 79fe48ae-9980-11ec-8e84-ca085943ceb7 x-generator Drupal 9 (https://www.drupal.org) x-cloud-trace-context e114362815bc4e3c8e670ebb0c60912c/17938582914789612848;o=0 cache-control max-age=600, public x-cache-hits 2, 1 date Tue, 01 Mar 2022 17:15:27 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status HIT x-cache HIT, HIT x-drupal-dynamic-cache HIT content-length 52956 x-ua-compatible IE=edge last-modified Tue, 01 Mar 2022 16:56:02 GMT server cloudflare traceparent 00-e114362815bc4e3c8e670ebb0c60912c-f8f2a61e49ed1d30-00 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains content-language en expires Sun, 19 Nov 1978 05:00:00 GMT permissions-policy interest-cohort=() accept-ranges bytes cf-ray 6e5388e6b9129296-FRA x-drupal-cache MISS
GET H2	200	en.json Show response cdn.cookielaw.org/consent/301196e0-93ad-473e-a572-975514574496/a8f0ba8f-9627-4385-b7af-d3d443ea5fb9/	53 KB 13 KB	17ms 14ms	Fetch application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/301196e0-93ad-473e-a572-975514574496/a8f0ba8f-9627-4385-b7af-d3d443ea5fb9/en.json Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c679b2e9ce116935bc4ced412b2850396a3dd0605b22404d9570b47cf1dcdecb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 N5y+s4yNOLnk+JNDI2pYhw== age 3140 vary Accept-Encoding content-length 13454 x-ms-lease-status unlocked last-modified Wed, 02 Feb 2022 23:33:17 GMT server cloudflare etag 0x8D9E6A4640BEE83 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 6110153f-b01e-000b-788f-18c092000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6e5388e6cf459267-FRA expires Tue, 01 Mar 2022 21:15:27 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/	357 KB 142 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=ng2recaptchaloaded Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://symantec-enterprise-blogs.security.com/ Origin https://symantec-enterprise-blogs.security.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 16:42:13 GMT content-encoding gzip x-content-type-options nosniff age 1994 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144239 x-xss-protection 0 last-modified Tue, 22 Feb 2022 21:22:22 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 01 Mar 2023 16:42:13 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/6.30.0/assets/	13 KB 3 KB	22ms 22ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.30.0/assets/otFlat.json Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8b8fa76143b1e3d6bcd32187df721f7ad888aeb09fef2dc15b485c98d09e362 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 /USVb/E9EPkODAaClhj0fg== age 7476 vary Accept-Encoding content-length 2960 x-ms-lease-status unlocked last-modified Mon, 31 Jan 2022 17:10:38 GMT server cloudflare etag 0x8D9E4DC9A39385A expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 57e2f365-d01e-001b-3622-23f674000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6e5388e70fa59267-FRA
GET H2	200	otPcTab.json Show response cdn.cookielaw.org/scripttemplates/6.30.0/assets/v2/	47 KB 12 KB	20ms 20ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.30.0/assets/v2/otPcTab.json Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43f204a356ed90654339ca85bc6182287434df45360c816a290411fbe758f44b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 iyaiLmgIFUNyp2Pb7AOoEw== age 7476 vary Accept-Encoding content-length 11907 x-ms-lease-status unlocked last-modified Mon, 31 Jan 2022 17:10:40 GMT server cloudflare etag 0x8D9E4DC9BF10AC8 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 8f4ea010-801e-0065-318f-1869bb000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6e5388e70fa89267-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/6.30.0/assets/	20 KB 4 KB	22ms 22ms	Fetch text/css	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.30.0/assets/otCommonStyles.css Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Ye6OeZcNyuFoWog7CYs00A== age 7476 vary Accept-Encoding x-ms-lease-status unlocked last-modified Mon, 31 Jan 2022 17:10:54 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin * x-ms-request-id aebe6946-101e-016f-2a8f-183667000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 6e5388e70fa99267-FRA
POST H2	204	collect www.google-analytics.com/g/	0 353 B	39ms 15ms	Ping text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-7F7J5PJRQ5&gtm=2oe2s0&_p=974844552&sr=1600x1200&ul=en-us&cid=1644060226.1646154927&_s=1&dl=https%3A%2F%2Fsymantec-enterprise-blogs.security.com%2Fblogs%2Fthreat-intelligence%2Fdaxin-backdoor-espionage&dt=Daxin%3A%20Stealthy%20Backdoor%20Designed%20for%20Attacks%20Against%20Hardened%20Networks%20%7C%20Symantec%20Blogs&sid=1646154927&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-7F7J5PJRQ5&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 01 Mar 2022 17:15:27 GMT server Golfe2 content-type text/plain access-control-allow-origin https://symantec-enterprise-blogs.security.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	2903.json Show response script.crazyegg.com/pages/data-scripts/0020/	7 KB 2 KB	36ms 20ms	XHR application/json	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0020/2903.json?t=1 Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d26f70f262f03b7f535c2d237f0bc6a28cebdf8fa54acc3b13b50c717243abaf Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip cf-cache-status HIT age 78338 ce-version 11.1.385 content-length 1671 timing-allow-origin * last-modified Mon, 28 Feb 2022 19:29:49 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes cf-ray 6e5388e76ce85c74-FRA
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame 7245	42 KB 22 KB	47ms 29ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfqk1EUAAAAALmZHlI0mPZOiPIdZ6gu_91-A49j&co=aHR0cHM6Ly9zeW1hbnRlYy1lbnRlcnByaXNlLWJsb2dzLnNlY3VyaXR5LmNvbTo0NDM.&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=4wur8axw5jie Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 1705dab04fef7cd556eafa1aa5af648461a2970d76a8515d4c1766a27ba195f7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9L1kuLCe13fJxc4TRgRLrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 01 Mar 2022 17:15:27 GMT content-security-policy script-src 'report-sample' 'nonce-9L1kuLCe13fJxc4TRgRLrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 22609 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET		truncated /	0 0
GET		truncated /	0 0
