resources.digitalshadows.com Open in urlscan Pro
52.60.165.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE=
Effective URL:
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-adm...
Submission: On June 07 via api (June 7th 2021, 5:43:14 pm UTC) from US

Summary HTTP 206 Redirects Links 44 Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 34 domains to perform 206 HTTP transactions. The main IP is 52.60.165.183, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is resources.digitalshadows.com.
TLS certificate: Issued by R3 on May 3rd 2021. Valid for: 3 months.

This is the only time resources.digitalshadows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.60.165.183 52.60.165.183	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
28	52.85.170.74 52.85.170.74	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:206... 2600:9000:206f:2600:12:53a8:95c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.111.216.226 104.111.216.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
74	52.85.170.42 52.85.170.42	16509 (AMAZON-02) (AMAZON-02)
1	52.85.170.35 52.85.170.35	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	52.49.20.76 52.49.20.76	16509 (AMAZON-02) (AMAZON-02)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.21.227.162 52.21.227.162	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 10	63.35.200.21 63.35.200.21	16509 (AMAZON-02) (AMAZON-02)
6	162.13.202.201 162.13.202.201	15395 (RACKSPACE...) (RACKSPACE-LON)
6	52.85.170.17 52.85.170.17	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	3.231.126.55 3.231.126.55	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	35.157.135.222 35.157.135.222	16509 (AMAZON-02) (AMAZON-02)
4	52.85.120.45 52.85.120.45	16509 (AMAZON-02) (AMAZON-02)
7	52.85.170.49 52.85.170.49	16509 (AMAZON-02) (AMAZON-02)
1	52.85.170.125 52.85.170.125	16509 (AMAZON-02) (AMAZON-02)
11	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.209.100 143.204.209.100	16509 (AMAZON-02) (AMAZON-02)
2	52.0.189.149 52.0.189.149	14618 (AMAZON-AES) (AMAZON-AES)
1	52.85.120.47 52.85.120.47	16509 (AMAZON-02) (AMAZON-02)
206	46

1 104.17.73.206 (United States)

ASN13335 (CLOUDFLARENET, US)

mailer.digitalshadows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.60.165.183 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-165-183.ca-central-1.compute.amazonaws.com

resources.digitalshadows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 52.85.170.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-170-74.bud50.r.cloudfront.net

content.cdntwrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:206f:2600:12:53a8:95c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cihost.uberflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7baf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.216.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-226.deploy.static.akamaitechnologies.com

lonrtp1-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 52.85.170.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-170-42.bud50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.170.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-170-35.bud50.r.cloudfront.net

w.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.20.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-20-76.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba80 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.227.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-227-162.compute-1.amazonaws.com

flipbot.uberflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 63.35.200.21 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-200-21.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.13.202.201 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

lonrtp1.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.85.170.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-170-17.bud50.r.cloudfront.net

widget.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.231.126.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-126-55.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.47.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.135.222 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-135-222.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.85.120.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-120-45.bud50.r.cloudfront.net

api-widget.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.85.170.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-170-49.bud50.r.cloudfront.net

i1.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cf-hls-media.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.170.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-170-125.bud50.r.cloudfront.net

wave.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-100.fra53.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.189.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-189-149.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.120.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-120-47.bud50.r.cloudfront.net

l9bjkkhaycw6f8f4.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	driftt.com js.driftt.com	752 KB
28	cdntwrk.com content.cdntwrk.com	2 MB
14	sndcdn.com widget.sndcdn.com i1.sndcdn.com cf-hls-media.sndcdn.com wave.sndcdn.com	577 KB
14	adroll.com 8 redirects s.adroll.com d.adroll.com	39 KB
13	drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com	5 KB
11	marketo.com lonrtp1-cdn.marketo.com rtp-static.marketo.com lonrtp1.marketo.com	123 KB
10	uberflip.com cihost.uberflip.com flipbot.uberflip.com	181 KB
6	gstatic.com fonts.gstatic.com	91 KB
6	soundcloud.com w.soundcloud.com api-widget.soundcloud.com l9bjkkhaycw6f8f4.soundcloud.com	8 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	google-analytics.com www.google-analytics.com	57 KB
3	ml314.com ml314.com in.ml314.com	14 KB
3	typekit.net use.typekit.net p.typekit.net	17 KB
3	unpkg.com 1 redirects unpkg.com	57 KB
3	digitalshadows.com mailer.digitalshadows.com resources.digitalshadows.com	36 KB
2	3lift.com 1 redirects eb2.3lift.com	741 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	marketo.net munchkin.marketo.net	7 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	35 KB
1	driftcdn.com embeds.driftcdn.com	14 KB
1	taboola.com sync.taboola.com	248 B
1	pubmatic.com simage2.pubmatic.com	395 B
1	outbrain.com sync.outbrain.com	477 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	advertising.com pixel.advertising.com	125 B
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	doubleclick.net stats.g.doubleclick.net	96 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	49 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	fontawesome.com use.fontawesome.com	14 KB
206	34

	Domain	Requested by
74	js.driftt.com	resources.digitalshadows.com js.driftt.com
28	content.cdntwrk.com	resources.digitalshadows.com content.cdntwrk.com
9	d.adroll.com	7 redirects resources.digitalshadows.com s.adroll.com
9	cihost.uberflip.com	resources.digitalshadows.com cihost.uberflip.com
6	metrics.api.drift.com	js.driftt.com
6	widget.sndcdn.com	w.soundcloud.com widget.sndcdn.com
6	lonrtp1.marketo.com	lonrtp1-cdn.marketo.com
6	fonts.gstatic.com	fonts.googleapis.com
5	s.adroll.com	1 redirects resources.digitalshadows.com www.googletagmanager.com s.adroll.com
4	targeting.api.drift.com	js.driftt.com
4	i1.sndcdn.com	w.soundcloud.com widget.sndcdn.com resources.digitalshadows.com
4	api-widget.soundcloud.com	widget.sndcdn.com
4	rtp-static.marketo.com	lonrtp1-cdn.marketo.com
4	fonts.googleapis.com	resources.digitalshadows.com cihost.uberflip.com js.driftt.com
3	cf-hls-media.sndcdn.com	widget.sndcdn.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	unpkg.com	1 redirects resources.digitalshadows.com unpkg.com
2	event.api.drift.com	js.driftt.com
2	eb2.3lift.com	1 redirects resources.digitalshadows.com
2	dsum-sec.casalemedia.com	1 redirects resources.digitalshadows.com
2	px.ads.linkedin.com	2 redirects
2	munchkin.marketo.net	resources.digitalshadows.com munchkin.marketo.net
2	ml314.com	resources.digitalshadows.com ml314.com
2	stackpath.bootstrapcdn.com	resources.digitalshadows.com
2	use.typekit.net	resources.digitalshadows.com use.typekit.net
2	resources.digitalshadows.com	mailer.digitalshadows.com content.cdntwrk.com
1	l9bjkkhaycw6f8f4.soundcloud.com	widget.sndcdn.com
1	bootstrap.api.drift.com	js.driftt.com
1	embeds.driftcdn.com	js.driftt.com
1	wave.sndcdn.com	widget.sndcdn.com
1	sync.taboola.com	resources.digitalshadows.com
1	simage2.pubmatic.com	resources.digitalshadows.com
1	sync.outbrain.com	resources.digitalshadows.com
1	pixel.rubiconproject.com	resources.digitalshadows.com
1	pixel.advertising.com	resources.digitalshadows.com
1	www.google.de	resources.digitalshadows.com
1	www.google.com	resources.digitalshadows.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	in.ml314.com	ml314.com
1	px4.ads.linkedin.com	resources.digitalshadows.com
1	www.linkedin.com	1 redirects
1	d.adroll.mgr.consensu.org	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	flipbot.uberflip.com	content.cdntwrk.com
1	w.soundcloud.com	resources.digitalshadows.com
1	p.typekit.net	use.typekit.net
1	www.googletagmanager.com	resources.digitalshadows.com
1	lonrtp1-cdn.marketo.com	resources.digitalshadows.com
1	cdnjs.cloudflare.com	resources.digitalshadows.com
1	use.fontawesome.com	resources.digitalshadows.com
1	mailer.digitalshadows.com
206	51

This site contains links to these domains. Also see Links.

Domain
www.digitalshadows.com
info.digitalshadows.com
www.portal-digitalshadows.com
www.facebook.com
twitter.com
www.linkedin.com
soundcloud.com
www.techrepublic.com
arstechnica.com
www.vmware.com
www.documentcloud.org
www.youtube.com
www.slideshare.net

Subject Issuer	Validity	Valid
mailer.digitalshadows.com Cloudflare Inc ECC CA-3	`2021-04-27` - `2022-04-26`	a year	crt.sh
san1987.cdntwrk.com R3	`2021-05-03` - `2021-08-01`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
content.cdntwrk.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-17`	a year	crt.sh
*.uberflip.com Amazon	`2020-08-04` - `2021-09-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.soundcloud.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
adroll.com R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
flipbot.uberflip.com R3	`2021-05-17` - `2021-08-15`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.sndcdn.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-13` - `2022-02-14`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Frame ID: B8E3DBEA094498AF6BBEBA63063CFD22
Requests: 96 HTTP requests in this frame

Frame: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1062002668&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Frame ID: 3A44297DE9B1260B6788C9204EDA1C41
Requests: 21 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
Frame ID: 69B7C003FC2208613549E8C02667B882
Requests: 40 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat
Frame ID: 6115AA95A806D82C68CB1CECB8A5FB5F
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTdu... Page URL
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploi... Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

Page Statistics

206
Requests

100 %
HTTPS

38 %
IPv6

34
Domains

51
Subdomains

46
IPs

7
Countries

3851 kB
Transfer

9293 kB
Size

13
Cookies

44 Outgoing links

These are links going to different origins than the main page.

URL: https://www.digitalshadows.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/searchlight/
Title: Product (current)

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/brand-protection/
Title: Brand Protection

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/dark-web-monitoring/
Title: Dark Web Monitoring

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/data-leakage-detection/
Title: Data Leakage Detection

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/threat-intelligence/
Title: Threat Intelligence

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/technical-leakage-detection/
Title: Technical Leakage Detection

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/attack-surface-monitoring/
Title: Attack Surface Monitoring

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/blog-and-research/
Title: Blog

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/DigitalRiskProtection-Practitioner-Navigation.html?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Title: Practical Guide to Digital Risk

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/contact-us/
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.portal-digitalshadows.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/DemoRequest-Website-Button.html?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Title: Request Demo

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/test-drive-registration-HB.html?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Title: Try it Now

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Weekly%3A%20Nobelium%20Attacks%2C%20VMWare%20Exploits%2C%20and%20the%20Biden%20Administration%E2%80%99s%20Letter%20on%20Ransomware&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware&via=digitalshadows
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware&title=Weekly%3A%20Nobelium%20Attacks%2C%20VMWare%20Exploits%2C%20and%20the%20Biden%20Administration%E2%80%99s%20Letter%20on%20Ransomware&summary=ShadowTalk%20hosts%20Sean%2C%20Alec%2C%20Charles%2C%20and%20Digital%20Shadows%20CISO%2C%20Rick%20Holland%2C%20bring%20you%20the%20latest%20in%20threat%20intelligence.
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Weekly:%20Nobelium%20Attacks,%20VMWare%20Exploits,%20and%20the%20Biden%20Administration%E2%80%99s%20Letter%20on%20Ransomware&url=https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware&title=Weekly:%20Nobelium%20Attacks,%20VMWare%20Exploits,%20and%20the%20Biden%20Administration%E2%80%99s%20Letter%20on%20Ransomware&summary=ShadowTalk%20hosts%20Sean,%20Alec,%20Charles,%20and%20Digital%20Shadows%20CISO,%20Rick%20Holland,%20bring%20you%20the%20latest%20in%20threat%20intelligence.
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://soundcloud.com/digitalshadows
Title: ShadowTalk Threat Intelligence Podcast

Search URL Search Domain Scan URL

URL: https://soundcloud.com/digitalshadows/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administrations-letter-on-ransomware
Title: Weekly: Nobelium Attacks, VMWare Exploits, and the Biden Administration’s Letter on Ransomware

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/solarwinds-hackers-resurface-to-attack-government-agencies-and-think-tanks/
Title: https://www.techrepublic.com/article/solarwinds-hackers-resurface-to-attack-government-agencies-and-think-tanks/

Search URL Search Domain Scan URL

URL: https://arstechnica.com/gadgets/2021/05/vulnerability-in-vmware-product-has-severity-rating-of-9-8-out-of-10/
Title: https://arstechnica.com/gadgets/2021/05/vulnerability-in-vmware-product-has-severity-rating-of-9-8-out-of-10/

Search URL Search Domain Scan URL

URL: https://www.vmware.com/security/advisories/VMSA-2021-0010.html
Title: https://www.vmware.com/security/advisories/VMSA-2021-0010.html

Search URL Search Domain Scan URL

URL: https://www.documentcloud.org/documents/20796934-memo-what-we-urge-you-to-do-to-protect-against-the-threat-of-ransomware
Title: https://www.documentcloud.org/documents/20796934-memo-what-we-urge-you-to-do-to-protect-against-the-threat-of-ransomware

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/blog-and-research/cyber-attacks-the-challenge-of-attribution-and-response/
Title: https://www.digitalshadows.com/blog-and-research/cyber-attacks-the-challenge-of-attribution-and-response/

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/blog-and-research/the-top-three-cybercrime-takeaways-from-the-2021-verizon-dbir/
Title: https://www.digitalshadows.com/blog-and-research/the-top-three-cybercrime-takeaways-from-the-2021-verizon-dbir/

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/blog-and-research/ransomware-and-the-legal-services-sector/
Title: https://www.digitalshadows.com/blog-and-research/ransomware-and-the-legal-services-sector/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fresources.digitalshadows.com%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Check%20out%20what%27s%20happening%20on%20Digital%20Shadows%27s%20Digital%20Risk%20and%20Threat%20Intelligence%20Hub&url=https%3A%2F%2Fresources.digitalshadows.com%2F&via=digitalshadows
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fresources.digitalshadows.com%2F&title=Digital%20Shadows%27&summary=Check%20out%20what%27s%20happening%20on%20Digital%20Shadows%27s%20Digital%20Risk%20and%20Threat%20Intelligence%20Hub
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/privacy-policy/
Title: Private Policy

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/about-us/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/about-us/teams/
Title: Management Team

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/about-us/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/about-us/events/
Title: Events

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/about-us/news-and-press/
Title: Press

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/partners/
Title: Partners

Search URL Search Domain Scan URL

URL: https://www.facebook.com/digitalshadows/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/digitalshadows
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/digital-shadows/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCqgjXfx8uDkDZgmKHmqZQvw
Title:

Search URL Search Domain Scan URL

URL: https://www.slideshare.net/digitalshadows
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE= Page URL
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2?v=4.5.9-1 HTTP 302
https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2

Request Chain 58

https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 61

https://d.adroll.mgr.consensu.org/consent/iabcheck/M2GUWUTBBJFFRJ7RPYG7FT?_s=ab42d2b4de20b461e5884376c81f11d9&_b=2 HTTP 302
https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=ab42d2b4de20b461e5884376c81f11d9&_b=2

Request Chain 72

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2017233%26time%3D1623087779721%26url%3Dhttps%253A%252F%252Fresources.digitalshadows.com%252Fthreat-intelligence-podcast-shadowtalk%252Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%253Fmkt_tok%253DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&liSync=true&e_ipv6=AQLgDfIUnI_AIgAAAXnnkhJPVOgoBBnM_RLhR7CPTjkLAARaM5Rz16tJN8C07JDPIhC0XZDJ

Request Chain 88

https://d.adroll.com/cm/aol/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 89

https://d.adroll.com/cm/index/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expiration=1654623779 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expiration=1654623779&C=1

Request Chain 90

https://d.adroll.com/cm/n/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expires=365

Request Chain 91

https://d.adroll.com/cm/outbrain/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI

Request Chain 92

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 93

https://d.adroll.com/cm/taboola/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI

Request Chain 94

https://d.adroll.com/cm/triplelift/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

206 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE= Show response
mailer.digitalshadows.com/ 607 B
1 KB 275ms
97ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf18a645a261091d5de4d21f52a2f4c355e90aa8195847df24c6e2421918e23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: mailer.digitalshadows.com
:scheme: https
:path: /NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:57 GMT
content-type: text/html
cache-control: private, no-cache, no-store, max-age=0
x-cnection: close
x-content-type-options: nosniff
vary: Accept-Encoding
set-cookie: BIGipServerPOOL-162.13.131.123-go2.wire.com-80=!k4oP56998MolMYdbO1+Oh92Pa3vcjzHOYxc9kqF6e9mEAZQ0J4+jWVo3Saw7Cj7RX/eiFGfckuuCatQ=; path=/; Httponly; Secure __cf_bm=cd801ef863161a0e9bbefb4443f1bdf3a3eab048-1623087777-1800-AcM2ycjhsJEZR1r4EMXIEcC37nqtzU1SgdirLvkwFC5ZekJgzpqjmZlu7sDnIn9Jn8C5fu4UmXzYsHvF+18vG/w=; path=/; expires=Mon, 07-Jun-21 18:12:57 GMT; domain=.mailer.digitalshadows.com; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a892b202a0000d895f4360000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65bbae137a40d895-CPH
content-encoding: gzip

GET
H2 200 Primary Request weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware Show response
resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/ 206 KB
35 KB 1016ms
690ms Document
text/html 52.60.165.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI

Requested by

Host: mailer.digitalshadows.com
URL: https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.60.165.183 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-183.ca-central-1.compute.amazonaws.com

Software

Resource Hash

536914b449bd803aa669ee434350b85f2939daa64d9bcf5c54127b7dded730bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: resources.digitalshadows.com
:scheme: https
:path: /threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://mailer.digitalshadows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mailer.digitalshadows.com/

Response headers

content-encoding: gzip
content-language: en-US
content-type: text/html; charset=UTF-8
date: Mon, 07 Jun 2021 17:42:58 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy: unsafe-url
set-cookie: _MGZ_=n6pu9s8lf02ejhtir13lg7r5m9; path=/; secure; HttpOnly pdf_event=WyJbe1widXVpZFwiOjE1MDk5MDA2NzR9LDE2NTQ2MjM3NzhdIiwiY2E0YTE5ODI1OGVhZGU5NWU5N2ZlOGViMmQ4ODZmNDciXQ%3D%3D; expires=Tue, 07-Jun-2022 17:42:58 GMT; Max-Age=31536000; path=/; secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 35018

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4666c8d5ff5aa5625a151f0c6791a0734e6aa8b75ffbc99181b99f3c8199b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 17:42:59 GMT
server: ESF
date: Mon, 07 Jun 2021 17:42:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Jun 2021 17:42:59 GMT

