www.bottomline.com Open in urlscan Pro
54.234.2.175 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Submission: On April 04 via api (April 4th 2022, 7:32:21 pm UTC) from US — Scanned from DE

Summary HTTP 197 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 56 IPs in 6 countries across 36 domains to perform 197 HTTP transactions. The main IP is 54.234.2.175, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.bottomline.com. The Cisco Umbrella rank of the primary domain is 431599.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 24th 2021. Valid for: a year.

This is the only time www.bottomline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	54.234.2.175 54.234.2.175	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:225... 2600:9000:225e:1c00:12:95e6:ac80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	51.145.21.84 51.145.21.84	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2600:9000:225... 2600:9000:2251:ac00:4:6246:6bc0:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.99.18 13.32.99.18	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
6	104.16.95.80 104.16.95.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
64	18.66.112.118 18.66.112.118	16509 (AMAZON-02) (AMAZON-02)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dc7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	54.220.54.122 54.220.54.122	16509 (AMAZON-02) (AMAZON-02)
5	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.62 18.66.112.62	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2600:9000:249... 2600:9000:2490:1a00:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	18.66.122.85 18.66.122.85	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
2	54.82.204.65 54.82.204.65	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.139.40 18.66.139.40	16509 (AMAZON-02) (AMAZON-02)
1	34.195.146.54 34.195.146.54	14618 (AMAZON-AES) (AMAZON-AES)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
2	18.66.122.76 18.66.122.76	16509 (AMAZON-02) (AMAZON-02)
1	162.55.95.216 162.55.95.216	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	34.250.211.64 34.250.211.64	16509 (AMAZON-02) (AMAZON-02)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	34.107.203.234 34.107.203.234	15169 (GOOGLE) (GOOGLE)
1 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	18.66.123.144 18.66.123.144	16509 (AMAZON-02) (AMAZON-02)
1	35.169.225.70 35.169.225.70	14618 (AMAZON-AES) (AMAZON-AES)
2	52.72.101.102 52.72.101.102	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	34.234.238.86 34.234.238.86	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.121.63 13.32.121.63	16509 (AMAZON-02) (AMAZON-02)
4	13.32.99.74 13.32.99.74	16509 (AMAZON-02) (AMAZON-02)
3	35.174.150.168 35.174.150.168	14618 (AMAZON-AES) (AMAZON-AES)
1	23.36.163.234 23.36.163.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
4	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
2	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.99.60 13.32.99.60	16509 (AMAZON-02) (AMAZON-02)
197	56

14 54.234.2.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-2-175.compute-1.amazonaws.com

www.bottomline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:1c00:12:95e6:ac80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-cs.conductor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.145.21.84 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.thaw6lily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2251:ac00:4:6246:6bc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2eu0qnja3p3n3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-18.fra60.r.cloudfront.net

sleeknotecustomerscripts.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.95.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-ab06.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 18.66.112.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-118.fra56.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dc7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.54.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-54-122.eu-west-1.compute.amazonaws.com

pixel.convertize.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-62.fra56.r.cloudfront.net

js.idio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.91 (United States)

ASN54113 (FASTLY, US)

static.woopra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2490:1a00:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-85.fra60.r.cloudfront.net

cdn-0.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.204.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-204-65.compute-1.amazonaws.com

api2963.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.146.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-146-54.compute-1.amazonaws.com

cs.choozle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

498-xvr-738.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-76.fra60.r.cloudfront.net

s.idio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.95.216 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.216.95.55.162.clients.your-server.de

www.woopra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.211.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-211-64.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.123.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-123-144.fra60.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.225.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-225-70.compute-1.amazonaws.com

a.idio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.101.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-101-102.compute-1.amazonaws.com

api.idio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.238.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-238-86.compute-1.amazonaws.com

vff2963.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-63.fra60.r.cloudfront.net

i.idio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.99.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-74.fra60.r.cloudfront.net

sleeknotestaticcontent.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.174.150.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-3-ue1.aws.pardot.com

www1.bottomline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.163.234 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-234.deploy.static.akamaitechnologies.com