GET H2	200	11.1.385.js Show response script.crazyegg.com/pages/versioned/common-scripts/	75 KB 24 KB	17ms 17ms	Script text/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/common-scripts/11.1.385.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0020/2903.js?457265 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7bd84ecd395344c15bcd1274e5fd10c3749c976ed8cde0e31255c79ee843362 Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 09 Feb 2022 00:10:28 GMT server cloudflare age 100916 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes cf-ray 6e5388e7fb19691f-FRA content-length 24714
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 7245	51 KB 24 KB	37ms 8ms	Stylesheet text/css	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfqk1EUAAAAALmZHlI0mPZOiPIdZ6gu_91-A49j&co=aHR0cHM6Ly9zeW1hbnRlYy1lbnRlcnByaXNlLWJsb2dzLnNlY3VyaXR5LmNvbTo0NDM.&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=4wur8axw5jie Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 13:56:18 GMT content-encoding gzip x-content-type-options nosniff age 98349 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Tue, 22 Feb 2022 21:22:22 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 28 Feb 2023 13:56:18 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 7245	357 KB 141 KB	35ms 7ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfqk1EUAAAAALmZHlI0mPZOiPIdZ6gu_91-A49j&co=aHR0cHM6Ly9zeW1hbnRlYy1lbnRlcnByaXNlLWJsb2dzLnNlY3VyaXR5LmNvbTo0NDM.&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=4wur8axw5jie Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 16:42:13 GMT content-encoding gzip x-content-type-options nosniff age 1994 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144239 x-xss-protection 0 last-modified Tue, 22 Feb 2022 21:22:22 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 01 Mar 2023 16:42:13 GMT
GET H2	200	2903.json Show response script.crazyegg.com/pages/sampling-data-scripts/0020/	46 B 130 B	21ms 21ms	XHR application/json	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/sampling-data-scripts/0020/2903.json?t=457265 Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e31982f230cb1365973b5a7da1d2eb163953589423332e5eee5e7342780b907 Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip cf-cache-status HIT age 78338 ce-version 11.1.385 content-length 65 timing-allow-origin * last-modified Mon, 28 Feb 2022 19:29:49 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes cf-ray 6e5388e82ee05c74-FRA
GET H3	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	22ms 7ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KF7XWD Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6034 date Tue, 01 Mar 2022 15:34:53 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 01 Mar 2022 17:34:53 GMT
GET DATA	200 OK	truncated / Frame 7245	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 7245	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 7245	2 KB 2 KB	7ms 7ms	Image image/png	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 22 Feb 2022 18:59:48 GMT x-content-type-options nosniff age 598539 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 01 Mar 2022 18:59:48 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 7245	15 KB 16 KB	31ms 7ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfqk1EUAAAAALmZHlI0mPZOiPIdZ6gu_91-A49j&co=aHR0cHM6Ly9zeW1hbnRlYy1lbnRlcnByaXNlLWJsb2dzLnNlY3VyaXR5LmNvbTo0NDM.&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=4wur8axw5jie Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:06:41 GMT x-content-type-options nosniff age 526 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 01 Mar 2023 17:06:41 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 7245	102 B 134 B	70ms 70ms	Other text/javascript	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfqk1EUAAAAALmZHlI0mPZOiPIdZ6gu_91-A49j&co=aHR0cHM6Ly9zeW1hbnRlYy1lbnRlcnByaXNlLWJsb2dzLnNlY3VyaXR5LmNvbTo0NDM.&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=4wur8axw5jie Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 89567d8c6d40b4b724c621cd789d46041d7312ca07647afd0f8ce3939e3631cc Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfqk1EUAAAAALmZHlI0mPZOiPIdZ6gu_91-A49j&co=aHR0cHM6Ly9zeW1hbnRlYy1lbnRlcnByaXNlLWJsb2dzLnNlY3VyaXR5LmNvbTo0NDM.&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=4wur8axw5jie User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Tue, 01 Mar 2022 17:15:27 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	16ms 15ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=974844552&t=pageview&_s=1&dl=https%3A%2F%2Fsymantec-enterprise-blogs.security.com%2Fblogs%2Fthreat-intelligence%2Fdaxin-backdoor-espionage&dp=%2Fblogs%2Fthreat-intelligence%2Fdaxin-backdoor-espionage&ul=en-us&de=UTF-8&dt=Daxin%3A%20Stealthy%20Backdoor%20Designed%20for%20Attacks%20Against%20Hardened%20Networks%20%7C%20Symantec%20Blogs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=663547072&gjid=1274599079&cid=1644060226.1646154927&tid=UA-61260089-18&_gid=990199934.1646154928&_r=1&gtm=2wg2s0KF7XWD&cd4=&z=157721315 Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://symantec-enterprise-blogs.security.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 01 Mar 2022 17:15:27 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://symantec-enterprise-blogs.security.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	14ms 14ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=974844552&t=pageview&_s=1&dl=https%3A%2F%2Fsymantec-enterprise-blogs.security.com%2Fblogs%2Fthreat-intelligence%2Fdaxin-backdoor-espionage&dp=%2Fblogs%2Fthreat-intelligence%2Fdaxin-backdoor-espionage&ul=en-us&de=UTF-8&dt=Daxin%3A%20Stealthy%20Backdoor%20Designed%20for%20Attacks%20Against%20Hardened%20Networks%20%7C%20Symantec%20Blogs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=663547072&gjid=1274599079&cid=1644060226.1646154927&tid=UA-61260089-1&_gid=990199934.1646154928&_r=1&gtm=2wg2s0KF7XWD&cd4=&z=157721315 Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://symantec-enterprise-blogs.security.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 01 Mar 2022 17:15:27 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://symantec-enterprise-blogs.security.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	core Show response js.driftt.com/ Frame D03A	2 KB 1 KB	114ms 114ms	Document text/html	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1646155200000/kznvvwk7m85s.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash d9eb312999bd404e2f08d1d0181f76d89b107e7066eeca64667e44ed712178af Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ Response headers content-type text/html; charset=utf-8 server nginx last-modified Fri, 25 Feb 2022 17:24:59 GMT x-amz-server-side-encryption AES256 x-amz-version-id flWmiApTiRw7GWkHxDz42eUeMPE7Y7O6 access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip date Tue, 01 Mar 2022 17:15:27 GMT cache-control no-cache etag W/"dc4df856b101857b6a217ee12e411d23" vary Accept-Encoding x-cache RefreshHit from cloudfront via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 x-amz-cf-id TNWKMUTWhHjEQfCCaHY_WMpSr4kOEf3Xwn3cYvVJPtcpluJm73bLog==