GET
H2 200 hubs.a76c7d5ffeac5df5acba.css
content.cdntwrk.com/css/hubs/ 262 KB
44 KB 213ms
73ms Stylesheet
text/css 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93325ddc7a79a67b0c0fae14552e11e5b318b864dd235fe532011f71b05e0bb1

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 23:32:46 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 20:11:14 GMT
server: AmazonS3
age: 497414
etag: W/"994505c15a0b59682dde64c9bb01e7ed"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: jGtRJ4pEEjCJa36vkVBrjSuh_SlIjZB8AmzOZbb_TbcH-hrOpfMzOQ==
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)

GET
H2 200 style.css
cihost.uberflip.com/digitalshadows/master/build/ 473 KB
56 KB 38ms
8ms Stylesheet
text/css 2600:9000:206f:2600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12cb6f4a3c9fd0d20d99973654a5ee6a58e1e280a28327834a0a671370f9fded

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:56:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 21:12:20 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1570733735/ctime:1570733736/gid:20/gname:staff/md5:f2ebaa768a782bff84a4f90e5d33a408/mode:33188/mtime:1570733736/uid:502/uname:modip
age: 13602
etag: W/"f2ebaa768a782bff84a4f90e5d33a408"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: OCCi-7uZVNO8THN_MB_JS3DLIpxJYV6LnlNRNMbtNSx8b0wYi-a8Lg==

GET
H2 200 ionicons.min.css
unpkg.com/ionicons@4.5.10-0/dist/css/ 44 KB
7 KB 40ms
23ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b82a2dd43936317fee3dc469880686b83caab009d9e71a9953f25bbe8c1b34ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6635419
vary: Accept-Encoding
cf-request-id: 0a892b24ca000006290a9a8000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"b09c-0qR+qwWhl5h3I61TCWRhFVmJ40Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 1ec7dbed2f8c685fad9c5e56a9d8fb72
cache-control: public, max-age=31536000
cf-ray: 65bbae1adb600629-FRA

GET
H2 200 grp0jzg.css
use.typekit.net/ 2 KB
863 B 19ms
6ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/grp0jzg.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

64ee239b6faaad3cb754ec0c952a0c60c493c39e25116f6d352bc23c6fc522f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Mon, 07 Jun 2021 17:42:59 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 631

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
14 KB 142ms
47ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
content-encoding: gzip
last-modified: Thu, 21 Mar 2019 21:31:35 GMT
server: NetDNA-cache/2.2
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 ajax-loader-white-2x.gif
content.cdntwrk.com/img/hubs/ 3 KB
3 KB 68ms
63ms Image
image/gif 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/ajax-loader-white-2x.gif?v=64ea6287d559
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:07:21 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 20:11:17 GMT
server: AmazonS3
age: 581230
etag: "5217392f882b27d35ec2e72946f2df7e"
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 2707
x-amz-cf-id: uRqeQ2vGxxbqwOUcaow5kfKmE1HqzRYYLMWE-gbQ17uud5x12x6ing==

GET
H2 200 chevron-down-64x64.png
content.cdntwrk.com/img/hubs/ 760 B
1 KB 68ms
63ms Image
image/png 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/chevron-down-64x64.png?v=78668873251b
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e240679c3215c840cf754104fe7291c77f2f52ad551c95e8c8364d0124938ec

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 15:53:24 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 20:11:17 GMT
server: AmazonS3
age: 579261
etag: "26818bdf0706c780af4a52b44ea17fdc"
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 760
x-amz-cf-id: FXNw3lQ0Wdm1KgJk2As7c0anziZwMkrknYRg7xWExlExdAIVpHTznw==

GET
H2 200 aHViPTY4NzA5JmNtZD1zZWNvbmRhcnlfbG9nbyZ2ZXJzaW9uPTE1OTAxNDU5NTEmc2lnPTMyMDdiMTQyYTkxZWIzMWNkMWFhMmRlMDJiNTkyMWI4
content.cdntwrk.com/files/ 17 KB
17 KB 68ms
63ms Image
image/png 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aHViPTY4NzA5JmNtZD1zZWNvbmRhcnlfbG9nbyZ2ZXJzaW9uPTE1OTAxNDU5NTEmc2lnPTMyMDdiMTQyYTkxZWIzMWNkMWFhMmRlMDJiNTkyMWI4
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: 99adc45d565dba2a61e0a68299ad0561bfe2a4abc4ed59bed31f02f516896dc8

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 15:48:06 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Sat, 01 Jun 2019 00:22:53 GMT
age: 4413293
etag: "1559348573-7eec03779d987dde260b4a5d48bcfc47"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=15552000
content-disposition: inline; filename="secondary_logo.png"
x-amz-cf-pop: BUD50-C1
content-length: 17384
x-amz-cf-id: EG1JqxVqbuug-kOrS8Zt7Hdbu5x0rd7f-mPcYMkXfSrmhahLNislFg==

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
546 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 17:41:14 GMT
server: ESF
date: Mon, 07 Jun 2021 17:42:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Jun 2021 17:42:59 GMT

GET
H2 200 aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYmE0NjNjNGIzNWIucG5nJnZlcnNpb249MDAwMCZzaWc9M2I3YzA2OGM1NDlhZDg3NjFkYmU5NDU4ZDY0NjE2OTk%253D
content.cdntwrk.com/files/ 458 KB
459 KB 112ms
107ms Image
image/png 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYmE0NjNjNGIzNWIucG5nJnZlcnNpb249MDAwMCZzaWc9M2I3YzA2OGM1NDlhZDg3NjFkYmU5NDU4ZDY0NjE2OTk%253D
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: d2d3262ff49a9af1fc37a9cc575c05654b26c25eb4b3db459a6a6c20904c8604

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 00:20:22 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Fri, 04 Jun 2021 15:26:53 GMT
age: 148957
etag: "1622820413-25b836f0db2a6b6131d6aed1b8e8eaf2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=15552000
content-disposition: inline; filename="itemeditorimage_60ba463c4b35b.png"
x-amz-cf-pop: BUD50-C1
content-length: 469410
x-amz-cf-id: xFpvQ8Cclg1ne8qVOBG-M4ASD26S57j8QLNzJOq5f86_E1roFLqlMw==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 35 KB
36 KB 118ms
113ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYjk0MzAxN2VhZWMuUE5HJnZlcnNpb249MDAwMCZzaWc9NDlhNjdmNjc3M2JiZTVjMGY3ODA2MmRlMjNiM2EzZGY%25253D&size=1&version=1622754086&sig=649fdb735afdee155f5381021b0819c6&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: 81a4d8d5ead2162ef4d3ff1628ae1bb645dfb91b1d9792db6b3815d1078cce61

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 07:54:01 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Fri, 04 Jun 2021 07:53:51 GMT
age: 294538
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYjk0MzAxN2VhZWMuUE5HJnZlcnNpb249MDAwMCZzaWc9NDlhNjdmNjc3M2JiZTVjMGY3ODA2MmRlMjNiM2EzZGY%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 35876
x-amz-cf-id: 5U_8wtwZD6apjpMK-W5DUXh94cBzJMZTg93scy5Dwq2kEDnH1DEWZQ==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 47 KB
48 KB 114ms
109ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYjExNzI0MjI1YjUuUE5HJnZlcnNpb249MDAwMCZzaWc9ZTZjM2M2YjRkNWQ1MGY4YmVjODliYTE2YjA2ODA0NWE%25253D&size=1&version=1622218568&sig=4ebb0a1f40686c7002897dcb2e508018&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: c6bb53f0930f886bd09e31ace88d76fdbd656c3dd74c124031d61a73637f0ba3

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 13:25:10 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Sun, 30 May 2021 13:25:00 GMT
age: 706669
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYjExNzI0MjI1YjUuUE5HJnZlcnNpb249MDAwMCZzaWc9ZTZjM2M2YjRkNWQ1MGY4YmVjODliYTE2YjA2ODA0NWE%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 48188
x-amz-cf-id: tEkRbGNc1AMIltv7_S-pzYwb_eGsBQwxnjypH4zQDRFfcqCPIVpAdQ==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 36 KB
37 KB 124ms
118ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYWQzN2NiYWM0ZTQucG5nJnZlcnNpb249MDAwMCZzaWc9NDkyZTdjMDQyZWIxZjQwZmIzNzY5MzQ2NmFlYWUwMDQ%25253D&size=1&version=1622038881&sig=a0af0dbdba695158e456a5c9bc99095b&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: 208a9227a271f478d6fd8bcf698c7e78a5582e7a8b5698b6a8e503b426be531e

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 05:57:53 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Thu, 27 May 2021 05:57:43 GMT
age: 992706
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYWQzN2NiYWM0ZTQucG5nJnZlcnNpb249MDAwMCZzaWc9NDkyZTdjMDQyZWIxZjQwZmIzNzY5MzQ2NmFlYWUwMDQ%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 37022
x-amz-cf-id: VMdu6rjtyBEHm8h3B-Z8NhpH9TpsrEmlbZ69yBL3PtlNiHfeR4LWDg==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 41 KB
41 KB 127ms
122ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYTdkMjk0NzgxZDQucG5nJnZlcnNpb249MDAwMCZzaWc9ZmE0NTViY2EwZDkyYTkwMjk5YTE3YmY3Y2YxNTJhMTU%25253D&size=1&version=1621942643&sig=a6c2ba388c466cdfc85f7da8369c3abe&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: 2f5130bdca506ef5a667e15c9dcfb5e4d53ef0475f7a9934fc91a322b49b7fad

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 11:37:25 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 11:37:15 GMT
age: 1145134
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYTdkMjk0NzgxZDQucG5nJnZlcnNpb249MDAwMCZzaWc9ZmE0NTViY2EwZDkyYTkwMjk5YTE3YmY3Y2YxNTJhMTU%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 41964
x-amz-cf-id: NdihJYhaqvbI-uLWiBLSL-PhdmLLgKz0QTw1XOSYCsgtZnBcISW6Fw==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 50 KB
51 KB 140ms
135ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOWVhMmU1MmFmZWEuUE5HJnZlcnNpb249MDAwMCZzaWc9ZWRmMTNlMmUyNTA0NTJkODMwNmEzNzE2YzJhYjFiZjE%25253D&size=1&version=1621009164&sig=55fc95b6aeba8460046061f2d2e216c3&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: e68a75095286baabfe05d0fa77fbe4ad87daf8ab426e22f29d4c2bf414d64699

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 16:41:44 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 16:41:34 GMT
age: 2077275
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOWVhMmU1MmFmZWEuUE5HJnZlcnNpb249MDAwMCZzaWc9ZWRmMTNlMmUyNTA0NTJkODMwNmEzNzE2YzJhYjFiZjE%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 51611
x-amz-cf-id: 1N4d5iTZ8RZ_Js8DOLeRR69hYE-2sfdCY2yEBB54hyjg36PZOng3Vw==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 33 KB
34 KB 138ms
133ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOWU4ZTJjYjMwMWMucG5nJnZlcnNpb249MDAwMCZzaWc9Mjk0MDY2OGI3OTFiMmQzNzlhMGRiMjY1ZGU1MzFlZWU%25253D&size=1&version=1621003853&sig=1f5ae61248641a8334d2c19824177636&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: 12189c142e590f81abebf435bd3d8ce972def2493580ebe35af83b4c652a5e88

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 13:25:10 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Sun, 30 May 2021 13:25:00 GMT
age: 706669
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOWU4ZTJjYjMwMWMucG5nJnZlcnNpb249MDAwMCZzaWc9Mjk0MDY2OGI3OTFiMmQzNzlhMGRiMjY1ZGU1MzFlZWU%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 34137
x-amz-cf-id: YbstBF_rGc89FsH8yDrfLz7tOCfnQxgZCq7Vf9kmoH-S765yLKs2Uw==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 46 KB
47 KB 169ms
164ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOTU1ZmNmZTMwOTQucG5nJnZlcnNpb249MDAwMCZzaWc9ZGRjNDRiZjA4MzZkZTBkZTJlN2Y3YzI1YTdlYWUzNDg%25253D&size=1&version=1620402539&sig=ab9e1d15d08ab901de5af9e604c14538&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: 391e82d13406c4bf676f02185f737fbbb4fd35b6f52db1c57670518076023477

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 19:32:51 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 19:32:41 GMT
age: 2671808
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOTU1ZmNmZTMwOTQucG5nJnZlcnNpb249MDAwMCZzaWc9ZGRjNDRiZjA4MzZkZTBkZTJlN2Y3YzI1YTdlYWUzNDg%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 47264
x-amz-cf-id: gM8MNGvv5G8ICKkZXXTDI7OOh_682xtsjA--ac7QEEnR5qk-T8xUYg==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 31 KB
31 KB 147ms
142ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOTQ0ZGVhNjg4ZDIucG5nJnZlcnNpb249MDAwMCZzaWc9ODBkMjYwN2M2MDMxMGQzYTAxODcwMmRhYTdiYzhlMWQ%25253D&size=1&version=1620332037&sig=0a21f5fc1133aaa6c9d3447a36f0ac26&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: b976ac86fa196f6e836aaee2d36ad059fc8d93600cb7b511f8d3840cb27d3958

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 13:25:10 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Sun, 30 May 2021 13:25:00 GMT
age: 706669
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOTQ0ZGVhNjg4ZDIucG5nJnZlcnNpb249MDAwMCZzaWc9ODBkMjYwN2M2MDMxMGQzYTAxODcwMmRhYTdiYzhlMWQ%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 31356
x-amz-cf-id: fuVl_yhd4lv0FeOtVtqx1FzZLjo9JvngAQmB36dn2R0rfv_cFmaX9w==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 46 KB
46 KB 144ms
140ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOGMxMzI5NGE4YTUucG5nJnZlcnNpb249MDAwMCZzaWc9MzkxNjk2Mzg1ZTJjOTRmZjZmM2JhNjY0ZGVmMjM4ZTM%25253D&size=1&version=1619796126&sig=0d21c93385550182c119335a612c8544&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: bf5ad942f0146bb1f5c69e096fe80715448c3f857dc9317f0b7d7caabb31568b

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:24:45 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Fri, 30 Apr 2021 15:24:35 GMT
age: 3291494
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOGMxMzI5NGE4YTUucG5nJnZlcnNpb249MDAwMCZzaWc9MzkxNjk2Mzg1ZTJjOTRmZjZmM2JhNjY0ZGVmMjM4ZTM%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 46767
x-amz-cf-id: N7nvZX11FNn3BgNN8iZEegs2Q51z49aXiAhHV2idPnZoJn2ska9dxw==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 38 KB
38 KB 171ms
167ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwODJlYTBjODgxMWYucG5nJnZlcnNpb249MDAwMCZzaWc9NzdkZWI4MzcxZjYyODk3Y2U1Nzg5ZmJlYTc0ZTMyYTI%25253D&size=1&version=1619192376&sig=1d58a07bcd5d2d1873a8843cdd110b92&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: f073fc94623e5b384f0983aa10914f5d4cd5fd4fe08518f2948bea9e8a8410ad

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 07:03:04 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Mon, 10 May 2021 07:02:55 GMT
age: 2457594
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwODJlYTBjODgxMWYucG5nJnZlcnNpb249MDAwMCZzaWc9NzdkZWI4MzcxZjYyODk3Y2U1Nzg5ZmJlYTc0ZTMyYTI%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 38590
x-amz-cf-id: szjFAgO_lZ0uJ0K8HG8XIceAUdHNXm5IgbAfbC7963w4ytDnP2Nnng==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 43 KB
43 KB 162ms
158ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNzlkYjk0MDVlOTIuUE5HJnZlcnNpb249MDAwMCZzaWc9ZWI1MjRjNWFjYTMzMDY4MDgyMmYwZmQ5NzgwMDk3YTE%25253D&size=1&version=1618598853&sig=559eb65e39a589898eb7abd6e3300866&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: 933aaa63196ad7eecd28c93c753a1d0010a94a2cac8466ab6ec5814da3184aea

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 07:03:05 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Mon, 10 May 2021 07:02:55 GMT
age: 2457594
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNzlkYjk0MDVlOTIuUE5HJnZlcnNpb249MDAwMCZzaWc9ZWI1MjRjNWFjYTMzMDY4MDgyMmYwZmQ5NzgwMDk3YTE%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 44005
x-amz-cf-id: 062LNz_LMPxrinWBarJCiF0Hlu1dNL4YOAz18z92VZGbTJ5ei0XcEw==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 41 KB
42 KB 148ms
144ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNzA4NGU2Mzg3NWIucG5nJnZlcnNpb249MDAwMCZzaWc9NGZlNzM3ODc1YjRlN2MxNzM2ZTVlN2Q1ZWIwYjkzZjE%25253D&size=1&version=1617986867&sig=c379a5530f8b422d2438a9838fcf6198&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: 26afc3a3183b7730ecad405371a9141e19cc9d027323ac6d4e6d8173d67e5f52

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 07:03:05 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Mon, 10 May 2021 07:02:55 GMT
age: 2457594
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNzA4NGU2Mzg3NWIucG5nJnZlcnNpb249MDAwMCZzaWc9NGZlNzM3ODc1YjRlN2MxNzM2ZTVlN2Q1ZWIwYjkzZjE%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 42396
x-amz-cf-id: 7s8dXWAxoeKcIIpcSNlvr42rGWl_ltvolScxMxWTf5YBO-b7nMfhHg==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 37 KB
37 KB 172ms
168ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNjczNjA5NmEzZjgucG5nJnZlcnNpb249MDAwMCZzaWc9OTE0N2VhMzZmZDVhZmViNzE3YjQ3NTRlMzZkZjNkM2M%25253D&size=1&version=1617376820&sig=12357177f65ef9bb55750050a8f53c67&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: b322a728ade366021f79f97550eb78da570ec8ee20199c9d9cd11750cee8a441

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 19:51:28 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Sun, 23 May 2021 19:51:18 GMT
age: 1288291
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNjczNjA5NmEzZjgucG5nJnZlcnNpb249MDAwMCZzaWc9OTE0N2VhMzZmZDVhZmViNzE3YjQ3NTRlMzZkZjNkM2M%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 37723
x-amz-cf-id: ZnD5QcY8yVa0NQIqEo_TehIn3YA1ybfOYdCjr9mlqbES9gI4l4s8aA==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 29 KB
29 KB 164ms
160ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNjM0ZjAzOTFjMjYucG5nJnZlcnNpb249MDAwMCZzaWc9MWY4ZWI3MTJmZjE3YjQ4MmY3ZGVjYzI2NmViNDJjOGE%25253D&size=1&version=1617121119&sig=d0c1b923c0c629a383046e189aefb394&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: 34789f98cc72efc62fcc72db2ff546d844e4fd6513ccb64eaf99a8152d9e6df3