ff.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

analytics.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-60.fra60.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 5606	752 KB
16	bottomline.com www.bottomline.com — Cisco Umbrella Rank: 431599 www1.bottomline.com	198 KB
11	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 22115 settings.luckyorange.com — Cisco Umbrella Rank: 22192	179 KB
8	d41.co cdn-0.d41.co — Cisco Umbrella Rank: 15875 api2963.d41.co — Cisco Umbrella Rank: 950111 vff2963.d41.co ff.d41.co — Cisco Umbrella Rank: 164202	322 KB
7	idio.co js.idio.co — Cisco Umbrella Rank: 38054 s.idio.co — Cisco Umbrella Rank: 33943 a.idio.co — Cisco Umbrella Rank: 34541 api.idio.co — Cisco Umbrella Rank: 128184 i.idio.co — Cisco Umbrella Rank: 286644	18 KB
7	cloudfront.net d2eu0qnja3p3n3.cloudfront.net d1eoo1tco6rr5e.cloudfront.net	89 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 6164 bootstrap.api.drift.com — Cisco Umbrella Rank: 6466	455 B
6	marketo.com app-ab06.marketo.com — Cisco Umbrella Rank: 40534	145 KB
6	sleeknote.com sleeknotecustomerscripts.sleeknote.com — Cisco Umbrella Rank: 23053 sleeknotestaticcontent.sleeknote.com — Cisco Umbrella Rank: 26419 analytics.sleeknote.com — Cisco Umbrella Rank: 28649	49 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5640	755 B
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	3 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 829 www.google.com — Cisco Umbrella Rank: 7	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	57 KB
5	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2765	12 KB
5	gstatic.com fonts.gstatic.com	97 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 385 www.linkedin.com — Cisco Umbrella Rank: 595 px4.ads.linkedin.com — Cisco Umbrella Rank: 4868	3 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 624 script.hotjar.com — Cisco Umbrella Rank: 958 vars.hotjar.com — Cisco Umbrella Rank: 1008 in.hotjar.com — Cisco Umbrella Rank: 1743	67 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	314 B
2	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 591	407 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	114 KB
2	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2609 rs.fullstory.com — Cisco Umbrella Rank: 2319	70 KB
2	woopra.com static.woopra.com — Cisco Umbrella Rank: 45316 www.woopra.com — Cisco Umbrella Rank: 38226	13 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3543	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	156 KB
2	conductor.com cdn-cs.conductor.com — Cisco Umbrella Rank: 61847	8 KB
1	driftcdn.com embeds.driftcdn.com — Cisco Umbrella Rank: 6566	22 KB
1	pardot.com pi.pardot.com — Cisco Umbrella Rank: 4281	1 KB
1	mktoresp.com 498-xvr-738.mktoresp.com — Cisco Umbrella Rank: 856164	311 B
1	choozle.com cs.choozle.com — Cisco Umbrella Rank: 7932	123 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 431	6 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 7967	1006 B
1	convertize.io pixel.convertize.io — Cisco Umbrella Rank: 117141	174 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 105	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 938	3 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 280	31 KB
1	thaw6lily.com secure.thaw6lily.com — Cisco Umbrella Rank: 404484	448 B
197	36