GET H2	200	chat Show response js.driftt.com/core/ Frame E322	2 KB 1 KB	112ms 110ms	Document text/html	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1646155200000/kznvvwk7m85s.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash d9eb312999bd404e2f08d1d0181f76d89b107e7066eeca64667e44ed712178af Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ Response headers content-type text/html; charset=utf-8 server nginx last-modified Fri, 25 Feb 2022 17:24:59 GMT x-amz-server-side-encryption AES256 x-amz-version-id flWmiApTiRw7GWkHxDz42eUeMPE7Y7O6 access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip date Tue, 01 Mar 2022 17:15:27 GMT cache-control no-cache etag W/"dc4df856b101857b6a217ee12e411d23" vary Accept-Encoding x-cache RefreshHit from cloudfront via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 x-amz-cf-id XZxJFVjtCw5bR6EgGVKNPD92ynGjjA22DXvDXR1efrB5rLEBXNnTNQ==
POST H2	200	rum Show response symantec-enterprise-blogs.security.com/cdn-cgi/	0 238 B	15ms 15ms	XHR text/plain	2606:4700:10::ac43:69c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://symantec-enterprise-blogs.security.com/cdn-cgi/rum? Requested by Host: symantec-enterprise-blogs.security.com URL: https://symantec-enterprise-blogs.security.com/blogs/polyfills-es2015.39c6d1a34aa70ba894e8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:69c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 content-type application/json Response headers date Tue, 01 Mar 2022 17:15:27 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://symantec-enterprise-blogs.security.com access-control-max-age 86400 access-control-allow-credentials true cf-ray 6e5388e9aefc9296-FRA vary Origin
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 7A2D	7 KB 1 KB	26ms 26ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&k=6Lfqk1EUAAAAALmZHlI0mPZOiPIdZ6gu_91-A49j Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash df0224c1b3e0afd9ecdc1173f0fb62f364ce72d700856ee29371fab3e0bfd3c9 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-oLSOVuAscMZZpfElMicyWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://symantec-enterprise-blogs.security.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 01 Mar 2022 17:15:27 GMT content-security-policy script-src 'report-sample' 'nonce-oLSOVuAscMZZpfElMicyWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1112 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 7A2D	51 KB 24 KB	7ms 7ms	Stylesheet text/css	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&k=6Lfqk1EUAAAAALmZHlI0mPZOiPIdZ6gu_91-A49j Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 13:56:18 GMT content-encoding gzip x-content-type-options nosniff age 98349 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Tue, 22 Feb 2022 21:22:22 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 28 Feb 2023 13:56:18 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 7A2D	357 KB 141 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&k=6Lfqk1EUAAAAALmZHlI0mPZOiPIdZ6gu_91-A49j Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 16:42:13 GMT content-encoding gzip x-content-type-options nosniff age 1994 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144239 x-xss-protection 0 last-modified Tue, 22 Feb 2022 21:22:22 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 01 Mar 2023 16:42:13 GMT
GET H2	200	runtime~main.517c53cd.js Show response js.driftt.com/core/assets/js/ Frame E322	6 KB 3 KB	13ms 13ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 998cd3cb10d4cc054aaf25824f3a9cf37526441124d9d98277937b76fb738604 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 Origin https://js.driftt.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:19 GMT server nginx etag W/"19002c68c29af3a15cd00d2060233d41" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id hrmkgX4X4zC5lkp3VrxMghTwrOiI0L1v via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id X4QQ-bT_h8jY_kmyL9rAjS4l8c5PkXT5Us89EPadWTRgsoVKPX_Cow==
GET H2	200	5.b4ccdd57.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	58 KB 20 KB	14ms 14ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 Origin https://js.driftt.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:18 GMT server nginx etag W/"bf2b7dc96b40587d388df8918a276f1d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id rlqnQvHWjB4kDZlydkAKa7LRajgzy9Gl via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id CICdF_SZZXbREQA46sxfcQenQusCov2E2yBr1Y-aKHn8nA3QFBdb0Q==
GET H2	200	main~493df0b3.91d188cd.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	6 KB 3 KB	14ms 14ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/main~493df0b3.91d188cd.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 Origin https://js.driftt.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:19 GMT server nginx etag W/"364091b90499473799e7470f551ae597" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 1JY.0LVfNng8iNIWI44BrilEq.Gn8MTC via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id ke06TZEIN0rAVxbQOFjBMWhsn11A64_YbgpWurcNTpegqNzmSNA5Kw==
GET H2	200	runtime~main.517c53cd.js Show response js.driftt.com/core/assets/js/ Frame D03A	6 KB 3 KB	14ms 13ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 998cd3cb10d4cc054aaf25824f3a9cf37526441124d9d98277937b76fb738604 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false Origin https://js.driftt.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:19 GMT server nginx etag W/"19002c68c29af3a15cd00d2060233d41" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id hrmkgX4X4zC5lkp3VrxMghTwrOiI0L1v via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 8biD7Dko-NVRgOLP3drUp9qKjwYLb4pZVMS72mVprPrGlNrny_h1sQ==
GET H2	200	5.b4ccdd57.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	58 KB 20 KB	14ms 14ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false Origin https://js.driftt.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:18 GMT server nginx etag W/"bf2b7dc96b40587d388df8918a276f1d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id rlqnQvHWjB4kDZlydkAKa7LRajgzy9Gl via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id InW9oUswVb0ENi5VC-oM9NUwZaVnm49u2PRxlFQTwWSzOnmpGfXdgg==