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 19:51:29 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Sun, 23 May 2021 19:51:19 GMT
age: 1288290
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNjM0ZjAzOTFjMjYucG5nJnZlcnNpb249MDAwMCZzaWc9MWY4ZWI3MTJmZjE3YjQ4MmY3ZGVjYzI2NmViNDJjOGE%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 29574
x-amz-cf-id: VMBRTRD8KtjAH-VhkMnWfM0Stq8tMEpjPr0Yoy0hgDxiTqiZPh_rxg==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 45 KB
46 KB 148ms
145ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNWUwY2VhZWI5YzAucG5nJnZlcnNpb249MDAwMCZzaWc9ZDZhMDY3MmQ1MmVjN2IzYjQxNDA3YTZjMjUyODNiOWE%25253D&size=1&version=1616776463&sig=73e2283dace5af772a7a2622a2c90eba&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: 9e8963fa542cea4c67f077b8c96dca2845075152898cdd46ebe3accbcdf8f970

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 17:18:41 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Fri, 26 Mar 2021 17:18:31 GMT
age: 6308658
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNWUwY2VhZWI5YzAucG5nJnZlcnNpb249MDAwMCZzaWc9ZDZhMDY3MmQ1MmVjN2IzYjQxNDA3YTZjMjUyODNiOWE%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 46200
x-amz-cf-id: 7UBPXB_yg5J-2ZYqPQZrJepGJvKJxjBAkRiNV3-GNMu_5Tut4Ri2pQ==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 33 KB
34 KB 155ms
151ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNWE0YjZhYzNlNGIucG5nJnZlcnNpb249MDAwMCZzaWc9ODNjOTUyZmQwNjgyODQyOTE5ZWQ1NjJlMmJkYWIwM2U%25253D&size=1&version=1616530391&sig=7a25efee2663aebece5f3bf68b78f426&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: 0747ff54c97be21f6b5976fbb1a8ae6e537dc7a6f6fbaa97e6cfe52bb11940a7

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 13:25:10 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Sun, 30 May 2021 13:25:00 GMT
age: 706669
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNWE0YjZhYzNlNGIucG5nJnZlcnNpb249MDAwMCZzaWc9ODNjOTUyZmQwNjgyODQyOTE5ZWQ1NjJlMmJkYWIwM2U%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 34051
x-amz-cf-id: etkZGSecr9KKLq-Lsg6-vrYR6wWUCxqyMI-6-ffMzikGT5cOpWOkng==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 43 KB
43 KB 170ms
166ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNTRkMWVlNjNiNGYuUE5HJnZlcnNpb249MDAwMCZzaWc9NmI1NTQyYTA2OWQyNTk4OTY2MGI5MzlkNGNlMjViNjM%25253D&size=1&version=1616171546&sig=fd393772c9f78f2a105d5fed5eb68404&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: 933aaa63196ad7eecd28c93c753a1d0010a94a2cac8466ab6ec5814da3184aea

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:09:31 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Fri, 04 Jun 2021 08:09:21 GMT
age: 293608
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNTRkMWVlNjNiNGYuUE5HJnZlcnNpb249MDAwMCZzaWc9NmI1NTQyYTA2OWQyNTk4OTY2MGI5MzlkNGNlMjViNjM%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 44005
x-amz-cf-id: uvVsSoupRfEU3ST1MxlyeVcu5N8xnCuSDWocIPGSsYgM6vS_6YKZ1w==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 48 KB
49 KB 158ms
155ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNGJiOGZlNWNiYTQucG5nJnZlcnNpb249MDAwMCZzaWc9MzhmZjlkOWY4NjE4NDE1ZGM4Y2YzZmNkYzQ5ZWE0YjY%25253D&size=1&version=1615575294&sig=f9a75ab766a03ab7015dffa10693a118&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: f6147758447fff42053a630195696a0409d6fbb5bff518664461a672338a4551

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 10:04:23 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 10:04:14 GMT
age: 3483515
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNGJiOGZlNWNiYTQucG5nJnZlcnNpb249MDAwMCZzaWc9MzhmZjlkOWY4NjE4NDE1ZGM4Y2YzZmNkYzQ5ZWE0YjY%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 49158
x-amz-cf-id: 3BXZE-2T1j2dwPEZtRH4i7EqebbyylXGm5DKRzS1at3Us5J-1xnIWw==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 48 KB
48 KB 165ms
161ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNDI1ZjEzODEwMGUuUE5HJnZlcnNpb249MDAwMCZzaWc9MWRkM2M1MDYxMWY2OWYyNDQyMWE4MTU4MjcxYzY3MGQ%25253D&size=1&version=1614962704&sig=1a62a84e91274456b5bddb8c673afa76&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: a48bf122377ae956625be4a87785f8a6471190724d2eafb24a08fe5497c54006

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 19:51:29 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Sun, 23 May 2021 19:51:19 GMT
age: 1288290
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNDI1ZjEzODEwMGUuUE5HJnZlcnNpb249MDAwMCZzaWc9MWRkM2M1MDYxMWY2OWYyNDQyMWE4MTU4MjcxYzY3MGQ%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 48944
x-amz-cf-id: tEMlkVC9A1KQzEiRzAQO6GS2Dc0NVs_caeJSzBzvXh3i8oLK-O3Vwg==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 45 KB
46 KB 148ms
145ms Image
image/jpeg 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwMzkzMjRlMjExYzYucG5nJnZlcnNpb249MDAwMCZzaWc9MjU4NmM4MzM3MTVlYTRjZmVjMWM0ZDhkNjQzOTM0NzE%25253D&size=1&version=1614361238&sig=222fcef4b5e51450258d294a88f7b9f8&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: /
Resource Hash: fc2d5ac3e4d6a84b97ac5858c03e2456a436e44256eac539c78665921509ba15

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:09:31 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Fri, 04 Jun 2021 08:09:21 GMT
age: 293608
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwMzkzMjRlMjExYzYucG5nJnZlcnNpb249MDAwMCZzaWc9MjU4NmM4MzM3MTVlYTRjZmVjMWM0ZDhkNjQzOTM0NzE%253D.jpg"
x-amz-cf-pop: BUD50-C1
content-length: 46572
x-amz-cf-id: UmtHaLCqFchufmgoBjfY9SddybqBm5xwPC2o47vEbmmmU16WJ8Lybg==

GET
H2 200 hubs_app.a76c7d5ffeac5df5acba.js Show response
content.cdntwrk.com/js/hubs/ 1 MB
311 KB 79ms
78ms Script
application/javascript 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1a42e37a1d6048a04aee2679303fcfb210e2df96abd3d753f09e767ddd245d4

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 01:00:18 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 20:11:21 GMT
server: AmazonS3
age: 578562
etag: W/"08b152ceba8b03c4b1808105b942a78f"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: xKwh5xojIocpN_KtW_KgFbtSkEgva_C5YoPqLv3Pbt4zeZ52uWRkSg==
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)

GET
H2 200 onbrand.bundle.js Show response
cihost.uberflip.com/digitalshadows/master/build/ 323 KB
100 KB 10ms
10ms Script
application/javascript 2600:9000:206f:2600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/onbrand.bundle.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ff3eb81405e14ba4c2f89a57c4adfaac486f0b2b0e9754fd68d2ccbd82e8c09

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 15:17:31 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 13:04:23 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1617282260/ctime:1617282260/gid:121/gname:docker/md5:b328763220d97af53c77409a848c9e00/mode:33188/mtime:1617282260/uid:1001/uname:runner
age: 8729
etag: W/"b328763220d97af53c77409a848c9e00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ywK4vsDFxQZi97Yqb_bH5JzVTWnZEBIP6mMg3_H_DF4kZ4V5vfiaBw==

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
20 KB 26ms
21ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 3929013
cdn-cachedat: 2021-04-23 08:09:03
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a892b25cf0000d725ee933000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 90533a7bac91cb591326933897315934
cf-ray: 65bbae1c7b35d725-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 32ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6640279
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6646
cf-request-id: 0a892b25dd00004e2046a14000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gQ9so8UfOb%2FueD2OdSs59NALX36EMd%2B4e5eCeQs36f0goqMyzlTWzOhjRweL2A88m2xUY76DHn%2FiVJ825LSTlvBBRME1E%2FIyPiFF5hLMEQK%2FK1DTKfEOPjeUb0NG9DMy4hHaA1wM7hRPn14Mkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65bbae1c9f364e20-FRA
expires: Sat, 28 May 2022 17:42:59 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
15 KB 23ms
17ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617, 617, 617, 617, 617
age: 1019376
cdn-cachedat: 2021-05-27 00:26:56
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a892b25d00000d725dea23000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0b815e375b1e139070e50b52f7caac5b
cf-ray: 65bbae1c8b3bd725-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK rtp.js Show response
lonrtp1-cdn.marketo.com/rtp-api/v1/ 151 KB
42 KB 234ms
139ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-226.deploy.static.akamaitechnologies.com

Software

Jetty(7.3.1.v20110307) /

Resource Hash

7ffc641fd546db861d9fe2264fe5422f3cd3d7be32dd7aa8fe7e1d2d18d64505

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Last-Modified: Fri, 14 May 2021 02:48:44 GMT
Server: Jetty(7.3.1.v20110307)
Date: Mon, 07 Jun 2021 17:42:59 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=220
Connection: keep-alive
Content-Length: 42413

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
49 KB 59ms
56ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c52956c4501510ba5ad2ac1b11f8ae403324a9d91bd70b664ff6c1726633ad8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49809
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 17:04:56 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Jun 2021 17:42:59 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 18ms
6ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=grp0jzg&ht=tk&f=32231.32232&a=3933308&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/grp0jzg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 8z7ynkcdvg2s.js Show response
js.driftt.com/include/1623087900000/ 214 KB
61 KB 334ms
202ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1623087900000/8z7ynkcdvg2s.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

e6c99ce8b235805f81979007460813bc645d6ad3f423ddac1dd8fbe5a7b12fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
content-encoding: gzip
x-amz-cf-pop: BUD50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 18:28:58 GMT
server: nginx
etag: W/"b41ab560720be12cb1ac449f6e643a71"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KdQldqP0PQ7.ScpjaF8jbnhyM4W2_od0
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7PJXqaH0lgFpRSbJM5kzJqqlzIPTqzBN7P0wl-GzzPZMluLD60qlcQ==

GET
H/1.1 200
OK / Show response
w.soundcloud.com/player/ Frame 3A44 1 KB
1 KB 294ms
163ms Document
text/html 52.85.170.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1062002668&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-35.bud50.r.cloudfront.net

Software

am/2 /

Resource Hash

3f39269498936de2ed04dce9d3f22ea7098a3ea8c040e1189a1d153c1a2d34da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Host: w.soundcloud.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Via: sssr, 1.1 4bcdb4b620ec4693e662abfb6a510094.cloudfront.net (CloudFront)
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
Cache-Control: public, max-age=300
Date: Mon, 07 Jun 2021 17:42:59 GMT
strict-transport-security: max-age=63072000
Server: am/2
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: BUD50-C1
X-Amz-Cf-Id: VmiJvYauiesod7JLfA2L_PZakLcFCEv45wEJvQvHvGxdWrY45XbndA==

GET
H2 200 sprite-1x.png
content.cdntwrk.com/img/hubs/ 59 KB
60 KB 91ms
91ms Image
image/png 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/sprite-1x.png
Requested by: Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a249bcffb2d8e92a3bdff919def43b14841803ad93b80ffa864db1090e007594

Request headers

Referer: https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:35:18 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 20:11:17 GMT
server: AmazonS3
age: 579261
etag: "9e7227669aa01cd19bcc27e802668929"
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 60511
x-amz-cf-id: FsqAa77HxOJCNeWopFoq5b0I8W0HfFqDAha0mXgGKQMB9KRb8onzBQ==

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 551365
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Wed, 01 Jun 2022 08:33:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:49:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 499992
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Wed, 01 Jun 2022 22:49:47 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 04:57:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 564352
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Wed, 01 Jun 2022 04:57:07 GMT

GET
H2 200 uparrow.png
content.cdntwrk.com/img/hubs/ 194 B
566 B 61ms
61ms Image
image/png 52.85.170.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/uparrow.png
Requested by: Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-74.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fb7ee27fdfb34869f89aa51d9af1cf86ecc6800ab591ec3ca78f155742200b2

Request headers

Referer: https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 20:13:51 GMT
via: 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 20:11:17 GMT
server: AmazonS3
age: 509348
etag: "e5bbd7205c8f2ff1cd6c9f777f31da64"
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 194
x-amz-cf-id: b_1iaj1i3jxTDvUs1QLFsrQqjl4KU52xUjflCUQEhYPWhwqmLYqOoA==

GET
H2 200 ajax_ping Show response
resources.digitalshadows.com/hubsFront/ 49 B
114 B 167ms
166ms XHR
application/json 52.60.165.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digitalshadows.com/hubsFront/ajax_ping

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.60.165.183 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-183.ca-central-1.compute.amazonaws.com

Software

Resource Hash

74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _MGZ_=n6pu9s8lf02ejhtir13lg7r5m9; pdf_event=WyJbe1widXVpZFwiOjE1MDk5MDA2NzR9LDE2NTQ2MjM3NzhdIiwiY2E0YTE5ODI1OGVhZGU5NWU5N2ZlOGViMmQ4ODZmNDciXQ%3D%3D
:path: /hubsFront/ajax_ping
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: resources.digitalshadows.com
referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
referrer-policy: unsafe-url
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language: en-US
x-xss-protection: 1; mode=block
content-type: application/json
content-length: 49
x-content-type-options: nosniff

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 28 KB
13 KB 258ms
71ms Script
application/javascript 52.49.20.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?75
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.20.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-20-76.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Jun 2021 16:29:58 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=82019
Connection: keep-alive
Content-Length: 12574
Expires: Tue, 08 Jun 2021 16:29:58 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 149ms
51ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 01:40:41 GMT
Server: AkamaiNetStorage
ETag: "5379c4a40ff8ae9d2fc6484dd1c57349:1622166041.794746"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/ 44 KB
15 KB 12ms
12ms Script
text/javascript 2a02:26f0:6c00::210:ba80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/roundtrip.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f8527016d1ead6331a015e1fbf4e932d60b992eb004ad0a85fae18a232ba802

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6sTciCGu6vFJmfL04tharXtf_AqyD_.h
Content-Encoding: gzip
ETag: "52b9fd6baab3612de808ee5bd541a144"
x-amz-request-id: 0C3HRD05D2D45B8N
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 14288
x-amz-id-2: +5Y4Ga7rYY+DWetrh2+2NQM0OagjRWwIXaOCZBEMRmg1gUvmzruil5GgJXrz7N1nImR9mtcX9RQ=
Last-Modified: Mon, 07 Jun 2021 14:05:46 GMT
Server: AmazonS3
Date: Mon, 07 Jun 2021 17:42:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 logo.svg
cihost.uberflip.com/digitalshadows/master/assets/images/ 3 KB
2 KB 8ms
8ms Image
image/svg+xml 2600:9000:206f:2600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cihost.uberflip.com/digitalshadows/master/assets/images/logo.svg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47036c6546adb51c4a0f5c80986edcdd0dacae68b27ea6456a1f7b923ee0cff7

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:57:06 GMT
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 21:12:09 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1570735108/ctime:1570733733/gid:20/gname:staff/md5:583031fb4ffc6aa9208f1e5e135e34ee/mode:33188/mtime:1570733733/uid:502/uname:modip
age: 13553
etag: W/"583031fb4ffc6aa9208f1e5e135e34ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: rE0SJ-m2wOJm5bf3tABA-_Q3crvlsDIhYo-yecNNKQGI9E2GcflcDg==

GET
H2 200 l
use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/ 16 KB
16 KB 17ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://use.typekit.net/grp0jzg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
server: nginx
etag: "b9e1ecdf0fe601a7e9dfc362b400290203e7b31c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16456

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 08:33:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
age: 551387
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
expires: Wed, 01 Jun 2022 08:33:12 GMT

GET
H2

200

ionicons.woff2
unpkg.com/ionicons@4.5.10-0/dist/fonts/
Redirect Chain

https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2?v=4.5.9-1
https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2

49 KB
50 KB

30ms
30ms

Font
font/woff2

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2

Requested by

Host: unpkg.com
URL: https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5505334
vary: Accept-Encoding
content-length: 50556
cf-request-id: 0a892b27460000c2f977164000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: "c57c-YMnhCnCYFRSL9KmzM6OWaSc5zVw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: 5cb61f2a2810c2ac2d5fe64fb1f7be70
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65bbae1eddc4c2f9-FRA

Redirect headers

date: Mon, 07 Jun 2021 17:42:59 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01F7KR16GC54V3KQF1HFFAC4TH
server: cloudflare
age: 1137
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /ionicons@4.5.10-0/dist/fonts/ionicons.woff2
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 65bbae1e0c13c2f9-FRA
access-control-allow-origin: *
cf-request-id: 0a892b26c50000c2f941abc000000001

GET
H2 403 DINOffc-Light.woff2
cihost.uberflip.com/digitalshadows/master/build/fonts/ 0
0 403ms
386ms Font
application/xml 2600:9000:206f:2600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Light.woff2
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-cf-id: k1wux-f-LlDr9ZqsrHJKYDeBvtpzdb8PGiwXk53gsWbIOvuvqI9x1Q==

GET
H/1.1 200
OK flipbot-v2.min.js Show response
flipbot.uberflip.com/js/ 23 KB
23 KB 382ms
123ms Script
application/javascript 52.21.227.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1623087779386
Requested by: Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-227-162.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 373fafb398efb8e80d1e722c7c1aab823c1525490eb4b7c476bd0f99c6457b2f

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Via: 1.1 vegur
Last-Modified: Mon, 03 May 2021 18:23:51 GMT
Server: Apache
Etag: "5be9-5c17110361bc0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23529

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

9ms
6ms

Script
application/javascript

2a02:26f0:6c00::210:ba80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: E6Gl9B7gPbHVX38jHWUJV0Im5cXEZg8.
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 6J6WV6RWN730WHRP
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 5fY3mOf86PHfXzznpqyZ93VnsPjHl6TGgYcWIYb8oAwsAUfC3CR9Q6oHbvANb3at/wFXTkgrlzE=
Last-Modified: Thu, 20 May 2021 19:48:38 GMT
Server: AmazonS3
Date: Mon, 07 Jun 2021 17:42:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1896
date: Mon, 07 Jun 2021 17:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 07 Jun 2021 19:11:23 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=23358
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2

200

/ Show response
d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/M2GUWUTBBJFFRJ7RPYG7FT?_s=ab42d2b4de20b461e5884376c81f11d9&_b=2
https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=ab42d2b4de20b461e5884376c81f11d9&_b=2

395 B
863 B

67ms
62ms

Script
application/javascript

63.35.200.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=ab42d2b4de20b461e5884376c81f11d9&_b=2
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.200.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-200-21.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 5c287b410ca59b2bf9e41efa7c18be3af7ce90be8387db018aeccd371bb7efb4