GET H2	200	main~493df0b3.91d188cd.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	6 KB 3 KB	15ms 15ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/main~493df0b3.91d188cd.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false Origin https://js.driftt.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:19 GMT server nginx etag W/"364091b90499473799e7470f551ae597" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 1JY.0LVfNng8iNIWI44BrilEq.Gn8MTC via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 7g_MqvfBvoPl-IOhPuf-8VZYt87gq1lfQFAyeRJG8QAIgde5r_Tf7w==
GET H2	200	43.bf52ab96.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	47 KB 14 KB	14ms 13ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"4ab965f0d26a973cf1be72a39d537999" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id SIJLtOk7PXIgJIf54NBJQngGjZ1AQW3g via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id gMn4eNBL5M1uEF_ZA8rPa1yuTDSA5OR-a8utWroXemWuQjSECRVeUw==
GET H2	200	18.8ef42267.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	44 KB 13 KB	15ms 14ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"0c6f51f22b2a4bddd966a92b56c18e29" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id Zug6jTznDFRyogFlBOnxjireRPUkSHKT via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id yAlQggW5UXM5CqADDFw138XnvTUD88MothYd-nsQSLtbO9VWTYussQ==
GET H2	200	37.dc112dfd.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	25 KB 8 KB	15ms 15ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"391f6f28819c5b154653979d5154c888" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id A01_.TOyslfHN6C7mHM2iYp5F_NuODuW via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id ss8-WH9Kl4VCrkOqq58ANg3iCE4DaA_ujEFnmwd0nDPZF8KFtyQvow==
GET H2	200	16.10d76686.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	16 KB 5 KB	16ms 15ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/16.10d76686.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"c16e855d0a26bf91ae3cc32cdbfa3ad6" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id mzB2ul0u_48ftIGEd6phwcoTfextzATL via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id C9vHV1OYL-w-5DqFEwjjPbJENOeNtmIOu5rFvoivz7GKczoJLfzLCA==
GET H2	200	21.8ac5d777.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	72 KB 22 KB	17ms 16ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"c39414a669b98ba4a25856ccdc1c1c1b" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id j0l5mMzz3WqfzXf79NznGAVo_QSkpv3GdT98dyYfWFhrKDyJsEJCXg==
GET H2	200	34.801d3c89.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	16 KB 6 KB	18ms 17ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"fa218b0849860dbc5ceda153316c9c38" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id OwgP6AbCN1wed-iTg329so_RZxRjkpu8yEZmyprS1bgeefxaIfL2yg==
GET H2	200	23.a53d721f.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	59 KB 19 KB	19ms 19ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 28 Dec 2021 01:13:03 GMT content-encoding gzip age 5500944 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Thu, 23 Dec 2021 18:12:25 GMT server nginx etag W/"fe96cb8c4c390342c29d3c8cb0a4ca14" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id SpxMbbTVLiRvHuFgivQhBndDHPrRfYj5zTICEQuOShGfvXMycIb2Yw==
GET H2	200	11.8d62d6c4.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	91 KB 28 KB	20ms 19ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:16 GMT server nginx etag W/"8199a8634768214fc6204b18351f842d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id p_YagIEBvf.Qgp7hIJy74.J4YIszefj5 via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id wHRzR5q43LPraSJ2X9X11WQmFWOqHAK6FmVNvoaxcoNjASspo1Ar9Q==
GET H2	200	10.937b0755.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	24 KB 7 KB	22ms 21ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/10.937b0755.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:16 GMT server nginx etag W/"e9243456e8ca8af97d77d525d5367d6b" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 1OI8MdaO_2Zet9LQGrgpik7z8k_2AhIl via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id m7FHGla3tZMaGsUQRC0dD9hgXm5B4wqWwHzuPQ2BJq9HXtDGrhLVew==
GET H2	200	14.2a01ddd6.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	62 KB 20 KB	23ms 23ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"6f457384188c98017d8d27281f3df6ad" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id gIm2Mlkn33_zzUDRmHomVEjl6TQ9DtLuuc0POR2iFFTS2nHpx5hiGQ==
GET H2	200	41.ef07ba02.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	105 KB 34 KB	25ms 24ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"da03c1012cb0aaeb2041fa677a272d14" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id V3aAogF0wjAuTWeeNGIjifUndmlum9zom4ujTnRcqBU1PTlySF1gnw==
GET H2	200	35.0810b4b3.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	12 KB 4 KB	27ms 26ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"4a61646db5420cc31cb60b9287d9f544" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id wDOiuCZSfZ.KHqNETPwI3S2a9GU0lEIR via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id vURkbO0-LiEiwwUZ28EsJQMm1nrRgkSqLJCTVLGJOfjwApQ2Ee9GEg==
GET H2	200	26.d9eb886e.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	12 KB 5 KB	27ms 26ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"44c7301d8127e805fcdfcc1b00ddf2ea" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id EjkJtX0HE9ajSK4icA5a46UNajNAQcku via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id fV68QOPq4lIEvy1vZtS3-dP2i4GsDC8tbQ629hQ5_M7ApD4KVYPEjw==
GET H2	200	17.6c3c965c.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	17 KB 7 KB	27ms 27ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"b0b166b8ed88c90ea3dc07661d0dcff4" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4 via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 6LXc1eH4zLZ-W0Y1j4Nj3hxYKlu8lML2Q-U4eiFcbZ7wJXKwSguCBA==
GET H2	200	8.5b0bb1c3.chunk.css js.driftt.com/core/assets/css/ Frame E322	11 KB 3 KB	27ms 27ms	Stylesheet text/css	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:15 GMT server nginx etag W/"a123c5b36f16fe6d3a3129e24df81443" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id _wlNEHOawmowSdlpT1GApwIIwlk.3B3i via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id PGCRZgI7Jx8M5iugdnoZY4z5MHYCdcVDH9rLgEOq0K_5fVCPbqyzCg==
GET H2	200	8.14761f6a.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	69 KB 22 KB	28ms 28ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/8.14761f6a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 67339ddd57bfadccc7db0301c04748abfd5fe9f6ea21b0b9afa5e03aeb080fe6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:18 GMT server nginx etag W/"d7e7ac040cc38a4014be2dac5911f809" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 1S_vUKzB1dNvDRU9IvHgH4WqU0q.qWdi via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 4tt5-6MWBEmzXRKSe6MQ05Z7yvrQrCMcX56bOR96-BrLXqz6niDxow==
GET H2	200	15.22abfce0.chunk.css js.driftt.com/core/assets/css/ Frame E322	24 B 667 B	29ms 29ms	Stylesheet text/css	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 24 last-modified Tue, 04 Jan 2022 15:08:15 GMT server nginx etag "0c5dad92482d9a7c7c253510f5082465" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, OPTIONS x-amz-version-id bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 accept-ranges bytes content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id jaWVsMsUNj3gXYRVeP6ZxPoCeDNp5cpGLkUW_fYfcr8CSOds38fkPQ==
GET H2	200	15.7662c098.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	75 KB 19 KB	30ms 30ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/15.7662c098.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 1787cb259c57ce6cd27152c77d90363b2917ff8b5f34dd377f691042d787e408 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:16 GMT server nginx etag W/"4cdfcf8a0153b5f113c1c52b9d1561e4" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id B_P689676Qm.H7C_2wNidWTRmsrF5U63 via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id VIoJoBhqNYYiYOKmvTjRMYg__WDUHqCfuUE_vdHcXhsbpRK6cQSymw==
GET H2	200	22.668b8a5d.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	47 KB 13 KB	31ms 30ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/22.668b8a5d.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 6754bd59e77debd17bde0e93a50f3e0c70322c34fd3496dc3f19167db71d77d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:16 GMT server nginx etag W/"4aa1ed4965ed229dc887a387dbb0e750" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id kk7pdJKMde0rW3fGmZfi6D0Xi5DBuQ1x via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id yUk0_8kbuiA7uUWbPwvh8O_memww2x-jdTjxLo3y3q_bsMr1LQcCJQ==
GET H2	200	13.c0ad52b2.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	41 KB 13 KB	31ms 31ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/13.c0ad52b2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash d0140fb02b20c12a1743ca95ef1e7afb7423bbb3b93ac32f3392d013b23664db Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:16 GMT server nginx etag W/"8f231ce9b25513cb1a87fe2de43ea370" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id zMcMlBp5vkU_F7nnrBOdt_lOKr9xUiq_ via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id ESRAvqPyzdwg0N9Bz7YaeuII8nhaQhZzldfVCAWZ4y9UeEQHyBDIGQ==
GET H2	200	43.bf52ab96.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	47 KB 14 KB	17ms 11ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"4ab965f0d26a973cf1be72a39d537999" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id SIJLtOk7PXIgJIf54NBJQngGjZ1AQW3g via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id KaOrFOc_It1ZQ97SPD8ckEy1AnHWE7_3oaULkyX_OpnOzstSZSeGTQ==
GET H2	200	18.8ef42267.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	44 KB 13 KB	18ms 10ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"0c6f51f22b2a4bddd966a92b56c18e29" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id Zug6jTznDFRyogFlBOnxjireRPUkSHKT via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id vuK0DGsWFmaKoLhq3N0EPzPhswDqEK-7XDthPAQAm8G5WKPyVu7DIQ==
GET H2	200	37.dc112dfd.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	25 KB 8 KB	18ms 10ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"391f6f28819c5b154653979d5154c888" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id A01_.TOyslfHN6C7mHM2iYp5F_NuODuW via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id AsoLkNVbQHzMfF2kmBw4GFf1sYvP9gw5mhRPMvbSAYxsbjhIBpG2ig==
GET H2	200	16.10d76686.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	16 KB 5 KB	19ms 11ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/16.10d76686.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"c16e855d0a26bf91ae3cc32cdbfa3ad6" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id mzB2ul0u_48ftIGEd6phwcoTfextzATL via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Kwz7IoUIeQQEB1qPEx0ZHI8W3zwqY3poWp5MCSJ_JcbYnwiinnPjcQ==
GET H2	200	21.8ac5d777.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	72 KB 22 KB	19ms 11ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"c39414a669b98ba4a25856ccdc1c1c1b" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id IYTtPKMtRJ0fb-02_XVdJ0IFjHHRbMc_xd0F7ga4oxxZmMKAatFFBQ==
GET H2	200	34.801d3c89.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	16 KB 6 KB	21ms 12ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"fa218b0849860dbc5ceda153316c9c38" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id WDr_vJqdbeYkKlmkVojAPeEunY6iRapV4zpzvHhqMtSGjTqfD9i46A==
GET H2	200	23.a53d721f.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	59 KB 19 KB	20ms 13ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 28 Dec 2021 01:13:03 GMT content-encoding gzip age 5500944 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Thu, 23 Dec 2021 18:12:25 GMT server nginx etag W/"fe96cb8c4c390342c29d3c8cb0a4ca14" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id PJQD68amR7IqOweH-pSLYFfj3YxTqvpMDU3zG7hv9Jgg5e7HwbzARA==
GET H2	200	11.8d62d6c4.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	91 KB 28 KB	21ms 14ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:16 GMT server nginx etag W/"8199a8634768214fc6204b18351f842d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id p_YagIEBvf.Qgp7hIJy74.J4YIszefj5 via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id waDUOaZQgVg6S1WaS-vq_60V_RQeFK8XU47QKS41ZTzsSRj0tDZ6Rw==
GET H2	200	10.937b0755.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	24 KB 7 KB	21ms 14ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/10.937b0755.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:16 GMT server nginx etag W/"e9243456e8ca8af97d77d525d5367d6b" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 1OI8MdaO_2Zet9LQGrgpik7z8k_2AhIl via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id EKqwnoWecMoLnjdaLXZap6DssM2Hn25g80C6ymRU_RQW7WZwz4H_Lg==
GET H2	200	14.2a01ddd6.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	62 KB 20 KB	22ms 15ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"6f457384188c98017d8d27281f3df6ad" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id fT-9S_JUG5UDP2bSLXr73bnmWBbTFYcs-3LVOp2j2NwBogltGPnnqg==
GET H2	200	41.ef07ba02.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	105 KB 34 KB	22ms 15ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"da03c1012cb0aaeb2041fa677a272d14" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id NOsD1m-8ONwkBAhuL51WHlvAfuJ-42CyMlcGTeCEQcTJI0DqWKcejg==