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 17:42:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: application/javascript
content-length: 395
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location: https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=ab42d2b4de20b461e5884376c81f11d9&_b=2
date: Mon, 07 Jun 2021 17:42:59 GMT
server: nginx/1.18.0
content-length: 105

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/ 91 KB
33 KB 184ms
86ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2015 11:20:15 GMT
Server: AkamaiNetStorage
ETag: "3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 33467

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 22 KB
4 KB 145ms
48ms Stylesheet
text/css 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: AkamaiNetStorage
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3752

GET
H/1.1 200
OK trw Show response
lonrtp1.marketo.com/gw1/ 0
436 B 170ms
58ms Script
application/x-javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/trw?aid=digitalshadows&ref=https%3A%2F%2Fmailer.digitalshadows.com%2F&trwv.uid=digitalshadows-1623087779673-cc6f8f38&trwv.vc=1&trwsa.sid=digitalshadows-1623087779675-b3df1154&trwsb.cpv=1&ctzo=+02:00&uri=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&pm=&viewedTypes=&rts=1623087779679

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Cache-Control: no-cache
Server: Jetty(7.3.1.v20110307)
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Content-Type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK trw Show response
lonrtp1.marketo.com/gw1/ 0
436 B 175ms
60ms Script
application/x-javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/trw?aid=digitalshadows&ref=https%3A%2F%2Fmailer.digitalshadows.com%2F&trwv.uid=digitalshadows-1623087779673-cc6f8f38&trwv.vc=1&trwsa.sid=digitalshadows-1623087779675-b3df1154&trwsb.cpv=2&ctzo=+02:00&uri=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&pm=&viewedTypes=&rts=1623087779682

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Cache-Control: no-cache
Server: Jetty(7.3.1.v20110307)
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Content-Type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK ga-integration-2.0.3.js Show response
rtp-static.marketo.com/rtp/libs/ 17 KB
6 KB 155ms
49ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.3.js
Requested by: Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ed98dedbe15b339c752900e4cbbac66b8bd5f9c6bf230e3456303c994fef5010

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Mar 2021 14:19:10 GMT
Server: AkamaiNetStorage
ETag: "bdd061e1b74ec74e1aef27cc2519203a:1617200349.471241"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5533

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 43 KB
14 KB 7ms
6ms Script
text/javascript 2a02:26f0:6c00::210:ba80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bdbd13a9da4238bc080d842dc7a9ec35b489331b7d62efb221190e1e2e7207c

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RVXD6y5am6YixIs20gc16A7S2LiJxdei
Content-Encoding: gzip
ETag: "e7e1157bceb87dc38d309f98df7a67f9"
x-amz-request-id: MZ32NXSB60KG21X7
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 13670
x-amz-id-2: 0dolC8tVzZ+EUXwNdKgzBqn22lBOFTUzjbbjLZU7W29r5KFgrwObTlLUgal7kdfmt02JuAfQPWM=
Last-Modified: Wed, 02 Jun 2021 22:36:05 GMT
Server: AmazonS3
Date: Mon, 07 Jun 2021 17:42:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/160/ 11 KB
6 KB 59ms
58ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/160/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 02:54:38 GMT
Server: AkamaiNetStorage
ETag: "19a9335fd71267d56e65bc19390f3100:1613703278.138281"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4811
Expires: Wed, 15 Sep 2021 17:42:59 GMT

GET
H2 200 widget-7-cda7b11cc43e.js Show response
widget.sndcdn.com/ Frame 3A44 8 KB
3 KB 220ms
61ms Script
application/javascript 52.85.170.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-7-cda7b11cc43e.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1062002668&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-17.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9413f1dd7c49e8c6b9bfea23bf5d80083db23141dab1e97ceb10baa29639105c

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:55:41 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 13639
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 13:45:08 GMT
server: AmazonS3
etag: W/"60732313eba8b68f43e0f37f4684e27c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: dWfYOgFoMGSxiAGII7gqlD1T1z7ugGqB
via: 1.1 a3c3236fb9c392e8c5978c750d2f8309.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: nYVyPS_6c7IFY2-DWcHBx0pyz5vGxwsXjqjjoBhrPtuGVitXjaL-4A==

GET
H2 200 widget-8-50bd51910b02.js Show response
widget.sndcdn.com/ Frame 3A44 2 KB
2 KB 220ms
61ms Script
application/javascript 52.85.170.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-8-50bd51910b02.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1062002668&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-17.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb63f20e251eb8f374ba3e774c2efa713eab3483d6b30e086fb317f67e1b695c

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:55:27 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 13653
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 13:45:08 GMT
server: AmazonS3
etag: W/"91aca44bce1508c2f5d6c007ce331b76"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: fPY2eF_6EAaeZKtEL5IFnEr8t_1aea.e
via: 1.1 a3c3236fb9c392e8c5978c750d2f8309.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: ga8x6NN649cvhk4huuQOAv3I1rXpVRJI-KnnN1DE_BEX7r-59FqP9w==

GET
H2 200 widget-9-3d4d9a0f9c5b.js Show response
widget.sndcdn.com/ Frame 3A44 1 MB
306 KB 220ms
62ms Script
application/javascript 52.85.170.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1062002668&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-17.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c6aa1a86a8d54a45831bd8208f03c928dc15f9de1fa5301b50cf75e10fcf7fe

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:55:27 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 13653
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 13:45:08 GMT
server: AmazonS3
etag: W/"b884412af38d2a18d2a9e90b989a1575"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 0CHPhvmBXxZaxN9Q6C4UNaJg2lNVC0LM
via: 1.1 a3c3236fb9c392e8c5978c750d2f8309.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: V0ysGGRNjJiK4-hw01ymVg0N3JzyHHqaG2MUY1qahtEYnPdZ_U0V3A==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmwar...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2017233%26time%3D1623087779721%26url%3Dhttps%253A%252F%252Fresources.digitalshado...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmwar...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmwa...

0
155 B

397ms
163ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&liSync=true&e_ipv6=AQLgDfIUnI_AIgAAAXnnkhJPVOgoBBnM_RLhR7CPTjkLAARaM5Rz16tJN8C07JDPIhC0XZDJ
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:43:00 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: emqdtbxdhhZgSTe9hisAAA==

Redirect headers

date: Mon, 07 Jun 2021 17:43:00 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&liSync=true&e_ipv6=AQLgDfIUnI_AIgAAAXnnkhJPVOgoBBnM_RLhR7CPTjkLAARaM5Rz16tJN8C07JDPIhC0XZDJ
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: ImLynrxdhhZAAWQO1SoAAA==

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 100 KB
38 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-M7472C6&t=gtm4&cid=1891057759.1623087780

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0c88bbd0c85d47d323bcd4bb8cb5009d0871281a560b9329afec9a0c4a88162

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38964
x-xss-protection: 0
expires: Mon, 07 Jun 2021 17:42:59 GMT

GET
H/1.1 200
OK msg Show response
lonrtp1.marketo.com/gw1/ 0
495 B 179ms
60ms Script
text/javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/msg?a=2&sid=digitalshadows-1623087779675-b3df1154&aid=digitalshadows&viewedTypes=&0.5393659644802264&rts=1623087779742

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H/1.1 200
OK msg Show response
lonrtp1.marketo.com/gw1/ 0
495 B 177ms
59ms Script
text/javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/msg?a=2&sid=digitalshadows-1623087779675-b3df1154&aid=digitalshadows&viewedTypes=&0.7497780341461946&rts=1623087779744

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 66ms
65ms Script
application/javascript 52.49.20.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=52079&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&pv=1623087779745_mwb7u5s77&bl=en-us&cb=5453310&return=&ht=&d=&dc=&si=1623087779745_mwb7u5s77&cid=production%7C%7C68709%7C%7C1351664%7C%7C658024139&s=1600x1200&rp=https%3A%2F%2Fmailer.digitalshadows.com%2F
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.20.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-20-76.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 590ms
213ms Script
application/javascript 3.231.126.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=752021
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.126.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-126-55.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Tue, 08 Jun 2021 17:43:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=453760467&t=pageview&_s=1&dl=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&dr=https%3A%2F%2Fmailer.digitalshadows.com%2F&ul=en-us&de=UTF-8&dt=Weekly%3A%20Nobelium%20Attacks%2C%20VMWare%20Exploits%2C%20and%20the%20Biden%20Administration%E2%80%99s%20Letter%20on%20Ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=2135656609&gjid=1927540928&cid=1891057759.1623087780&tid=UA-24205771-1&_gid=47542810.1623087780&_r=1&gtm=2wg621PG934MV&cd4=Weekly%3A%20Nobelium%20Attacks%2C%20VMWare%20Exploits%2C%20and%20the%20Biden%20Administration%E2%80%99s%20Letter%20on%20Ransomware&z=1993153399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 17:42:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://resources.digitalshadows.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
96 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-24205771-1&cid=1891057759.1623087780&jid=2135656609&gjid=1927540928&_gid=47542810.1623087780&_u=aGDAAEACQAAAAC~&z=2087200483

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Jun 2021 17:42:59 GMT
content-type: text/plain
access-control-allow-origin: https://resources.digitalshadows.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
28ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-24205771-1&cid=1891057759.1623087780&jid=2135656609&_u=aGDAAEACQAAAAC~&z=1916963065

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 17:42:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
29ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-24205771-1&cid=1891057759.1623087780&jid=2135656609&_u=aGDAAEACQAAAAC~&z=1916963065

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 17:42:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK msg Show response
lonrtp1.marketo.com/gw1/ 0
495 B 180ms
61ms Script
text/javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/msg?a=2&sid=digitalshadows-1623087779675-b3df1154&aid=digitalshadows&viewedTypes=&0.17480816719290893&rts=1623087779854

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:43:00 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H/1.1 200
OK msg Show response
lonrtp1.marketo.com/gw1/ 0
495 B 196ms
58ms Script
text/javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/msg?a=2&sid=digitalshadows-1623087779675-b3df1154&aid=digitalshadows&viewedTypes=&0.3828352290514865&rts=1623087779863

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:43:00 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 126 KB
35 KB 100ms
99ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by: Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: AkamaiNetStorage
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 35484

GET
H2 403 DINOffc-Light.woff
cihost.uberflip.com/digitalshadows/master/build/fonts/ 0
0 387ms
387ms Font
application/xml 2600:9000:206f:2600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Light.woff
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:59 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-cf-id: lWbgnOEKQU-3zr-BLlhU-sNZZxE3VKdfhqdUH8Bv-mM4VFVpFULJPg==

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 11 KB
3 KB 6ms
6ms Script
text/javascript 2a02:26f0:6c00::210:ba80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 982366f1ad02914ee8f64b7b11ac8a7f9902b6050e10c269b171cd2e51db3dee

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ToEVEDgpBrI1Sgbt2QVX7Kvt9m0TMGjG
Content-Encoding: gzip
ETag: "5c44da3d0ddeac28ae4c1facdfbfa217"
x-amz-request-id: S7WXWCM5GMNSTSV4
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2719
x-amz-id-2: WoAojih6vKf3PjBxDHWLv3N94ecACIDafRgp43WC693+wenel05fBrQSidrDiT4IZoQQ6a8yqvA=
Last-Modified: Mon, 07 Jun 2021 14:02:39 GMT
Server: AmazonS3
Date: Mon, 07 Jun 2021 17:42:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 VD4NA2LPTRDHFCOWWLH536 Show response
d.adroll.com/segment/M2GUWUTBBJFFRJ7RPYG7FT/ 42 B
935 B 87ms
86ms XHR
image/gif 63.35.200.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/segment/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&pv=74060466514.0034&cookie=&adroll_s_ref=https%3A//mailer.digitalshadows.com/&keyw=&adroll_external_data=&adroll_version=2.0
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.200.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-200-21.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-pixel-eid: VD4NA2LPTRDHFCOWWLH536
date: Mon, 07 Jun 2021 17:42:59 GMT
x-advertisable-eid: M2GUWUTBBJFFRJ7RPYG7FT
x-segment-display-name: Resources Center - LP
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 42
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.18.0
x-rule: *resources.digitalshadows.com*
x-segment-eid: DTU3QQ67CZHH7PXZJ5SXHH
content-type: image/gif
access-control-allow-origin: https://resources.digitalshadows.com
access-control-expose-headers: X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Pixel-Eid
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-request-methods: GET
x-segment-name: fa667bdf
access-control-allow-headers: *
x-conversion-currency

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobeliu...
https://pixel.advertising.com/ups/55980/sync?uid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
125 B

148ms
51ms

Image
text/plain

18.197.47.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:43:00 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55980/sync?uid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Mon, 07 Jun 2021 17:42:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 167
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobel...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expiration=1654623779
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expiration=1654623779&C=1

43 B
1 KB

76ms
76ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expiration=1654623779&C=1
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Jun 2021 17:43:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 07 Jun 2021 17:43:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Jun 2021 17:43:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expiration=1654623779&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Mon, 07 Jun 2021 17:43:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expires=365

0
239 B

47ms
46ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expires=365
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expires=365
pragma: no-cache
date: Mon, 07 Jun 2021 17:43:00 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-no...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI

0
477 B

474ms
119ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:43:00 GMT
Cache-Control: no-cache
X-TraceId: 99fbd1e932b7da57af0d46d50fea91bf
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI
pragma: no-cache
date: Mon, 07 Jun 2021 17:43:00 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 100
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-no...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
395 B

55ms
53ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:43:00 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:471
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Mon, 07 Jun 2021 17:43:00 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 220
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nob...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI

0
248 B

147ms
52ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Mon, 07 Jun 2021 17:43:00 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14057

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI
pragma: no-cache
date: Mon, 07 Jun 2021 17:43:00 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-...
https://eb2.3lift.com/xuid?mid=4714&xuid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

48ms
48ms

Image
image/gif

35.157.135.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.135.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-135-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:43:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date: Mon, 07 Jun 2021 17:43:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 logo-200x120-3190df52.png
widget.sndcdn.com/assets/images/ Frame 3A44 4 KB
4 KB 185ms
62ms Image
image/png 52.85.170.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.sndcdn.com/assets/images/logo-200x120-3190df52.png
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1062002668&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-17.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 00:22:23 GMT
via: 1.1 4bcdb4b620ec4693e662abfb6a510094.cloudfront.net (CloudFront)
age: 1617638
x-cache: Hit from cloudfront
content-length: 3745
last-modified: Wed, 19 May 2021 08:47:59 GMT
server: AmazonS3
etag: "a1591e5274b36cfbae3e167dffe49970"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: buA2nZksBAmYvqipoCFNHNiVEqROnCDV
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: G35hqXt86FcKN32jWDd1RjmaGc8S2g-6l7XmSCsIjmfeHN1WGEqbYw==

GET
H/1.1 200
OK 858013-605958-972248-64612 Show response
api-widget.soundcloud.com/assignments/ Frame 3A44 511 B
1 KB 244ms
117ms XHR
application/json 52.85.120.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/assignments/858013-605958-972248-64612?layers=widget_listening&format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1623073487

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.120.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-120-45.bud50.r.cloudfront.net

Software

am/2 /

Resource Hash

73442042723599bce8535f591fa5ecde187d59fa2c24498fa27d93db9c09d6fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:43:00 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: BUD50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 131
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 cc83cc27259d9c51b700240a5e4b94bd.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: W_bUTULj7UKtLvDpeIl5jjgKTWEofpWfn7J9YSvyBb5kESpYcm9Dkg==

GET
H2 403 DINOffc-Light.ttf
cihost.uberflip.com/digitalshadows/master/build/fonts/ 0
0 383ms
382ms Font
application/xml 2600:9000:206f:2600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Light.ttf
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:43:00 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-cf-id: q2wRoGfGmanQvY4aTY8k-VErBMxntZCAER9mbqz1ww0oLT5_lLQnow==

GET
H2 200 widget-0-d7ceca0f9828.js Show response
widget.sndcdn.com/ Frame 3A44 204 KB
57 KB 74ms
74ms Script
application/javascript 52.85.170.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-0-d7ceca0f9828.js
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-8-50bd51910b02.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-17.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69137757604031457dde4adedff28199a2dc9af2939807858a7979f2b6e691a7

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:55:28 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 13653
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 13:45:08 GMT
server: AmazonS3
etag: W/"9b6cbe7cac32313ed6dbc0536d462b6b"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 0sfhbRQ6qqDnU.gTBRf80eHlfNLpJIg3
via: 1.1 4bcdb4b620ec4693e662abfb6a510094.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: NwkldZ0k3vCOkJl1GyWaz62ekXLEKUomOq07n9PBzptRxea4vQINyg==

GET
H/1.1 200
OK resolve Show response
api-widget.soundcloud.com/ Frame 3A44 6 KB
3 KB 143ms
142ms XHR
application/json 52.85.120.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/resolve?url=https%3A//api.soundcloud.com/tracks/1062002668&format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1623073487

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.120.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-120-45.bud50.r.cloudfront.net

Software

am/2 /

Resource Hash

486458a8400014a5f5008a7c19ab1d232a7b973addbca0f537db2897147acaf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:43:00 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: BUD50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 2248
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 cc83cc27259d9c51b700240a5e4b94bd.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: pjUobxBeZar93ayjtuHWhGBIJ4Im4zFgcJHjKDPjPsUTEGhJCJ1f5A==

GET
H2 200 artworks-F864fQAj7sQa4TwJ-32pfJg-t500x500.jpg
i1.sndcdn.com/ Frame 3A44 30 KB
30 KB 304ms
170ms Image
image/jpeg 52.85.170.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-F864fQAj7sQa4TwJ-32pfJg-t500x500.jpg
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1062002668&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-49.bud50.r.cloudfront.net
Software: /
Resource Hash: 142559e2f626d248d31cc7d786414f8e83bd184d052347da6c0fd49ebd759158

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 15:40:18 GMT
via: 1.1 eb9781eaf534229bf5ad50a1b819581b.cloudfront.net (CloudFront)
age: 266562
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 30415
x-amz-cf-id: SWa-sjcbg0W921IQO0TVt7sTRIjVcVyVb9Sl3WeGB3zR2jAfjKLWEw==

GET
H2 200 share-b41e1876.svg
widget.sndcdn.com/assets/images/ Frame 3A44 1 KB
1 KB 63ms
63ms Image
image/svg+xml 52.85.170.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.sndcdn.com/assets/images/share-b41e1876.svg
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1062002668&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-17.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b8791800987b9daa27029db8bf4599bd773b3110a72a4f5d1ea664509a74e65

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 00:36:28 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1616793
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 19 May 2021 08:47:59 GMT
server: AmazonS3
etag: W/"9423d7e2eeb4c8673077486ceea2e516"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: iOyUm3lA2FWV_TaWXSg6rr24sf0yzvYx
via: 1.1 4bcdb4b620ec4693e662abfb6a510094.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: BUD50-C1
content-type: image/svg+xml
x-amz-cf-id: 5dwvOXMr-i_9SRNZb95SbM-z38OdWmq0OLZKB6z1KHmf00zjdzgINQ==