GET H2	200	35.0810b4b3.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	12 KB 4 KB	22ms 16ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"4a61646db5420cc31cb60b9287d9f544" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id wDOiuCZSfZ.KHqNETPwI3S2a9GU0lEIR via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id tfXFiV0u5Qy7WuMFcqLT-0Q5M16lBI1gNQrI_nuPe0VvZHIK-4ruAQ==
GET H2	200	26.d9eb886e.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	12 KB 5 KB	23ms 16ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"44c7301d8127e805fcdfcc1b00ddf2ea" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id EjkJtX0HE9ajSK4icA5a46UNajNAQcku via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id WeYCuriEkLMEAjvhp5k3r1NNihVs-Vn5vZQidCRPfjQ5JuD8-qkepw==
GET H2	200	17.6c3c965c.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	17 KB 7 KB	23ms 16ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"b0b166b8ed88c90ea3dc07661d0dcff4" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4 via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 9lpv2Qt7C71QyBAHT0AQScSpaDdm3z-UuzT5ak4woR8kootsj177PA==
GET H2	200	8.5b0bb1c3.chunk.css js.driftt.com/core/assets/css/ Frame D03A	11 KB 3 KB	23ms 16ms	Stylesheet text/css	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT content-encoding gzip age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:15 GMT server nginx etag W/"a123c5b36f16fe6d3a3129e24df81443" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id _wlNEHOawmowSdlpT1GApwIIwlk.3B3i via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Fy-2om11LVq_nc1TaRCyLm7GDoIj1y158CWH7slWm5jkK-O83_d6Dg==
GET H2	200	8.14761f6a.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	69 KB 22 KB	23ms 16ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/8.14761f6a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 67339ddd57bfadccc7db0301c04748abfd5fe9f6ea21b0b9afa5e03aeb080fe6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:18 GMT server nginx etag W/"d7e7ac040cc38a4014be2dac5911f809" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 1S_vUKzB1dNvDRU9IvHgH4WqU0q.qWdi via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 70YwdOvuCd6HREY71_1nL9hBf8nByoF8jO0vpTNwYp1_FyCHdAQJyw==
GET H2	200	15.22abfce0.chunk.css js.driftt.com/core/assets/css/ Frame D03A	24 B 667 B	22ms 16ms	Stylesheet text/css	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:41 GMT via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) age 4843306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 24 last-modified Tue, 04 Jan 2022 15:08:15 GMT server nginx etag "0c5dad92482d9a7c7c253510f5082465" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, OPTIONS x-amz-version-id bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 accept-ranges bytes content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id TrOjyCGAnPRtCFfiJHMDN4XU6C02wv02F1PV2GJ8fmvTzfbfMqtDEg==
GET H2	200	15.7662c098.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	75 KB 19 KB	23ms 17ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/15.7662c098.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 1787cb259c57ce6cd27152c77d90363b2917ff8b5f34dd377f691042d787e408 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:16 GMT server nginx etag W/"4cdfcf8a0153b5f113c1c52b9d1561e4" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id B_P689676Qm.H7C_2wNidWTRmsrF5U63 via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id DAYa19d6IXkb8BQbiluJCERkaldMC94SfXIL4oygF5yeSyOUZk3xbg==
GET H2	200	22.668b8a5d.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	47 KB 13 KB	24ms 18ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/22.668b8a5d.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 6754bd59e77debd17bde0e93a50f3e0c70322c34fd3496dc3f19167db71d77d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:16 GMT server nginx etag W/"4aa1ed4965ed229dc887a387dbb0e750" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id kk7pdJKMde0rW3fGmZfi6D0Xi5DBuQ1x via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id k75fGjxtB86E5ZTYL9AQplO29sk5eEPwPtgvh7HGvEWrWTTHM5XwdA==
GET H2	200	13.c0ad52b2.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	41 KB 13 KB	24ms 18ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/13.c0ad52b2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash d0140fb02b20c12a1743ca95ef1e7afb7423bbb3b93ac32f3392d013b23664db Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:16 GMT server nginx etag W/"8f231ce9b25513cb1a87fe2de43ea370" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id zMcMlBp5vkU_F7nnrBOdt_lOKr9xUiq_ via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id IZxiU-C2IAboOBqaKghs0MdxgeRkWeGWTt9V6y-2RnNanYjphjvr0A==
GET H2	200	32.11d2b6a7.chunk.css js.driftt.com/core/assets/css/ Frame E322	3 KB 1 KB	13ms 13ms	Stylesheet text/css	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:15 GMT server nginx etag W/"87532c4db85f1429fa6d759bc3332f36" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id u5jls1rsjTMRW03RSXYJxMQTbD86EmFF via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id bmznZm0hR6P8glfroxCcWWauy2XXYQHLQhrr5WzHxvK7VaSOFhIB1g==
GET H2	200	32.28be7b35.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	3 KB 2 KB	14ms 13ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 20 Jan 2022 20:05:36 GMT content-encoding gzip age 3445791 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Thu, 20 Jan 2022 18:53:54 GMT server nginx etag W/"853d736e05b299b857e10b6ab17f3c36" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 9pIhc0wyy2uFZp3UiIdf1ZYNnPQh9D45 via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id kkgavkQ-h-gJtpHKh-0u5BkRgRg6eOhWsuJBxTq_Qo-lfDfLB0ifTQ==
GET H2	200	0.0b2ebd4a.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	9 KB 3 KB	13ms 13ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:16 GMT server nginx etag W/"c5efcdc9e465604f32cf24af10fd6c13" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0 via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 8FtOkTgoJh_cSI37tXskhPX_pKgUt7R_eyTBiPCwEEVfgp6kSXPgZg==
GET H2	200	24.81d46fe7.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	33 KB 10 KB	14ms 13ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"4f751bc7b45f18c1d343a3081fe2509f" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id LcjepTSdTIP3TYamt9S6TQ4IzFvRquuU via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 4yvJCdoGuxq8hWhGa1WKqGaoZ8A1NhLcA4egjrvjI544c8qvklWOnQ==
GET H2	200	25.49c6961c.chunk.css js.driftt.com/core/assets/css/ Frame D03A	8 KB 2 KB	14ms 14ms	Stylesheet text/css	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/25.49c6961c.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:15 GMT server nginx etag W/"f80cd64e339375567091159cb077b941" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id bxrqjBCKX9ERzz7WjftbPaYdOBk8_KxN via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id odS7Ig7Ff8VywRTD2DD_oPTYK1BEZ0z0V04AzyavnvRBlMcviYHldA==