GET
DATA 200
OK truncated
/ Frame 3A44 43 KB
43 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3e74dbd9087c9f65fc9dd5ee31569b89224f667cab7edafd6ba15890201c2d

Request headers

Origin: https://w.soundcloud.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2 200 artworks-F864fQAj7sQa4TwJ-32pfJg-t500x500.jpg
i1.sndcdn.com/ Frame 3A44 30 KB
30 KB 199ms
76ms Image
image/jpeg 52.85.170.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-F864fQAj7sQa4TwJ-32pfJg-t500x500.jpg
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-0-d7ceca0f9828.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-49.bud50.r.cloudfront.net
Software: /
Resource Hash: 142559e2f626d248d31cc7d786414f8e83bd184d052347da6c0fd49ebd759158

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 15:40:18 GMT
via: 1.1 e2f809a20f7d3a7f8eef1c1b1cfdcc95.cloudfront.net (CloudFront)
age: 266562
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 30415
x-amz-cf-id: SHm3ECzFon0sqnQknwGoajC2eRf0WPNyILZt4v0PH19wP3IVmkpjmQ==

GET
H/1.1 200
OK hls Show response
api-widget.soundcloud.com/media/soundcloud:tracks:1062002668/a226fc03-9488-4f4b-b22a-c3d74f89c5e6/stream/ Frame 3A44 697 B
1 KB 181ms
181ms XHR
application/json 52.85.120.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/media/soundcloud:tracks:1062002668/a226fc03-9488-4f4b-b22a-c3d74f89c5e6/stream/hls?client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.120.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-120-45.bud50.r.cloudfront.net

Software

am/2 /

Resource Hash

ed0b56bbc8fed9cb2d0fcad537cf222e41a16d1e42342c48db5fe4e39d5f6e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:43:00 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: BUD50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 586
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 cc83cc27259d9c51b700240a5e4b94bd.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: 9dlKwAYuqrdnwqxDCfqbI4FX9-uCuZhVebNaj2GtriVd25IXJ_0PRw==

GET
H2 200 artworks-F864fQAj7sQa4TwJ-32pfJg-t500x500.jpg
i1.sndcdn.com/ Frame 3A44 30 KB
30 KB 239ms
170ms Image
image/jpeg 52.85.170.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-F864fQAj7sQa4TwJ-32pfJg-t500x500.jpg
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-49.bud50.r.cloudfront.net
Software: /
Resource Hash: 142559e2f626d248d31cc7d786414f8e83bd184d052347da6c0fd49ebd759158

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 15:40:18 GMT
via: 1.1 eb9781eaf534229bf5ad50a1b819581b.cloudfront.net (CloudFront)
age: 266562
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 30415
x-amz-cf-id: TiOODWQlBc_VDpmWVSR4lcfu9DHW4GOJqU-59CvE_4_9iw1_ROUf1g==

GET
H2 403 DINOffc-Bold.woff2
cihost.uberflip.com/digitalshadows/master/build/fonts/ 0
0 109ms
109ms Font
application/xml 2600:9000:206f:2600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Bold.woff2
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:43:00 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-cf-id: UrfAEjlb2vE7UeFFd33NE2czinkwrUqMDUvbjurh0T9WxSttp3Lrmw==

GET
H2 200 artworks-F864fQAj7sQa4TwJ-32pfJg-t500x500.jpg
i1.sndcdn.com/ Frame 3A44 30 KB
30 KB 95ms
76ms Image
image/jpeg 52.85.170.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-F864fQAj7sQa4TwJ-32pfJg-t500x500.jpg
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-0-d7ceca0f9828.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-49.bud50.r.cloudfront.net
Software: /
Resource Hash: 142559e2f626d248d31cc7d786414f8e83bd184d052347da6c0fd49ebd759158

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 15:40:18 GMT
via: 1.1 e2f809a20f7d3a7f8eef1c1b1cfdcc95.cloudfront.net (CloudFront)
age: 266562
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 30415
x-amz-cf-id: UA9iruqVWAjX83yrUAsuPXVeJVttt1idXaceSLmiwLnNOC1x1yL3Zw==

GET
H2 403 DINOffc-Bold.woff
cihost.uberflip.com/digitalshadows/master/build/fonts/ 0
0 380ms
380ms Font
application/xml 2600:9000:206f:2600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Bold.woff
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:43:00 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-cf-id: FoyR1sX7kjPK39SkErGusV74BvjO6muWJ6a0cpF94TUNoDMJAHfdsg==

GET
H2 200 playlist.m3u8 Show response
cf-hls-media.sndcdn.com/playlist/tEucNltrUV6L.128.mp3/ Frame 3A44 99 KB
3 KB 187ms
179ms XHR
audio/mpegurl 52.85.170.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf-hls-media.sndcdn.com/playlist/tEucNltrUV6L.128.mp3/playlist.m3u8?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLWhscy1tZWRpYS5zbmRjZG4uY29tL3BsYXlsaXN0L3RFdWNObHRyVVY2TC4xMjgubXAzL3BsYXlsaXN0Lm0zdTgiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE2MjMwODkzMzl9fX1dfQ__&Signature=It-6jbns0vMIqhXauW9qFDDo2aPxqK3bDNoQllCFYBYxNCzWSNahi0sjP5VJ9JZWDM4QLlb5Jsk7D7SpuFyzzKyecHmbOvKteBlc7IzciB-RwGVYiRiFhekZ4rv3FcJVHtrGqUxhV02CwNaz2ADeIUShcn8fTv03kbmVyesyrvMhnvbdV~z21DhdCkOs0tLKhzw1t7yLpNd~Wt2bjozCdbNSGCaVb2IzcMB5E5E0uVMqkwxb8h28ml44S01Wdadk7vSwebBSezC3W3sqtrxqm-qea9aLZbIkxigTMOiuypR17SjW3QsXZG~98natA3hxoy5TyaGtmCAqD9DvVCRajA__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-49.bud50.r.cloudfront.net

Software

am/2 /

Resource Hash

ec2176467366d4587d38c7d6ed4e0911386bd2bff33eee8969ad5070d9379818

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:43:01 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
allow: GET, OPTIONS
x-sc-cache: Hit
server: am/2
etag: ffeb694d823cfd37ac2def4ef0c7ea450b38034d
strict-transport-security: max-age=63072000
access-control-allow-methods: GET, OPTIONS
content-type: audio/mpegurl
via: 1.1 e2f809a20f7d3a7f8eef1c1b1cfdcc95.cloudfront.net (CloudFront)
cache-control: no-cache
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type, Origin, X-SC-Auth
x-amz-cf-id: Fvj84ZaRrYNwuEp_qnFeuiNL7UOwiPNZpoWoZwFztSvTl-Jms7H4GQ==

GET
H2 200 tEucNltrUV6L_m.json Show response
wave.sndcdn.com/ Frame 3A44 6 KB
2 KB 237ms
107ms XHR
application/json 52.85.170.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.sndcdn.com/tEucNltrUV6L_m.json
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.170.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-170-125.bud50.r.cloudfront.net
Software: /
Resource Hash: 8f29ab3fa72b2125f781f53fa896f72712cb8868d4d4f4b0cc8aa1179b92014e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 07:23:13 GMT
content-encoding: gzip
age: 37188
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=155520000
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 1981
via: 1.1 a2a926ace399371954fc9fbb55fd02ab.cloudfront.net (CloudFront)
x-amz-cf-id: QoiXyAIo8fWFqYyqrvRq6m-qTj3aH5p07ds8e2ncCO5ikygh6waE1w==

GET
H/1.1 200
OK comments Show response
api-widget.soundcloud.com/tracks/1062002668/ Frame 3A44 51 B
972 B 126ms
125ms XHR
application/json 52.85.120.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/tracks/1062002668/comments?filter_replies=1&threaded=0&limit=100&offset=0&linked_partitioning=1&format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1623073487

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.120.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-120-45.bud50.r.cloudfront.net

Software

am/2 /

Resource Hash

ae1663cbcdbdca7f194a1bb69d2176228b1562f3a88a7be212c3c3a474e0cafd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 17:43:01 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: BUD50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 73
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 cc83cc27259d9c51b700240a5e4b94bd.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: ccnXvyBpFBQTByFJT7wyB0YKU9Y2IRbRZCpQrJh-W3TRlJAZFYkWVw==

GET
H2 200 tEucNltrUV6L.128.mp3 Show response
cf-hls-media.sndcdn.com/media/0/31762/ Frame 3A44 31 KB
31 KB 118ms
118ms Fetch
audio/mpeg 52.85.170.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf-hls-media.sndcdn.com/media/0/31762/tEucNltrUV6L.128.mp3?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLWhscy1tZWRpYS5zbmRjZG4uY29tL21lZGlhLyovKi90RXVjTmx0clVWNkwuMTI4Lm1wMyIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTYyMzA4OTMzOX19fV19&Signature=cfeuepkc-kuMi30ZLWOmtD7yk0zHLJ8xoKaUPMdgzayOEmc8p8jY2mV4FGPTa83SlJoNN5P14sXrlQ9JPWFvuhw6MNpSxqd--N6xXfBys23LNcZo~Bmr7b6pOT0R6r~ZWYybUjbeXaymslXRkNfIY0zw0049clrWkcZAE9F~sgsJAAPX34I46LLBjHATZiSX6ZS-rZy7WqvnvZqr~BkcmhDkmwRh5N-yWfcI5Thh08sonn-N1MrXGs6ilfIunJMlolcL9FOTN65eWWM4X8rABeUvNrkCK6G4ToWwRbliagAwDFMaD-fhl1IWnbytOFJfg5wqNIujfE3MyUOjXw6hkA__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-49.bud50.r.cloudfront.net

Software

am/2 /

Resource Hash

dd97eb92918ff69c3402bbcee55d4e3edf57992b4a902089bd49bfaab2fa9a34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:53:44 GMT
via: 1.1 e2f809a20f7d3a7f8eef1c1b1cfdcc95.cloudfront.net (CloudFront)
server: am/2
age: 13757
accept-ranges: bytes
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
strict-transport-security: max-age=63072000
access-control-allow-headers: Accept, Authorization, Content-Type, Origin, X-SC-Auth
content-length: 31763
x-amz-cf-id: 2jwJTWplGYrqrPcWUQaHLUyh29lWvN0rv13IbnDYFKENRxNJgjswnw==

GET
H2 403 DINOffc-Bold.ttf
cihost.uberflip.com/digitalshadows/master/build/fonts/ 0
0 110ms
109ms Font
application/xml 2600:9000:206f:2600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Bold.ttf
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:43:01 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-cf-id: b8gCGbdutJo9Q-ecOgusfVJtoU90C6iIUrQSqe2LP9GzRt2pfwbw4Q==

GET
H2 200 tEucNltrUV6L.128.mp3 Show response
cf-hls-media.sndcdn.com/media/31763/79410/ Frame 3A44 47 KB
47 KB 109ms
109ms Fetch
audio/mpeg 52.85.170.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf-hls-media.sndcdn.com/media/31763/79410/tEucNltrUV6L.128.mp3?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLWhscy1tZWRpYS5zbmRjZG4uY29tL21lZGlhLyovKi90RXVjTmx0clVWNkwuMTI4Lm1wMyIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTYyMzA4OTMzOX19fV19&Signature=cfeuepkc-kuMi30ZLWOmtD7yk0zHLJ8xoKaUPMdgzayOEmc8p8jY2mV4FGPTa83SlJoNN5P14sXrlQ9JPWFvuhw6MNpSxqd--N6xXfBys23LNcZo~Bmr7b6pOT0R6r~ZWYybUjbeXaymslXRkNfIY0zw0049clrWkcZAE9F~sgsJAAPX34I46LLBjHATZiSX6ZS-rZy7WqvnvZqr~BkcmhDkmwRh5N-yWfcI5Thh08sonn-N1MrXGs6ilfIunJMlolcL9FOTN65eWWM4X8rABeUvNrkCK6G4ToWwRbliagAwDFMaD-fhl1IWnbytOFJfg5wqNIujfE3MyUOjXw6hkA__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-49.bud50.r.cloudfront.net

Software

am/2 /

Resource Hash

c923277b358affc41fcf4d0eaad4118834098809663c1f64c9fae020b6bf66f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:53:45 GMT
via: 1.1 e2f809a20f7d3a7f8eef1c1b1cfdcc95.cloudfront.net (CloudFront)
server: am/2
age: 13756
accept-ranges: bytes
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: BUD50-C1
strict-transport-security: max-age=63072000
access-control-allow-headers: Accept, Authorization, Content-Type, Origin, X-SC-Auth
content-length: 47648
x-amz-cf-id: 3cQPn5yFzADPmg4vldV7nCT5Gse0EAIgFla1bm-D95IBPwlhNV_dOw==

GET
H2 200 core Show response
js.driftt.com/ Frame 69B7 4 KB
1 KB 186ms
186ms Document
text/html 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1623087900000/8z7ynkcdvg2s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

e198523c1c9689d4134c06007828e13a63c3c2d410b1f7a016e3f7628d6712ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 04 Jun 2021 18:28:50 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: hgZlwv2bM8eii.v0gG7eu.FSh7JrLE1o
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 07 Jun 2021 17:43:01 GMT
cache-control: no-cache
etag: W/"4fffeb4ff7dcb3cea0ef0368644c2be1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: 9QylPUbUmA2uCtoCVcgS-cALEpWT5o_mkr_NL5Gsvb378vFnM-1OQQ==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 6115 4 KB
1 KB 183ms
183ms Document
text/html 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1623087900000/8z7ynkcdvg2s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

e198523c1c9689d4134c06007828e13a63c3c2d410b1f7a016e3f7628d6712ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 04 Jun 2021 18:28:50 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: hgZlwv2bM8eii.v0gG7eu.FSh7JrLE1o
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 07 Jun 2021 17:43:01 GMT
cache-control: no-cache
etag: W/"4fffeb4ff7dcb3cea0ef0368644c2be1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: l1YyijxQcxdHCVBhlEl4lnXxtqPB9fbsbP6tLeK2yb6mTDoi_4wSeg==

GET
H2 200 runtime~main.5a33875b.js Show response
js.driftt.com/core/assets/js/ Frame 6115 5 KB
3 KB 64ms
62ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

10c72098868883e139be1b482e781274bcde1caac60f31efd53e9e3089d8f873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 18:28:49 GMT
content-encoding: gzip
age: 256452
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 17:53:38 GMT
server: nginx
etag: W/"a6bfb575b7cb3cabfd3a134a9ffffd77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cA3qwkUjGD18w1r5DqcWZnbptsWqP5x7
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Xl5egPZkqrZUY_OYL3CJe5t1gMh6ti91k9niv9zqiLmmHF-OenTRHg==

GET
H2 200 42.1d3e72f0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 40 KB
12 KB 74ms
72ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

42b6a4cb0223e8edcf8a735efce1e53d8ab0b2604f31606ea6e4e454755a46de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"6bafacd7106b1f1a919e0d9db9ac2d45"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PsraKE5Rqpn1WCq0VTYjZOvkR1qNgwsQ
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0xNQXF5TJbC1V37LCOSTNRLdwbMWtWPQnOpOHSyl4U6E3S4wnzOiOw==

GET
H2 200 25.3ad21d5f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 42 KB
12 KB 74ms
72ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.3ad21d5f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

e9618225f87a07ea43af2674ce4207adfb0897b1bb6aaf2157b502ee89538aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"505015ae57a46f8d45f6393ec7549ede"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Mo_zy1ksUoC1wF0C0Kb2Mfkbb80QKle1
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4mIMMbts_X6HBAGCzKa2ZoBydOrJQYjnIHklb7218HgFFYsUCs6ESQ==

GET
H2 200 40.f7d72950.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 23 KB
7 KB 74ms
72ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.f7d72950.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

f469f0f2ec90c279cfe0e1a54b280d51e700fd6454ca7bffd7202df3dd7d6b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"8d32077d11bf130936ad9f6b2796c9e5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IztndX_FtIwJA1wjdnknjusFhKQvrAWn
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gy08XBBKmqXHUcKmnqCBAdstO6Cs70LMFZad_pW43bVvVse5AWYqnA==

GET
H2 200 22.9acf1962.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 16 KB
5 KB 91ms
89ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.9acf1962.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

0bc5a66e21f8648156fcbc214136ac5ff60d0adc8c9e438a2b769a83f5075d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"8270d313e55bc5cda4436c12c7c8efca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: BDxh3Fo2DoBJW9cBWFp5.5s4o4CX96EV
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6QFT3HHlTp3MLUgNMO2g78OTl5BagR2UgHNX4m8ijOSW0T1od8WHcw==

GET
H2 200 36.2cef282c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 17 KB
6 KB 91ms
89ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.2cef282c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

9ae3331ec7a341b12a352038820ade9dfc4f8946ec365397abf5b5a9a6f74b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"927e45b8993175159e1e9856122c937c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ao6lr74fcDw5JSJPXySF7ZNwybNy8h6G
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yGC_3X5v2B3O8Y8juaFZKMcXPQAwotYZjuMNda5aSs6AjGWwAW3ZSQ==

GET
H2 200 32.48b4a528.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 48 KB
15 KB 91ms
89ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.48b4a528.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

106a6f15d7a3e5d58d45ec5cdc5895303f8d89fb297d7144776d6a61ed43ec88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"a78e63a18295c0d6b9b738183ec44511"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u_Z8TtISpqZ_5Q3EUL9.qOa_OzI.rDBV
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kJGJ89YFNeV05S4VTpavoU6ON8wbkXOlSyIL_lSBtPmnIV06o7vTzQ==

GET
H2 200 18.afae54c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 29 KB
8 KB 91ms
89ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.afae54c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

e7657b3001a9523fb81152df7eb790ac0e7c7a163d06c31c5052b6e1b25ca77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 3296939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"aa46b8d2411ca710860501cb70b87aa6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RsEAITRzirmwXWJLuxexiqSCME3tTtns
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J40osS-LoIo5caEVsTM0So7uS6wTkQMwDXp0GH-LMO0hqKOTytQVCA==

GET
H2 200 19.96441b8b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 39 KB
10 KB 91ms
89ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.96441b8b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

2f5cdaaa7889492b45c17f3fd0d79f8a7f72fccb1bb40ad956b37bf11d8c0175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 03:42:17 GMT
content-encoding: gzip
age: 5493643
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 20:09:57 GMT
server: nginx
etag: W/"854e298ba40cc0c37109059dacdab629"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: BtgfGu2GND91Cxq3pce9T6PierGsKU53
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T-CsvZKMcsq4tFaAv2mlz-2v5ZdfInWGJid3BEMgudiXXHqlbmg5pg==

GET
H2 200 38.352fecdd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 52 KB
18 KB 122ms
120ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.352fecdd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