GET H2	200	25.2e3c0d77.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	12 KB 5 KB	15ms 14ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/25.2e3c0d77.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 1a938735cf14d8329a7b1c12b0a4ed99c3d9f43aba11d1fc326cc5a3159250f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345028 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:16 GMT server nginx etag W/"ae2dc5d2abfa8c0d45e495347a15f6de" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id bi1OJyoFIiF9itfH_IKgFqEuho_2zhIU via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id JH3C0SMvypJjFQePrB3Yd0Mw4h0HjYknK1N4X-eqBMwher863SyXxw==
GET H2	200	19.c695453b.chunk.css js.driftt.com/core/assets/css/ Frame D03A	365 B 1008 B	16ms 15ms	Stylesheet text/css	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/19.c695453b.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 365 last-modified Tue, 04 Jan 2022 15:08:15 GMT server nginx etag "06b2963b029c0824382815165bfea73e" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, OPTIONS x-amz-version-id eDSgTpssczGDn2812OLuvvF.eUpzKWka access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 accept-ranges bytes content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id hNt2n5o9tfvqyY3xTAHKLIMCI_EcWK-qkxbCvU-5VBpg0WLDM8tB2w==
GET H2	200	19.dbf97669.chunk.js Show response js.driftt.com/core/assets/js/ Frame D03A	85 KB 24 KB	16ms 16ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/19.dbf97669.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 7fac9a43ab09cf21eafe26af20439d52313fa761cf6100c10ef950a6af22f7d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=kznvvwk7m85s&region=US&forceShow=false&skipCampaigns=false&sessionId=1ae0e438-9fa9-4d39-b8d2-98476344a163&sessionStarted=1646154927.562&campaignRefreshToken=bd6b99a5-64bd-4a71-9827-ac070fb5bfa4&hideController=false&pageLoadStartTime=1646154926848&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:16 GMT server nginx etag W/"e5d01e169fc99a46f4cbb5ef34e481c4" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 1C7KEcTG69elg1eC9vdIkv1xid1OAtru via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id WixdMkaEg5WzAdB7Zr8jOPBTKFfbG8eyjL0Y1CRblzrZpylBMhhaHg==
GET H2	200	0.0b2ebd4a.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	9 KB 3 KB	15ms 14ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:16 GMT server nginx etag W/"c5efcdc9e465604f32cf24af10fd6c13" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0 via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id YaqPAao1IdTfqK0umBYE2Rly4idAXOn09OcvJMvbzP29MSMk73fOxQ==
GET H2	200	2.07aa08a5.chunk.css js.driftt.com/core/assets/css/ Frame E322	7 KB 2 KB	15ms 14ms	Stylesheet text/css	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:15 GMT server nginx etag W/"189aeffd571884559dababa22c66d75a" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id Y5MQMpfNZ9bYDeQmDMLbw0xNzGrQukfM via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id JqzK6u43XJfpjyiCzjcSOjTxLXN6Y_4ecRtoR4lVDoUnsBZzJbo-6w==
GET H2	200	2.90bfb041.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	54 KB 16 KB	15ms 15ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:53:42 GMT content-encoding gzip age 4843305 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 04 Jan 2022 15:08:17 GMT server nginx etag W/"dc43e7dd478d83a9091a7335b8beb11d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id dNyr.b_J6AuxSb56NRWJ3LKsWJ9BzeOS via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Yx3XtSSoxVfuUWdmBCOSWc10Jqoe-fgjl5ygz_FIqRfdC-ykuDxbMg==
GET H2	200	1.e250bb71.chunk.css js.driftt.com/core/assets/css/ Frame E322	44 KB 7 KB	17ms 17ms	Stylesheet text/css	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/1.e250bb71.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash f9163f3372bf09f2bcb3c8fa8b218443c557dbb32c78a36ee9221ca5abf8b193 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 04 Feb 2022 16:15:00 GMT content-encoding gzip age 2163627 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 04 Feb 2022 14:40:27 GMT server nginx etag W/"2b7f0e5ff08649a2d71db9fdde0609ab" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id U0zOe09_ThzYcAoSvmLbLojXTsJVu6PB via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id dGp4viOrTvlt8wQixqnb5Awg2iMoMW6Z_j9wbxT3KuD_t0deQioLhA==
GET H2	200	1.19a2e22a.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	71 KB 24 KB	17ms 17ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/1.19a2e22a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 8d06b89fce1308b54fc204a2ea41e96ad6a034c075dbf396eea0611b71ffa7a6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:15 GMT server nginx etag W/"e1ca1e814dcbca2657c8795cba51dab9" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id H3WkY2wyImzg96kEeVoZBSZ5Xs5uT9xg via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id kXCFURW9d8BsYBLyQWU6kR5HLa2j8z7G8XX6mYE79hcZUBGTLA5nqw==
GET H2	200	30.52060f2d.chunk.css js.driftt.com/core/assets/css/ Frame E322	12 KB 3 KB	19ms 18ms	Stylesheet text/css	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 04 Feb 2022 16:15:00 GMT content-encoding gzip age 2163627 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 04 Feb 2022 14:40:27 GMT server nginx etag W/"b63021470083bdc161ef4dda2e4912c3" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id e.sL0vOF62s4pyHwBuhbHf.Miph1ZlJo via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 1OqYciEBKL_zQenTfiPwQAKOhC0gFN_kGjE8BYFpBbeyCbTvom199g==
GET H2	200	30.06ea9e6f.chunk.js Show response js.driftt.com/core/assets/js/ Frame E322	12 KB 5 KB	19ms 19ms	Script application/javascript	54.240.168.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/30.06ea9e6f.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.240.168.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-240-168-22.ams54.r.cloudfront.net Software nginx / Resource Hash 78913609a9836662923c497915aa1e3804160e068c21f01bb21e0a3d6582886e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646154926848 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 17:24:58 GMT content-encoding gzip age 345029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 25 Feb 2022 17:16:16 GMT server nginx etag W/"9ad3e8e9ed7458e666e1cdccbf6fdfed" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id u1oYyEHPReh5D_oj3y6CAtENmhC681Wu via 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop AMS54-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id t6ONfZkN_XYA-e6c6rFfzhoMaeQYdlJo2xVXzdH_7h31Capd9jEK3Q==