3356dfe5f7449f95f2518779c2cde62577d323f32a8742179400e24d242aa820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"f5344e718d92b730a8438d79fcbc17e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6tdMMIlFk57Tdpv5c9NuZd0QguYiTalf
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dPdevHcve6Wkohz9WOctmE6KseUzxiNzJrUoXQe03_IcgMUdYvienA==

GET
H2 200 35.57bc2812.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 24 KB
10 KB 136ms
134ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.57bc2812.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

6336f71e33dee69b46657b12675fad734c11b8fb43782f5db75d5cb3ce84d785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"3749f56217551e2a96eef995213d9832"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OYsSCDH.OueWQ7Fjc3Wye7OLkxk5vnaR
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YdKHmXrEouMrbJntGKLwwiRO6X5D46agoEK1Z2G_5BJ5TGJKEbCMUg==

GET
H2 200 24.7bbe74f0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 14 KB
5 KB 136ms
134ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.7bbe74f0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

76f73bfe436a71077f252ade8fb13fdd724a8f1a40fa2ec8bcf65b413a0e6939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"c7ac762c256cb1f0ca73524a8cd0714b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nlhdhxhcru.01V0uXFfcDupLe.RJ8qN2
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CYn7Ati3EBrn7w0hsp8ZjhmnervI5wPRf4Vczj7LX88PfB_XDEI3fg==

GET
H2 200 14.b0278960.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 60 KB
21 KB 136ms
134ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.b0278960.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

d75c1823f06b25faffc4d8177e4fbad465186322ee07a862adabf1de9f6606ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 3296939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:10 GMT
server: nginx
etag: W/"f0ce14b295202c78f02177e314fdf340"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XvmmE.MlaEpf2uz.SJHuSFnPeHj97JvY
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Tzm6A_io5_Wr3BDuIKqVpUyAJklk_g3QvuU9-ptPBzgv8_dh7oepvg==

GET
H2 200 main~493df0b3.c9e16b09.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 21 KB
7 KB 136ms
134ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.c9e16b09.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

77af654a0951e9a142e3378e3095fe84c189836e76ffe57cbdebaa179c850c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 20:02:22 GMT
content-encoding: gzip
age: 1546839
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 20 May 2021 19:48:36 GMT
server: nginx
etag: W/"01f7cb02a3313d3a0b5f194c6db0705f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ktgpRE9pv8lYGI8L6a1AFGZHBA.zK8G1
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M3mA8hYDr98NN7ywc7WyX5LmQjipWZdgyRM1yG8PVhsreHS8k0T6bA==

GET
H2 200 main~970f9218.c16a32d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 64 KB
17 KB 136ms
135ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.c16a32d9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

b729a732630cb2982e263083eda58a88181849bc58bda4f4ab951853e59c2cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 18:28:49 GMT
content-encoding: gzip
age: 256452
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 17:53:38 GMT
server: nginx
etag: W/"ddf5ab84d4375a96f166c55f1e9d2364"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q6uX_DEKens8A0Ynn8z8rRffoAytuceo
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eBpp8Ut61ynJ0a3Q2pJ4V4jCabh1avRa0T0mNFN_HywAAapEb93arA==

GET
H2 200 main~89e24786.6a49a134.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 65 KB
18 KB 136ms
135ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.6a49a134.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

297cd80b4252e15bcc935658af668724a6e585e147618bd30131a27c7f84dab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 18:28:50 GMT
content-encoding: gzip
age: 256451
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 17:53:38 GMT
server: nginx
etag: W/"1231cd411994e9ad2fdb7904122da2f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8LpT4bJxbsp5yhSIEG_7eUdSSe9vLNOp
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wjedo2wGUj9zQ4VVr1Hpx0EgUXyjNbnNtHaeGwQG2_AJGxgfKQaZ0g==

GET
H2 200 main~53ca99a6.772e8e18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 30 KB
10 KB 136ms
135ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.772e8e18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

94797ee870f7f0f1ce73170fde6a5f76ed45dc56283c098afd63edb26f5f5feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 18:28:49 GMT
content-encoding: gzip
age: 256452
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 17:53:38 GMT
server: nginx
etag: W/"a989d544e0e58c61e57903cf2d0cb048"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JnbqhXzDq4XD70e6FLSqbvd7d2PRV4pN
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vvAKs7MSOsUtpLgyW3up6ObQSEe6CEcDmL9W8VnULWwemqb6BQi3iA==

GET
H2 200 runtime~main.5a33875b.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 5 KB
3 KB 131ms
130ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

10c72098868883e139be1b482e781274bcde1caac60f31efd53e9e3089d8f873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 18:28:49 GMT
content-encoding: gzip
age: 256452
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 17:53:38 GMT
server: nginx
etag: W/"a6bfb575b7cb3cabfd3a134a9ffffd77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cA3qwkUjGD18w1r5DqcWZnbptsWqP5x7
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hNWUoeMUfh3EIcH9HdDsXJXvdLIQ_esicBijfLrzgL37NmrAG-J4xQ==

GET
H2 200 42.1d3e72f0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 40 KB
12 KB 131ms
130ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

42b6a4cb0223e8edcf8a735efce1e53d8ab0b2604f31606ea6e4e454755a46de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"6bafacd7106b1f1a919e0d9db9ac2d45"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PsraKE5Rqpn1WCq0VTYjZOvkR1qNgwsQ
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xw7FlXpdJfAuyBvejFvfHUb8fbNHmik2TB832NLQt4soD3Rwshza2A==

GET
H2 200 25.3ad21d5f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 42 KB
12 KB 131ms
130ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.3ad21d5f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

e9618225f87a07ea43af2674ce4207adfb0897b1bb6aaf2157b502ee89538aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"505015ae57a46f8d45f6393ec7549ede"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Mo_zy1ksUoC1wF0C0Kb2Mfkbb80QKle1
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uII8GKOTfrBwOJIhiNyDFRtoXIR7zorBtTGrkBfJCiiyHYl4zqNVUg==

GET
H2 200 40.f7d72950.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 23 KB
7 KB 131ms
130ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.f7d72950.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

f469f0f2ec90c279cfe0e1a54b280d51e700fd6454ca7bffd7202df3dd7d6b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"8d32077d11bf130936ad9f6b2796c9e5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IztndX_FtIwJA1wjdnknjusFhKQvrAWn
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FTW8yZ0JrdDk7LDrCTGXc5Uc3o9VcoX75Enf0SbdwklrNiivQaDWmQ==

GET
H2 200 22.9acf1962.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 16 KB
5 KB 131ms
129ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.9acf1962.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

0bc5a66e21f8648156fcbc214136ac5ff60d0adc8c9e438a2b769a83f5075d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"8270d313e55bc5cda4436c12c7c8efca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: BDxh3Fo2DoBJW9cBWFp5.5s4o4CX96EV
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7k177-nuxojjitjww-DvldUNVuIOHHWrpodmzH_9uIpNSfMZNY2BqQ==

GET
H2 200 36.2cef282c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 17 KB
6 KB 131ms
129ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.2cef282c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

9ae3331ec7a341b12a352038820ade9dfc4f8946ec365397abf5b5a9a6f74b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"927e45b8993175159e1e9856122c937c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ao6lr74fcDw5JSJPXySF7ZNwybNy8h6G
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2E-z7LS90udAECvpDN34eqTBSO6eIxfDoiS6N0necmaB3LM6A04rpw==

GET
H2 200 32.48b4a528.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 48 KB
15 KB 163ms
161ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.48b4a528.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

106a6f15d7a3e5d58d45ec5cdc5895303f8d89fb297d7144776d6a61ed43ec88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"a78e63a18295c0d6b9b738183ec44511"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u_Z8TtISpqZ_5Q3EUL9.qOa_OzI.rDBV
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DmGL_ZIbAaXEWGUcgFUsU5MOrN56VdXQMLePPK8gM4uYvpZDhFGfpw==

GET
H2 200 18.afae54c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 29 KB
8 KB 163ms
161ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.afae54c8.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

e7657b3001a9523fb81152df7eb790ac0e7c7a163d06c31c5052b6e1b25ca77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 3296939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"aa46b8d2411ca710860501cb70b87aa6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RsEAITRzirmwXWJLuxexiqSCME3tTtns
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xkB4Dn0BEJfYfAC-aPMY46Nzdglhn4r4ZjLLu9G-qNK5oxHro-12Sw==

GET
H2 200 19.96441b8b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 39 KB
10 KB 163ms
161ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.96441b8b.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

2f5cdaaa7889492b45c17f3fd0d79f8a7f72fccb1bb40ad956b37bf11d8c0175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 03:42:17 GMT
content-encoding: gzip
age: 5493643
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 20:09:57 GMT
server: nginx
etag: W/"854e298ba40cc0c37109059dacdab629"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: BtgfGu2GND91Cxq3pce9T6PierGsKU53
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UckP1-Bh7xOAmwOhTZLPSlm8_RRFVJE7XwUTinP8DeIE2wRd07dSGA==

GET
H2 200 38.352fecdd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 52 KB
18 KB 163ms
161ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.352fecdd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

3356dfe5f7449f95f2518779c2cde62577d323f32a8742179400e24d242aa820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"f5344e718d92b730a8438d79fcbc17e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6tdMMIlFk57Tdpv5c9NuZd0QguYiTalf
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Xf5Z9W0jr_TtiU6TpvN78fKQYEKcT0JZiepRI6HO2IyaKvX4B_f01g==

GET
H2 200 35.57bc2812.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 24 KB
10 KB 163ms
161ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.57bc2812.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

6336f71e33dee69b46657b12675fad734c11b8fb43782f5db75d5cb3ce84d785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"3749f56217551e2a96eef995213d9832"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OYsSCDH.OueWQ7Fjc3Wye7OLkxk5vnaR
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aBFSf4PMYOsDbgbH7XZxCRvOE_d_GiOrmf9eTW0IWpnJt8bAeIKh_Q==

GET
H2 200 24.7bbe74f0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 14 KB
5 KB 163ms
161ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.7bbe74f0.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

76f73bfe436a71077f252ade8fb13fdd724a8f1a40fa2ec8bcf65b413a0e6939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"c7ac762c256cb1f0ca73524a8cd0714b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nlhdhxhcru.01V0uXFfcDupLe.RJ8qN2
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iCXrBcY3xcENcqkmowKEdCT3c0ur23HMEfGmLRBYubwNzTlDFGkr9A==

GET
H2 200 14.b0278960.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 60 KB
21 KB 163ms
162ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.b0278960.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

d75c1823f06b25faffc4d8177e4fbad465186322ee07a862adabf1de9f6606ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 3296939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:10 GMT
server: nginx
etag: W/"f0ce14b295202c78f02177e314fdf340"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XvmmE.MlaEpf2uz.SJHuSFnPeHj97JvY
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jSBKYKrVoa8sgdUGXnV1yrYxuBFIFwOD3lxDoM6sdkeJHkGW6WrJgQ==

GET
H2 200 main~493df0b3.c9e16b09.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 21 KB
7 KB 163ms
162ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.c9e16b09.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

77af654a0951e9a142e3378e3095fe84c189836e76ffe57cbdebaa179c850c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 20:02:22 GMT
content-encoding: gzip
age: 1546839
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 20 May 2021 19:48:36 GMT
server: nginx
etag: W/"01f7cb02a3313d3a0b5f194c6db0705f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ktgpRE9pv8lYGI8L6a1AFGZHBA.zK8G1
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G1JVF8dlcxLxa5Lu9BFmhzDhYQqc1mDwYhbB84_tsaEzbSQd70ehsQ==

GET
H2 200 main~970f9218.c16a32d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 64 KB
17 KB 163ms
162ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.c16a32d9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

b729a732630cb2982e263083eda58a88181849bc58bda4f4ab951853e59c2cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 18:28:49 GMT
content-encoding: gzip
age: 256452
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 17:53:38 GMT
server: nginx
etag: W/"ddf5ab84d4375a96f166c55f1e9d2364"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q6uX_DEKens8A0Ynn8z8rRffoAytuceo
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gxGE-ZlY0SlgtB5t7tfoPTaFlaqIB4wUj5adbsE4yOeLh6JXjYotnA==

GET
H2 200 main~89e24786.6a49a134.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 65 KB
18 KB 163ms
162ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.6a49a134.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

297cd80b4252e15bcc935658af668724a6e585e147618bd30131a27c7f84dab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 18:28:50 GMT
content-encoding: gzip
age: 256451
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 17:53:38 GMT
server: nginx
etag: W/"1231cd411994e9ad2fdb7904122da2f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8LpT4bJxbsp5yhSIEG_7eUdSSe9vLNOp
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2taGswS9xBQx0ALPsQZrEjB1kKG_nIIWGh9hfuZ_jpX6lPOD3sHMzA==

GET
H2 200 main~53ca99a6.772e8e18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 30 KB
10 KB 163ms
162ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.772e8e18.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

94797ee870f7f0f1ce73170fde6a5f76ed45dc56283c098afd63edb26f5f5feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 18:28:49 GMT
content-encoding: gzip
age: 256452
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 17:53:38 GMT
server: nginx
etag: W/"a989d544e0e58c61e57903cf2d0cb048"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JnbqhXzDq4XD70e6FLSqbvd7d2PRV4pN
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V92ryt_0nvSf-llw4NFyeNfErX_-Pd5iXIxJnuRL_WpwuEpZMcpMeg==

GET
H2 200 39.f00f9225.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 6 KB
3 KB 63ms
62ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.f00f9225.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

fb6a54fd0ea4287ed803a20a197516820c7e13ee66649e7c99aeefd06b646543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 1806797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"ba8635d920070dde24a0a4a9e3177b21"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QT91uxvWeWY83BLBOcxyM7AH84IphadG
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LAWtNpGNq0z39pA9mF9BBlatnXpr3NMPU7n_0LOj80we7Ck45bcHcg==

GET
H2 200 37.44c05d56.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 107 KB
34 KB 63ms
62ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.44c05d56.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

2badd5eb27f506ea9c8c6e77ae1f938883ac131e2294c4e02bfbabc70ce9e6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 1806797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"714e6baa2fa3579ac720cb0419c3f11a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _Oz3INBC0zU_UOCtnzVzgHjtUphoYphb
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v2HLuz7094zPkqd4LgbFVsprsjj6xO83mK9IIA0uqd74xT78HrsvaA==

GET
H2 200 30.5caeefdb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 27 KB
9 KB 63ms
62ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5caeefdb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

dcc9b82683719d082db3ba8d6927ac8a03dd5c01d80e6fbe9418badf1e27270e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 1806797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"607a066f07dd87bede92756538ea6d80"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZUr_AKrPYQW_2.EmmPhOrtB9Te6gjsz8
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L0B8b22ZlijTjGK9LtGLJYeu-dvnshqTzNWdOVJyjnGnUSi3gkmnvQ==

GET
H2 200 33.4335bc3d.chunk.css
js.driftt.com/core/assets/css/ Frame 6115 1 KB
1 KB 64ms
64ms Stylesheet
text/css 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/33.4335bc3d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:06 GMT
content-encoding: gzip
age: 352855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:26:36 GMT
server: nginx
etag: W/"7362dc7cbde5becc44253ec6d0061465"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: T8r_1brQGQIS6Tv5aX1yn9Rddg.QFD01
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QIulXH-hasIFlUHcx5u0LPWF5E3Va2ACCw3nJDPCJbchzN2SgPv2xA==

GET
H2 200 33.9ce80c6d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 5 KB
2 KB 64ms
64ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.9ce80c6d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

3893e6855291b855da42fd61571fedb384ee14653cf1e3d3d51e39670c2ae117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 1806797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"58bc8d55464bff3c868c28bb227d9eee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4lOEwzxcOLiGAQnBQRS4iZJ3160_Puxf
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eiXOFARHBX0sqkKrjHU8pVs96TJX2Z0KCNySw8ZlcOrEHzkXmO2d6w==

GET
H2 200 39.f00f9225.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 6 KB
3 KB 62ms
61ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.f00f9225.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

fb6a54fd0ea4287ed803a20a197516820c7e13ee66649e7c99aeefd06b646543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 1806797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"ba8635d920070dde24a0a4a9e3177b21"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QT91uxvWeWY83BLBOcxyM7AH84IphadG
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -71my5u2u_VIKpfU5rZlEC5yWE2P_i_a4mCoQtoQh1L-B5LN6kEsGQ==

GET
H2 200 37.44c05d56.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 107 KB
34 KB 62ms
61ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.44c05d56.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

2badd5eb27f506ea9c8c6e77ae1f938883ac131e2294c4e02bfbabc70ce9e6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 1806797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"714e6baa2fa3579ac720cb0419c3f11a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _Oz3INBC0zU_UOCtnzVzgHjtUphoYphb
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cT5Y426x_yW6AM2_WKGWFPf9Ma5DZdaKmEr3mE6ftS9q_m1UP7Pf5A==

GET
H2 200 30.5caeefdb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 27 KB
9 KB 64ms
63ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5caeefdb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

dcc9b82683719d082db3ba8d6927ac8a03dd5c01d80e6fbe9418badf1e27270e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 1806797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"607a066f07dd87bede92756538ea6d80"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZUr_AKrPYQW_2.EmmPhOrtB9Te6gjsz8
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kDYefYzW7Kskjf9Fm_N8TJDA2JQOhogFxKUUCT73zmzrJQeLJEvNTA==

GET
H2 200 33.4335bc3d.chunk.css
js.driftt.com/core/assets/css/ Frame 69B7 1 KB
1 KB 64ms
64ms Stylesheet
text/css 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/33.4335bc3d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:06 GMT
content-encoding: gzip
age: 352855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:26:36 GMT
server: nginx
etag: W/"7362dc7cbde5becc44253ec6d0061465"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: T8r_1brQGQIS6Tv5aX1yn9Rddg.QFD01
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lmPNtq2xvOCWRcNCWH-VOngL60KuFeuWJ2nlCOoZXZ44eH9THujJVA==

GET
H2 200 33.9ce80c6d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 5 KB
2 KB 64ms
64ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.9ce80c6d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

3893e6855291b855da42fd61571fedb384ee14653cf1e3d3d51e39670c2ae117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 1806797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"58bc8d55464bff3c868c28bb227d9eee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4lOEwzxcOLiGAQnBQRS4iZJ3160_Puxf
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aLEHtKASIUZpdYileiu1eVMl0F9wVhJYQt9lrH5U7a_-rkU1YOc-8A==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 17 KB
6 KB 62ms
62ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 03:42:19 GMT
content-encoding: gzip
age: 5493642
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 20:09:56 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bvebDL1.Un.JguoiHPya83IoDVEFSMX_
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vRGel-dLz89OkN2nuWN6a8yrDdTrVbjXiIOzZb9FZlM1wa6VLLQzfQ==

GET
H2 200 34.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame 6115 6 KB
1 KB 63ms
62ms Stylesheet
text/css 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 1806797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:45 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GojXQVrNiHbX0B3yzg6sYNjY3aFapEc5
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hreEWS3bda8QvomPiV8XEApRHW5hpHGkDoieb_yPTnHon3jRfwy3UA==

GET
H2 200 34.4fa1cbbc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 2 KB
2 KB 63ms
63ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.4fa1cbbc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

dba147571ae378baa0e02df9ae74e2b31e2c98ac93f3ada63eb82c8413ed116c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 1806797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"6f3f5f373c0388a3c51db3a25fc4bfad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FeulpfeVlatzfNLgL3hOv1wu.IMZcaIo
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XZDVJ4UV7GSpmfDrZYGXVAImFdaKz1FBcPGHaDv72zdlbZ6ME_kyFw==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 17 KB
6 KB 62ms
62ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 03:42:19 GMT
content-encoding: gzip
age: 5493642
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 20:09:56 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bvebDL1.Un.JguoiHPya83IoDVEFSMX_
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yBwymKDEcp3VrY_2iTteu41Y_zRN5eFbjBT9f3Ir-LmPQhL5BdbRjQ==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 68 KB
20 KB 63ms
63ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 03:42:19 GMT
content-encoding: gzip
age: 5493642
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 20:09:56 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KvAdLkzmP1SsvzM2DTGFxj7fEse2FnUv
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CITRxXcuVgmRXj6N_Nvgvr4ZgM0jF464HN9JDlTDxII0xhNIfznISA==

GET
H2 200 29.af23633f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 42 KB
12 KB 64ms
63ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.af23633f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

7c59ba72953cc99b7cc6735de0285f154a29e30b5fd5d5b04d819ed22d21bc3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 1806797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"e44e4be66b3069982f14c73c09e21042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fotuwu4LjY0Fjw9Gx8sj1O0oPzVV4rN5
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PyZRXYmNZ-2natgvPfZ-24E_VRr9d9PT5t1Qe3bKRIxqBW2xyRkBfA==

GET
H2 200 2.9e348098.chunk.css
js.driftt.com/core/assets/css/ Frame 69B7 2 KB
1 KB 67ms
67ms Stylesheet
text/css 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.9e348098.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

e90d57f411dd7b15b40912a0054905950c28469a3feb592e6c3ddb74d2ef5915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 352854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:26:35 GMT
server: nginx
etag: W/"97eba23aec3d21fff25c5114b738526d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: X7.U5pNSEiBC_Ve7E1M4nL1G5oIwqWQO
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AqrVnUni7KS5KNB5pEGKJjjO1PCBoXeg-xajuYjIoUBUBLxcuP1YCg==

GET
H2 200 2.2de27467.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 33 KB
11 KB 68ms
68ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.2de27467.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

9ba715a58eb9b70daaa7a92c9352a2bbb930f6a21bd13606f94cb967c2d52d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 16:02:19 GMT
content-encoding: gzip
age: 265242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 15:47:23 GMT
server: nginx
etag: W/"d2b21b242288c5f78081b8b872a68139"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IvRPh7kn7qOQrrDVEUnFjHo95lsljO_Q
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tcrdsuCd2s5B73XPuvp1OWpFdzSxzC-bmHcXLwGYTehzTWdh51Wc5A==

GET
H2 200 28.44736ae1.chunk.css
js.driftt.com/core/assets/css/ Frame 69B7 8 KB
2 KB 72ms
72ms Stylesheet
text/css 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.44736ae1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

8c58a438125e389f81b62999773d8d6cb9e25828bb6049248faa04c12d2bc8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 18:22:23 GMT
content-encoding: gzip
age: 1034438
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 17:36:25 GMT
server: nginx
etag: W/"8b77004f90a97a8796e83c50f9e084d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VTL7YzENnmWXyCBUsKQb8BXlyKIgAsgS
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nqYvVO_dchMGSp3xM4cw-gL2t1vu9Nya5rQt2NcFDLkWS8mChovIxA==

GET
H2 200 28.11df93c9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 65 KB
19 KB 73ms
72ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.11df93c9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

3a575289613659ac3269997bd6574ed189f53b4973ba79a6576ae260d02129bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 18:28:50 GMT
content-encoding: gzip
age: 256451
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 17:53:36 GMT
server: nginx
etag: W/"82e2b734bcb3f21c2c6ef3867996b46d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nrbGGXxWFL506oMQg3slceKt2wXd8EN6
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FUqtAMsxGuXz7jGA5lLA2uoFGnENrVkv7_Ew8bDxe0RLJv7EcQtg8g==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 68 KB
20 KB 72ms
61ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 03:42:19 GMT
content-encoding: gzip
age: 5493642
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 20:09:56 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KvAdLkzmP1SsvzM2DTGFxj7fEse2FnUv
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FuRlNtz5tbJ4HtcFg9pmLIikhmB68u-EtjPhQzbQ08pKSkwyGUcy1Q==

GET
H2 200 7.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 6115 7 KB
2 KB 77ms
70ms Stylesheet
text/css 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 3296938
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:09 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qRE432HVQ7Y1w.s9lcCBDT5jZX9YXsTD
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kCtl0jIlBRAsMveNzcD1HqDS4lrVSCy6kYgDt-tmLnjAaUJ4Ianu9Q==

GET
H2 200 7.d2b06f0f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 38 KB
13 KB 80ms
72ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.d2b06f0f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

a700f71fb1bb8fbba02eb3a6e70c73441e24337c4521bacc1c4e2b97d7b191a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 3296938
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:12 GMT
server: nginx
etag: W/"d22fa8dd9fdbdcdde74443bcd7a64fa3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xnIs15mgedQOb8VhFDNVv2E4rRhqKdBF
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eKQ1Eui2iyb7QppKz0jwBNi6mHOya3vfnLLUjGKzQe2ODZs0wdDYQA==

GET
H2 200 4.83e6fbb0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 50 KB
14 KB 79ms
72ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.83e6fbb0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

773e03ac001d0d50aa313e801d59d2acb8e8740d969a218e004effc8f1334ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 06:38:37 GMT
content-encoding: gzip
age: 1249464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 20 May 2021 20:12:30 GMT
server: nginx
etag: W/"1055d5233f397035f9106d9c6067332c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: P1iJnGdXOWXUPrAK2.YElODy99sYnCLh
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1xGlLf9W2l03lH_HoX0Qu-J3vmea1JXnPtTSG_zmIaTfg7779RO1fQ==

GET
H2 200 2.9e348098.chunk.css
js.driftt.com/core/assets/css/ Frame 6115 2 KB
1 KB 77ms
71ms Stylesheet
text/css 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.9e348098.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

e90d57f411dd7b15b40912a0054905950c28469a3feb592e6c3ddb74d2ef5915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 352854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:26:35 GMT
server: nginx
etag: W/"97eba23aec3d21fff25c5114b738526d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: X7.U5pNSEiBC_Ve7E1M4nL1G5oIwqWQO
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZChhWAr04M9PNZCAECfc1Jw13H8P5O_eaDkydunifoS-ASOUo0KJ8g==

GET
H2 200 2.2de27467.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 33 KB
11 KB 74ms
68ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.2de27467.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

9ba715a58eb9b70daaa7a92c9352a2bbb930f6a21bd13606f94cb967c2d52d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 16:02:19 GMT
content-encoding: gzip
age: 265242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 15:47:23 GMT
server: nginx
etag: W/"d2b21b242288c5f78081b8b872a68139"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IvRPh7kn7qOQrrDVEUnFjHo95lsljO_Q
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -SbMP04gtSiW877OA_C4w_7TR5mPmJLfTeFugwdYsfTSrEhecvS1_w==

GET
H2 200 8.095c1bdd.chunk.css
js.driftt.com/core/assets/css/ Frame 6115 11 KB
3 KB 76ms
71ms Stylesheet
text/css 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.095c1bdd.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

7c7de094077ca042a6043ba4f991d61f8c23718d9431f1c5f59341293b368f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 352854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:25:57 GMT
server: nginx
etag: W/"234bd0a4c41e2519e5ca8630aa478e83"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 503SkCtCybYikCzlhcj4icSZpN2cEB5I
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZU_V4WHKdk95iMmoqLmdiemlkoV-r7T-wsIYCgFB9KxGb5waiLYhMg==

GET
H2 200 8.9a9c8b93.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 16 KB
6 KB 79ms
73ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.9a9c8b93.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

48162d4dc7134f7c3e9a7f536071ca2e275547a42b4aba000e25d601c5fc586b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 352854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:26:00 GMT
server: nginx
etag: W/"a90d94c54c26ec2b471d8c34e455f34b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fuuEB4qDEJXCRrK3RGzKp.2ZQflmNBUL
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aF5B1_x9u2wueiJzEXV4FjxmrXYgzIyRAFxWyVJMWvfxT0viy2Bjeg==

GET
H2 200 6.be43392b.chunk.css
js.driftt.com/core/assets/css/ Frame 6115 6 KB
2 KB 76ms
71ms Stylesheet
text/css 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/6.be43392b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

e12f41f00e2ee8a10327a832e9f228d9a21e346f300eb483233171c5d86ecb60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 352854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:26:36 GMT
server: nginx
etag: W/"3474c814e1241a585ba13f3170881693"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MTrFIW.ZdI7k.J4AhyAYsKB6_1Zaxw6x
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TOav5iIquWWw-xJG-Zaeoe9A-AxQ6kdqsvpbfbPQdXYUfNJo32ewwQ==

GET
H2 200 6.83a287cf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 14 KB
6 KB 77ms
73ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/6.83a287cf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

cdaf9710ff27931eb0f8f8b8e8df97faf4a7791725ef647de6585bbfc8f5909d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 352854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:25:59 GMT
server: nginx
etag: W/"4afd68421c4dd4e8c9e7706d38352647"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: BqgKbtFo.0MRb6lWIBuZNjY8MsqCnqtE
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zp_x2o5iiu4f4S8kVkxj5rM96vIkkcXmpdySXtfyjJtM-84U89aKjg==

GET
H2 200 3.29dd2872.chunk.css
js.driftt.com/core/assets/css/ Frame 6115 34 KB
6 KB 74ms
71ms Stylesheet
text/css 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.29dd2872.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

6b4275d3753a0f2a5c8e53ccd4122424f7327f4305b4c25a014edee1049ab8ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 16:02:19 GMT
content-encoding: gzip
age: 265242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 15:47:20 GMT
server: nginx
etag: W/"506e7e1c04203dfd1a4244f95b95805b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wsgnP5EyjbdtzRQEqeqAsvhDK35cKp2m
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Fbxw5er_zlwtWmfvouKps0szqZ1N7Snzu64oFySMJRKbVXYLlUrMXg==

GET
H2 200 3.55e8c0b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 65 KB
20 KB 77ms
73ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.55e8c0b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

92bf6b91a9db0547313b5ce4596a5c0f7066f1eb6b6f06c83d29266c4c213730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 18:28:50 GMT
content-encoding: gzip
age: 256451
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 17:53:36 GMT
server: nginx
etag: W/"2d4713e4bb8022ce65494e0075b264f6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jTOyeHt1vOrUqiDFUzHu_SP9EadWVcjR
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mNZ2ayA-YlQk_Jws14jgH2bE4l-Lite7TT2ZMgfot50g3T7CN6lCAg==

GET
H2 200 5.02b24796.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 17 KB
7 KB 77ms
73ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.02b24796.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

fb0ded369b5797d816af068c7107e5fa22c9946c5c35c1abf3c0052499718ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 18:28:50 GMT
content-encoding: gzip
age: 256451
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Jun 2021 17:53:36 GMT
server: nginx
etag: W/"e883b61610f2de7f4bac18a1731a30f1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KuI547tF5m6DkibWg9F13XzgfyVyZp.F
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BhOVVf08WCl64mtcJ7Kqh8nuJEtkETnXlg0TE3FCOtveSAHXlDZSEA==

GET
H2 200 26.0bf2e3f0.chunk.css
js.driftt.com/core/assets/css/ Frame 6115 16 KB
3 KB 74ms
71ms Stylesheet
text/css 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/26.0bf2e3f0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

917f10213cd679cc8f0c4ecae0ef8cb348ca67b1fef1fde0dfae321a29b69fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 352854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:26:36 GMT
server: nginx
etag: W/"6cf3c1bd60400db9f51cb55e82270816"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fR_4WtHAIe.uEZdgdFMBlJrIg8WGmOAH
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UdJSViBIv2lrqMoljfeFjiAM1Vz5apFsy9-UbOIPKq8UZ8F_mFIlXQ==

GET
H2 200 26.143bb96d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 21 KB
7 KB 76ms
73ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.143bb96d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

fe9911d502cf7fd206847d156bdf63eb2cdec763d2ab788ff05c2d70baf3e00a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 352854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:25:58 GMT
server: nginx
etag: W/"90364f6daa1c9e95cc3b7b4d716eb1b4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IYd80aUr.W2DIbYET5qzchJjGsiQ7Elk
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Fwa8r8GdKqfpfc2h-sJz3Q7BBC65TvxDP8bRA0mDrSvD4XUm1S85iw==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 412ms
126ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Jun 2021 17:43:02 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift88cd48645b5b61683cff791e7da
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 69B7 25 B
123 B 144ms
144ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Jun 2021 17:43:02 GMT
server: istio-envoy
requestid: d4ddd33ace3d5bfe
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 8z7ynkcdvg2s.json Show response
embeds.driftcdn.com/embeds/ Frame 69B7 78 KB
14 KB 161ms
58ms XHR
application/json 143.204.209.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/8z7ynkcdvg2s.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-100.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce70a47b5dd31d8f9f9200adb733fc6ecd15af4cd0cd5b6ff2f4a134f67985ce

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:42:39 GMT
content-encoding: gzip
age: 23
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 16:46:34 GMT
server: AmazonS3
etag: W/"3040c398ae106528c1e74c5b05faa6de"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: lCfemYWz9LR9YML7u5_UOSqn0ZNzbfdKP1vUmbe4DEEJTOL0rYd0aA==

GET
H3-29 200 css
fonts.googleapis.com/ Frame 69B7 4 KB
643 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.2de27467.chunk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 16:25:25 GMT
server: ESF
date: Mon, 07 Jun 2021 17:43:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Jun 2021 17:43:02 GMT

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 69B7 6 KB
2 KB 1038ms
784ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

52bae8254c9e0e2f42c77d9b1155db46cd09e2a0b8692fc1df31059fa652db0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Jun 2021 17:43:02 GMT
content-encoding: gzip
server: istio-envoy
requestid: aba40f7a546632b8
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 657
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2072
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 8z7ynkcdvg2s Show response
targeting.api.drift.com/hours/availability/combined/ Frame 69B7 53 B
118 B 1312ms
1312ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/8z7ynkcdvg2s

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f50c7f875201ca815f36e8bcbeb1f6b95eabc7fe8669e51dfa6b0afd8c993bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5OTExMjc2ODU5IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTA0MzIzNSIsImV4cCI6MTY1NDYyMzc4MiwiaWF0IjoxNjIzMDg3NzgyfQ.KAsf-H6qGz7xbOXAC3hQF7cMoRFmZoghF0v6LumR__8X28Rra4W_H9xSHn2-U6hbMljX5Cbx93vw0qdMYCyAYQ

Response headers

date: Mon, 07 Jun 2021 17:43:03 GMT
server: istio-envoy
requestid: 69c47993bdc88e7f
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1188
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 53
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 8z7ynkcdvg2s
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 156ms
125ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/8z7ynkcdvg2s

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Jun 2021 17:43:03 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: HEAD,GET,OPTIONS
requestid: driftc2ed39d452aa0d1f0f514c01601
content-length: 18
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 track Show response
event.api.drift.com/ Frame 69B7 939 B
1 KB 122ms
121ms XHR
application/json 52.0.189.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.189.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-189-149.compute-1.amazonaws.com

Software

Resource Hash

621ddbd5aa502855b2e78e4895d691e26c5173e99a185372e45143eea3af925e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5OTExMjc2ODU5IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTA0MzIzNSIsImV4cCI6MTY1NDYyMzc4MiwiaWF0IjoxNjIzMDg3NzgyfQ.KAsf-H6qGz7xbOXAC3hQF7cMoRFmZoghF0v6LumR__8X28Rra4W_H9xSHn2-U6hbMljX5Cbx93vw0qdMYCyAYQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Jun 2021 17:43:03 GMT
requestid: 79cb363ff86f162c
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 939

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 389ms
123ms Preflight
text/plain 52.0.189.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

52.0.189.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-189-149.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Jun 2021 17:43:03 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: driftcb61e4042e1bd7f8024566f426e

GET
H2 200 47.d1ec1cad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69B7 17 KB
6 KB 61ms
61ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.d1ec1cad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

4f7b7bbf5225cd88e68285c8d02057dd19cb7e7a12d4465f67c9cd2976aeee29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:45 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"df31a79a2de4ba62caa657c97430e66a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DMAn20D8bvI5mDi60vBr03OzyuS1ohG6
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eGBqbhwX3SKLM1itLbgllaYtEuGcqi9Ky-KiyS5_ZLHvVEA63r6uWQ==

GET
H2 200 47.d1ec1cad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6115 17 KB
6 KB 61ms
61ms Script
application/javascript 52.85.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.d1ec1cad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.5a33875b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.170.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-170-42.bud50.r.cloudfront.net

Software

nginx /

Resource Hash

4f7b7bbf5225cd88e68285c8d02057dd19cb7e7a12d4465f67c9cd2976aeee29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:45 GMT
content-encoding: gzip
age: 1806798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"df31a79a2de4ba62caa657c97430e66a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DMAn20D8bvI5mDi60vBr03OzyuS1ohG6
via: 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uu9Q8wvNazlu__H280EOD4Ps2ok0i4GoL8prloVdsyUj5vxzA40Emw==

GET
H3-29 200 css
fonts.googleapis.com/ Frame 6115 4 KB
633 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Roboto:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.2de27467.chunk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 15:47:46 GMT
server: ESF
date: Mon, 07 Jun 2021 17:43:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Jun 2021 17:43:03 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 6115 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 551369
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Wed, 01 Jun 2022 08:33:34 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 6115 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:49:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 499996
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Wed, 01 Jun 2022 22:49:47 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 69B7 25 B
88 B 139ms
139ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5OTExMjc2ODU5IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTA0MzIzNSIsImV4cCI6MTY1NDYyMzc4MiwiaWF0IjoxNjIzMDg3NzgyfQ.KAsf-H6qGz7xbOXAC3hQF7cMoRFmZoghF0v6LumR__8X28Rra4W_H9xSHn2-U6hbMljX5Cbx93vw0qdMYCyAYQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Jun 2021 17:43:04 GMT
server: istio-envoy
requestid: 18de988eaa5bccc3
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 124ms
124ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Jun 2021 17:43:04 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift39a83ff4249a7a2ff40d52955ef
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 69B7 1 KB
531 B 128ms
128ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

c4cccb877f998d1ae5604883a31ff18bd6c6748ea3a8ed2dab8cdbac8ae037f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5OTExMjc2ODU5IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTA0MzIzNSIsImV4cCI6MTY1NDYyMzc4MiwiaWF0IjoxNjIzMDg3NzgyfQ.KAsf-H6qGz7xbOXAC3hQF7cMoRFmZoghF0v6LumR__8X28Rra4W_H9xSHn2-U6hbMljX5Cbx93vw0qdMYCyAYQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Jun 2021 17:43:05 GMT
content-encoding: gzip
server: istio-envoy
requestid: 5a08bdb0653d3bee
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 442
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 124ms
124ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Jun 2021 17:43:04 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift8c24a954d8f88e5deeb6377bbf2
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H/1.1 200
OK me Show response
l9bjkkhaycw6f8f4.soundcloud.com/ Frame 3A44 0
434 B 235ms
107ms XHR
application/json 52.85.120.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l9bjkkhaycw6f8f4.soundcloud.com/me