POST H2	200	v2 Show response metrics.api.drift.com/monitoring/metrics/widget/init/ Frame D03A	25 B 123 B	112ms 112ms	XHR application/json	50.16.7.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/widget/init/v2 Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-7-188.compute-1.amazonaws.com Software istio-envoy / Resource Hash f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ Authorization Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/json Response headers date Tue, 01 Mar 2022 17:15:28 GMT server istio-envoy requestid 1452300390fe5480 vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-max-age 1209600 access-control-allow-credentials true x-envoy-upstream-service-time 12 strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 25 access-control-expose-headers X-Results-Total-Count,X-Page-Info
OPTIONS H2	200	v2 metrics.api.drift.com/monitoring/metrics/widget/init/ Frame	0 0	313ms 100ms	Preflight text/plain	50.16.7.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/widget/init/v2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-7-188.compute-1.amazonaws.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers authorization,content-type Origin https://js.driftt.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 01 Mar 2022 17:15:28 GMT access-control-allow-origin * access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version access-control-allow-credentials true access-control-expose-headers X-Results-Total-Count,X-Page-Info access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH access-control-max-age 1209600 strict-transport-security max-age=31536000; includeSubDomains content-type text/plain allow POST,OPTIONS requestid driftc8df66b4c98ad1ed53326562838 content-length 13 x-envoy-upstream-service-time 0 server istio-envoy
POST H2	200	ping Show response bootstrap.api.drift.com/widget_bootstrap/ Frame D03A	126 B 222 B	100ms 100ms	XHR application/json	34.193.113.164 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bootstrap.api.drift.com/widget_bootstrap/ping Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-113-164.compute-1.amazonaws.com Software istio-envoy / Resource Hash ca177bed08d42297fd751423ac9dee107f3b15006c1c586f28cf3082a5d0d6e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/json Response headers date Tue, 01 Mar 2022 17:15:28 GMT server istio-envoy requestid c0debb0707ada306 vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-max-age 1209600 access-control-allow-credentials true x-envoy-upstream-service-time 2 strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 126 access-control-expose-headers X-Results-Total-Count,X-Page-Info
OPTIONS H2	200	ping bootstrap.api.drift.com/widget_bootstrap/ Frame	0 0	317ms 102ms	Preflight text/plain	34.193.113.164 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bootstrap.api.drift.com/widget_bootstrap/ping Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-113-164.compute-1.amazonaws.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://js.driftt.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 01 Mar 2022 17:15:28 GMT access-control-allow-origin * access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version access-control-allow-credentials true access-control-expose-headers X-Results-Total-Count,X-Page-Info access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH access-control-max-age 1209600 strict-transport-security max-age=31536000; includeSubDomains content-type text/plain allow POST,OPTIONS requestid driftd8dd51c4d859302c87b037da148 content-length 13 x-envoy-upstream-service-time 1 server istio-envoy
GET H2	200	kznvvwk7m85s.json Show response embeds.driftcdn.com/embeds/ Frame D03A	49 KB 9 KB	68ms 28ms	XHR application/json	54.192.86.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://embeds.driftcdn.com/embeds/kznvvwk7m85s.json Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.86.115 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-86-115.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash cdba0f0960a07c695e83572863f8e197ab5517edc1fa1b013e136da9ea8d5ff4 Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 17:15:28 GMT content-encoding gzip age 23 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Tue, 01 Mar 2022 16:25:50 GMT server AmazonS3 etag W/"4a89467234c10fa4f4d7c848dc307460" vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json; charset=UTF-8 via 1.1 ecaa40073bdefd3aeab35205d96e7782.cloudfront.net (CloudFront) cache-control public, max-age=30 x-amz-cf-pop AMS50-C1 x-amz-cf-id biPAseVUUnziJneypD-cIcCt4OjluY8zAohyQotyl2PeWhHrK-hMPg==
POST H2	200	bulk Show response metrics.api.drift.com/monitoring/metrics/event2/ Frame D03A	25 B 111 B	112ms 112ms	XHR application/json	50.16.7.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/event2/bulk Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-7-188.compute-1.amazonaws.com Software istio-envoy / Resource Hash f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ Authorization Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/json Response headers date Tue, 01 Mar 2022 17:15:30 GMT server istio-envoy requestid 9e21416e4f54e26e vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-max-age 1209600 access-control-allow-credentials true x-envoy-upstream-service-time 14 strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 25 access-control-expose-headers X-Results-Total-Count,X-Page-Info
OPTIONS H2	200	bulk metrics.api.drift.com/monitoring/metrics/event2/ Frame	0 0	99ms 98ms	Preflight text/plain	50.16.7.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/event2/bulk Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-7-188.compute-1.amazonaws.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers authorization,content-type Origin https://js.driftt.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 01 Mar 2022 17:15:29 GMT access-control-allow-origin * access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version access-control-allow-credentials true access-control-expose-headers X-Results-Total-Count,X-Page-Info access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH access-control-max-age 1209600 strict-transport-security max-age=31536000; includeSubDomains content-type text/plain allow POST,OPTIONS requestid drift7831ef541c3a44dbb9dc4ce5b1b content-length 13 x-envoy-upstream-service-time 0 server istio-envoy

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

truncated

URL

data:truncated

Domain

truncated

URL

data:truncated