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.120.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-120-47.bud50.r.cloudfront.net

Software

am/2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 07 Jun 2021 17:43:05 GMT
Via: 1.1 7a4584fd3c2a27bbe552d92ba541848b.cloudfront.net (CloudFront)
server: am/2
X-Amz-Cf-Pop: BUD50-C1
strict-transport-security: max-age=63072000
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: XudANEKMBV_gMaZeE7bhFY4cIptuTr9Vt2hev1rdIODyS-47uCcWNQ==

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 69B7 25 B
84 B 124ms
124ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5OTExMjc2ODU5IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTA0MzIzNSIsImV4cCI6MTY1NDYyMzc4MiwiaWF0IjoxNjIzMDg3NzgyfQ.KAsf-H6qGz7xbOXAC3hQF7cMoRFmZoghF0v6LumR__8X28Rra4W_H9xSHn2-U6hbMljX5Cbx93vw0qdMYCyAYQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Jun 2021 17:43:07 GMT
server: istio-envoy
requestid: fa6af88f7a5cc642
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 124ms
124ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Jun 2021 17:43:07 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift712e8b7459dadd6441cc11b89ab
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
resources.digitalshadows.com/	1970-01-19 18:51:29	Name: drift_campaign_refresh Value: c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c
.resources.digitalshadows.com/	1970-01-20 03:37:03	Name: __ar_v4 Value: %7CM2GUWUTBBJFFRJ7RPYG7FT%3A20210607%3A1%7CVD4NA2LPTRDHFCOWWLH536%3A20210607%3A1
.digitalshadows.com/	1970-01-19 18:51:27	Name: _gat_UA-24205771-1 Value: 1
resources.digitalshadows.com/	1970-01-23 10:27:27	Name: _ccmsi Value: 1623087779745_mwb7u5s77\|1623087779745
.digitalshadows.com/	1970-01-19 18:52:54	Name: _gid Value: GA1.2.47542810.1623087780
.digitalshadows.com/	1970-01-19 18:51:29	Name: trwsa.sid Value: digitalshadows-1623087779675-b3df1154%3A2
.digitalshadows.com/	1970-01-20 12:22:39	Name: trwv.uid Value: digitalshadows-1623087779673-cc6f8f38%3A1
.resources.digitalshadows.com/	1970-01-20 03:37:25	Name: __adroll_fpc Value: 2b78f3abea6d542f30fcd95dd574e2e3-1623087779929
.resources.digitalshadows.com/	1970-01-19 18:51:31	Name: _ufas Value: c457ec91cef341e7b5a24076f9f6bdd3
resources.digitalshadows.com/	1970-01-20 03:37:03	Name: pdf_event Value: WyJbe1widXVpZFwiOjE1MDk5MDA2NzR9LDE2NTQ2MjM3NzhdIiwiY2E0YTE5ODI1OGVhZGU5NWU5N2ZlOGViMmQ4ODZmNDciXQ%3D%3D
.digitalshadows.com/	1970-01-20 12:22:39	Name: _ga Value: GA1.2.1891057759.1623087780
.resources.digitalshadows.com/	1970-01-20 03:37:03	Name: _ufav Value: 4567d01be9b5490c90b5c286c8c162c4
resources.digitalshadows.com/	1969-12-31 23:59:59	Name: _MGZ_ Value: n6pu9s8lf02ejhtir13lg7r5m9

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js(Line 1) Message: UF: Pollyfill not needed for UFA, skipping.
console-api	log	(Line 69) Message: JQMIGRATE: Migrate is installed with logging active, version 3.3.2
console-api	warning	URL: https://cihost.uberflip.com/digitalshadows/master/build/onbrand.bundle.js(Line 7) Message: OB: Babel polyfill detected, Onbrand will not apply its own.
console-api	log	URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI(Line 2745) Message: [object Object]
console-api	debug	URL: https://s.adroll.com/j/roundtrip.js(Line 92) Message: Both the NextRoll v1 and v2 pixel detected?
console-api	debug	URL: https://munchkin.marketo.net/160/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 457-XEY-671 [object Object]
console-api	log	URL: https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1623087779386(Line 1) Message: Flipbot > initializing...
console-api	warning	URL: https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js(Line 1) Message: jQuery.Deferred exception: Cannot read property 'collectionType' of null TypeError: Cannot read property 'collectionType' of null at Object.init (https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1623087779386:1:1576) at Object.<anonymous> (https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI:2632:14) at l (https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js:1:44090) at fireWith (https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js:1:44834) at u (https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js:1:46070) at c (https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js:1:46100) undefined
console-api	log	URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js(Line 56) Message: SoundCloud Embed Player (api-web)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-widget.soundcloud.com
bootstrap.api.drift.com
cdnjs.cloudflare.com
cf-hls-media.sndcdn.com
cihost.uberflip.com
content.cdntwrk.com
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
embeds.driftcdn.com
event.api.drift.com
flipbot.uberflip.com
fonts.googleapis.com
fonts.gstatic.com
i1.sndcdn.com
in.ml314.com
js.driftt.com
l9bjkkhaycw6f8f4.soundcloud.com
lonrtp1-cdn.marketo.com
lonrtp1.marketo.com
mailer.digitalshadows.com
metrics.api.drift.com
ml314.com
munchkin.marketo.net
p.typekit.net
pixel.advertising.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
resources.digitalshadows.com
rtp-static.marketo.com
s.adroll.com
simage2.pubmatic.com
snap.licdn.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
targeting.api.drift.com
unpkg.com
use.fontawesome.com
use.typekit.net
w.soundcloud.com
wave.sndcdn.com
widget.sndcdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.111.216.226
104.111.234.67
104.17.73.206
108.174.10.14
141.226.228.48
143.204.209.100
162.13.202.201
18.197.47.23
185.64.190.80
2.18.234.21
23.111.9.35
2600:9000:206f:2600:12:53a8:95c0:93a1
2606:4700::6810:125e
2606:4700::6810:7baf
2606:4700::6812:bcf
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9c
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba80
3.231.126.55
35.157.135.222
52.0.189.149
52.21.227.162
52.49.20.76
52.60.165.183
52.85.120.45
52.85.120.47
52.85.170.125
52.85.170.17
52.85.170.35
52.85.170.42
52.85.170.49
52.85.170.74
54.147.21.139
63.35.200.21
64.202.112.31
69.173.144.139
026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429
0747ff54c97be21f6b5976fbb1a8ae6e537dc7a6f6fbaa97e6cfe52bb11940a7
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0bc5a66e21f8648156fcbc214136ac5ff60d0adc8c9e438a2b769a83f5075d7a
0bdbd13a9da4238bc080d842dc7a9ec35b489331b7d62efb221190e1e2e7207c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
106a6f15d7a3e5d58d45ec5cdc5895303f8d89fb297d7144776d6a61ed43ec88
10c72098868883e139be1b482e781274bcde1caac60f31efd53e9e3089d8f873
12189c142e590f81abebf435bd3d8ce972def2493580ebe35af83b4c652a5e88
12cb6f4a3c9fd0d20d99973654a5ee6a58e1e280a28327834a0a671370f9fded
142559e2f626d248d31cc7d786414f8e83bd184d052347da6c0fd49ebd759158
1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1fb7ee27fdfb34869f89aa51d9af1cf86ecc6800ab591ec3ca78f155742200b2
208a9227a271f478d6fd8bcf698c7e78a5582e7a8b5698b6a8e503b426be531e
26afc3a3183b7730ecad405371a9141e19cc9d027323ac6d4e6d8173d67e5f52
297cd80b4252e15bcc935658af668724a6e585e147618bd30131a27c7f84dab4
2badd5eb27f506ea9c8c6e77ae1f938883ac131e2294c4e02bfbabc70ce9e6a6
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
2f5130bdca506ef5a667e15c9dcfb5e4d53ef0475f7a9934fc91a322b49b7fad
2f5cdaaa7889492b45c17f3fd0d79f8a7f72fccb1bb40ad956b37bf11d8c0175
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3356dfe5f7449f95f2518779c2cde62577d323f32a8742179400e24d242aa820
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
34789f98cc72efc62fcc72db2ff546d844e4fd6513ccb64eaf99a8152d9e6df3
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
373fafb398efb8e80d1e722c7c1aab823c1525490eb4b7c476bd0f99c6457b2f
3893e6855291b855da42fd61571fedb384ee14653cf1e3d3d51e39670c2ae117
391e82d13406c4bf676f02185f737fbbb4fd35b6f52db1c57670518076023477
3a575289613659ac3269997bd6574ed189f53b4973ba79a6576ae260d02129bf
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3f39269498936de2ed04dce9d3f22ea7098a3ea8c040e1189a1d153c1a2d34da
3f8527016d1ead6331a015e1fbf4e932d60b992eb004ad0a85fae18a232ba802
42b6a4cb0223e8edcf8a735efce1e53d8ab0b2604f31606ea6e4e454755a46de
47036c6546adb51c4a0f5c80986edcdd0dacae68b27ea6456a1f7b923ee0cff7
48162d4dc7134f7c3e9a7f536071ca2e275547a42b4aba000e25d601c5fc586b
486458a8400014a5f5008a7c19ab1d232a7b973addbca0f537db2897147acaf8
4f7b7bbf5225cd88e68285c8d02057dd19cb7e7a12d4465f67c9cd2976aeee29
52bae8254c9e0e2f42c77d9b1155db46cd09e2a0b8692fc1df31059fa652db0e
536914b449bd803aa669ee434350b85f2939daa64d9bcf5c54127b7dded730bf
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5c287b410ca59b2bf9e41efa7c18be3af7ce90be8387db018aeccd371bb7efb4
5e240679c3215c840cf754104fe7291c77f2f52ad551c95e8c8364d0124938ec
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
621ddbd5aa502855b2e78e4895d691e26c5173e99a185372e45143eea3af925e
6336f71e33dee69b46657b12675fad734c11b8fb43782f5db75d5cb3ce84d785
64ee239b6faaad3cb754ec0c952a0c60c493c39e25116f6d352bc23c6fc522f3
65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
69137757604031457dde4adedff28199a2dc9af2939807858a7979f2b6e691a7
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
6b4275d3753a0f2a5c8e53ccd4122424f7327f4305b4c25a014edee1049ab8ad
73442042723599bce8535f591fa5ecde187d59fa2c24498fa27d93db9c09d6fb
74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595
76f73bfe436a71077f252ade8fb13fdd724a8f1a40fa2ec8bcf65b413a0e6939
773e03ac001d0d50aa313e801d59d2acb8e8740d969a218e004effc8f1334ef0
77af654a0951e9a142e3378e3095fe84c189836e76ffe57cbdebaa179c850c5c
7b8791800987b9daa27029db8bf4599bd773b3110a72a4f5d1ea664509a74e65
7c59ba72953cc99b7cc6735de0285f154a29e30b5fd5d5b04d819ed22d21bc3a
7c6aa1a86a8d54a45831bd8208f03c928dc15f9de1fa5301b50cf75e10fcf7fe
7c7de094077ca042a6043ba4f991d61f8c23718d9431f1c5f59341293b368f32
7ff3eb81405e14ba4c2f89a57c4adfaac486f0b2b0e9754fd68d2ccbd82e8c09
7ffc641fd546db861d9fe2264fe5422f3cd3d7be32dd7aa8fe7e1d2d18d64505
817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485
81a4d8d5ead2162ef4d3ff1628ae1bb645dfb91b1d9792db6b3815d1078cce61
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c58a438125e389f81b62999773d8d6cb9e25828bb6049248faa04c12d2bc8a7
8f29ab3fa72b2125f781f53fa896f72712cb8868d4d4f4b0cc8aa1179b92014e
917f10213cd679cc8f0c4ecae0ef8cb348ca67b1fef1fde0dfae321a29b69fb6
92bf6b91a9db0547313b5ce4596a5c0f7066f1eb6b6f06c83d29266c4c213730
93325ddc7a79a67b0c0fae14552e11e5b318b864dd235fe532011f71b05e0bb1
933aaa63196ad7eecd28c93c753a1d0010a94a2cac8466ab6ec5814da3184aea
9413f1dd7c49e8c6b9bfea23bf5d80083db23141dab1e97ceb10baa29639105c
94797ee870f7f0f1ce73170fde6a5f76ed45dc56283c098afd63edb26f5f5feb
97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c
982366f1ad02914ee8f64b7b11ac8a7f9902b6050e10c269b171cd2e51db3dee
99adc45d565dba2a61e0a68299ad0561bfe2a4abc4ed59bed31f02f516896dc8
99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1
9ae3331ec7a341b12a352038820ade9dfc4f8946ec365397abf5b5a9a6f74b83
9ba715a58eb9b70daaa7a92c9352a2bbb930f6a21bd13606f94cb967c2d52d4e
9e8963fa542cea4c67f077b8c96dca2845075152898cdd46ebe3accbcdf8f970
a249bcffb2d8e92a3bdff919def43b14841803ad93b80ffa864db1090e007594
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4666c8d5ff5aa5625a151f0c6791a0734e6aa8b75ffbc99181b99f3c8199b25
a48bf122377ae956625be4a87785f8a6471190724d2eafb24a08fe5497c54006
a700f71fb1bb8fbba02eb3a6e70c73441e24337c4521bacc1c4e2b97d7b191a9
a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50
ae1663cbcdbdca7f194a1bb69d2176228b1562f3a88a7be212c3c3a474e0cafd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a42e37a1d6048a04aee2679303fcfb210e2df96abd3d753f09e767ddd245d4
b322a728ade366021f79f97550eb78da570ec8ee20199c9d9cd11750cee8a441
b729a732630cb2982e263083eda58a88181849bc58bda4f4ab951853e59c2cf2
b82a2dd43936317fee3dc469880686b83caab009d9e71a9953f25bbe8c1b34ae
b976ac86fa196f6e836aaee2d36ad059fc8d93600cb7b511f8d3840cb27d3958
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be3e74dbd9087c9f65fc9dd5ee31569b89224f667cab7edafd6ba15890201c2d
bf18a645a261091d5de4d21f52a2f4c355e90aa8195847df24c6e2421918e23b
bf5ad942f0146bb1f5c69e096fe80715448c3f857dc9317f0b7d7caabb31568b
c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91
c4cccb877f998d1ae5604883a31ff18bd6c6748ea3a8ed2dab8cdbac8ae037f7
c52956c4501510ba5ad2ac1b11f8ae403324a9d91bd70b664ff6c1726633ad8f
c6bb53f0930f886bd09e31ace88d76fdbd656c3dd74c124031d61a73637f0ba3
c923277b358affc41fcf4d0eaad4118834098809663c1f64c9fae020b6bf66f7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdaf9710ff27931eb0f8f8b8e8df97faf4a7791725ef647de6585bbfc8f5909d
ce70a47b5dd31d8f9f9200adb733fc6ecd15af4cd0cd5b6ff2f4a134f67985ce
d0c88bbd0c85d47d323bcd4bb8cb5009d0871281a560b9329afec9a0c4a88162
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d2d3262ff49a9af1fc37a9cc575c05654b26c25eb4b3db459a6a6c20904c8604
d75c1823f06b25faffc4d8177e4fbad465186322ee07a862adabf1de9f6606ce
dba147571ae378baa0e02df9ae74e2b31e2c98ac93f3ada63eb82c8413ed116c
dcc9b82683719d082db3ba8d6927ac8a03dd5c01d80e6fbe9418badf1e27270e
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd97eb92918ff69c3402bbcee55d4e3edf57992b4a902089bd49bfaab2fa9a34
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e12f41f00e2ee8a10327a832e9f228d9a21e346f300eb483233171c5d86ecb60
e198523c1c9689d4134c06007828e13a63c3c2d410b1f7a016e3f7628d6712ea
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68a75095286baabfe05d0fa77fbe4ad87daf8ab426e22f29d4c2bf414d64699
e6c99ce8b235805f81979007460813bc645d6ad3f423ddac1dd8fbe5a7b12fff
e7657b3001a9523fb81152df7eb790ac0e7c7a163d06c31c5052b6e1b25ca77d
e90d57f411dd7b15b40912a0054905950c28469a3feb592e6c3ddb74d2ef5915
e9618225f87a07ea43af2674ce4207adfb0897b1bb6aaf2157b502ee89538aa4
ec2176467366d4587d38c7d6ed4e0911386bd2bff33eee8969ad5070d9379818
ed0b56bbc8fed9cb2d0fcad537cf222e41a16d1e42342c48db5fe4e39d5f6e43
ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7
ed98dedbe15b339c752900e4cbbac66b8bd5f9c6bf230e3456303c994fef5010
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f073fc94623e5b384f0983aa10914f5d4cd5fd4fe08518f2948bea9e8a8410ad
f469f0f2ec90c279cfe0e1a54b280d51e700fd6454ca7bffd7202df3dd7d6b3b
f50c7f875201ca815f36e8bcbeb1f6b95eabc7fe8669e51dfa6b0afd8c993bea
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6147758447fff42053a630195696a0409d6fbb5bff518664461a672338a4551
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
fb0ded369b5797d816af068c7107e5fa22c9946c5c35c1abf3c0052499718ec2
fb63f20e251eb8f374ba3e774c2efa713eab3483d6b30e086fb317f67e1b695c
fb6a54fd0ea4287ed803a20a197516820c7e13ee66649e7c99aeefd06b646543
fc2d5ac3e4d6a84b97ac5858c03e2456a436e44256eac539c78665921509ba15
fe9911d502cf7fd206847d156bdf63eb2cdec763d2ab788ff05c2d70baf3e00a

resources.digitalshadows.com Open in urlscan Pro 52.60.165.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

206 Requests

100 %HTTPS

38 %IPv6

34 Domains

51 Subdomains

46 IPs

7 Countries

3851 kBTransfer

9293 kBSize

13 Cookies

44 Outgoing links

Page URL History

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

resources.digitalshadows.com Open in urlscan Pro
52.60.165.183 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

100 %
HTTPS

38 %
IPv6

34
Domains

51
Subdomains

46
IPs

7
Countries

3851 kB
Transfer

9293 kB
Size

13
Cookies

206 HTTP transactions
2 data transactions