	Domain	Requested by
64	js.driftt.com	www.bottomline.com js.driftt.com
14	www.bottomline.com	www.bottomline.com
9	tools.luckyorange.com	www.googletagmanager.com tools.luckyorange.com
6	app-ab06.marketo.com	www.bottomline.com app-ab06.marketo.com
6	d2eu0qnja3p3n3.cloudfront.net	www.bottomline.com
5	www.google.de	www.bottomline.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.bottomline.com
5	nexus.ensighten.com	www.googletagmanager.com nexus.ensighten.com
5	fonts.gstatic.com	www.bottomline.com
4	metrics.api.drift.com	js.driftt.com
4	sleeknotestaticcontent.sleeknote.com	sleeknotecustomerscripts.sleeknote.com sleeknotestaticcontent.sleeknote.com
4	www.google.com	www.bottomline.com
3	cdn-0.d41.co	www.bottomline.com www.googletagmanager.com cdn-0.d41.co
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	bootstrap.api.drift.com	js.driftt.com
2	www1.bottomline.com	www.bottomline.com www1.bottomline.com
2	vff2963.d41.co	cdn-0.d41.co www.bottomline.com
2	www.facebook.com	www.bottomline.com
2	api.idio.co	s.idio.co
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	settings.luckyorange.com	www.bottomline.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	s.idio.co	js.idio.co
2	api2963.d41.co	www.googletagmanager.com www.bottomline.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	www.bottomline.com connect.facebook.net
2	munchkin.marketo.net	www.bottomline.com munchkin.marketo.net
2	www.googletagmanager.com	www.bottomline.com www.googletagmanager.com
2	cdn-cs.conductor.com	www.bottomline.com
1	embeds.driftcdn.com	js.driftt.com
1	pi.pardot.com	www1.bottomline.com
1	analytics.sleeknote.com
1	ff.d41.co	cdn-0.d41.co
1	i.idio.co	www.bottomline.com
1	a.idio.co	www.bottomline.com
1	d1eoo1tco6rr5e.cloudfront.net	nexus.ensighten.com
1	rs.fullstory.com	edge.fullstory.com
1	in.hotjar.com	script.hotjar.com
1	www.woopra.com	static.woopra.com
1	498-xvr-738.mktoresp.com	munchkin.marketo.net
1	cs.choozle.com	www.bottomline.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	analytics.google.com	www.googletagmanager.com
1	px4.ads.linkedin.com	www.bottomline.com
1	www.linkedin.com	1 redirects
1	edge.fullstory.com	www.bottomline.com
1	static.woopra.com	www.bottomline.com
1	js.idio.co	www.bottomline.com
1	cdn.jsdelivr.net	www.googletagmanager.com
1	ws.zoominfo.com	www.bottomline.com
1	pixel.convertize.io	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	sleeknotecustomerscripts.sleeknote.com	www.bottomline.com
1	ajax.googleapis.com	www.bottomline.com
1	secure.thaw6lily.com	www.bottomline.com
197	58

This site contains links to these domains. Also see Links.

Domain
investors.bottomline.com

Subject Issuer	Validity	Valid
bottomline.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-24` - `2022-06-24`	a year	crt.sh
conductor.com Amazon	`2022-03-03` - `2023-04-01`	a year	crt.sh
secure.cave9tape.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-30` - `2022-09-30`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.sleeknote.com Amazon	`2022-01-18` - `2023-02-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
app-ab06.marketo.com Cloudflare Inc ECC CA-3	`2021-06-06` - `2022-06-05`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.convertize.io Sectigo RSA Domain Validation Secure Server CA	`2022-03-10` - `2023-03-10`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
idio.co R3	`2022-04-01` - `2022-06-30`	3 months	crt.sh
static.woopra.com R3	`2022-03-01` - `2022-05-30`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-02-14` - `2022-05-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-12` - `2022-04-12`	3 months	crt.sh
luckyorange.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.d41.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-01` - `2023-03-04`	a year	crt.sh
*.choozle.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-21` - `2022-05-21`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
woopra.com R3	`2022-03-01` - `2022-05-30`	3 months	crt.sh
*.fullstory.com R3	`2022-02-14` - `2022-05-15`	3 months	crt.sh
settings.luckyorange.com R3	`2022-03-05` - `2022-06-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www1.bottomline.com R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
apps02.dnb.com DigiCert SHA2 Secure Server CA	`2022-01-19` - `2022-04-20`	3 months	crt.sh
analytics.sleeknote.com GTS CA 1D4	`2022-03-29` - `2022-06-27`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
*.driftcdn.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Frame ID: 0CBEC5F43CC191DF21ED95F11F93F8EE
Requests: 111 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 2AD46AB16E4083984D4AC95FC101DA5C
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/hags91v/ei4lk5t/iframe
Frame ID: 3D13AFB12DAAC4C9BE93583ACB95E4B7
Requests: 3 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/core.js?v=09df4dc
Frame ID: 493BB47B21F174360C47EF5B564B6151
Requests: 5 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=09df4dc
Frame ID: BA52505CBD5815C89F6496CF1BE43CA3
Requests: 1 HTTP requests in this frame

Frame: https://app-ab06.marketo.com/index.php/form/XDFrame
Frame ID: B8571811B707C4F205BF444EBA6D694C
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4175DD4E909ABC0C9F107EDB37780A03
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
Frame ID: 2EC6D518F46389EB60868BEE962DC372
Requests: 35 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
Frame ID: 391E8F8EEE2ED85CF1B3D7D7DB494E5B
Requests: 34 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=09df4dc
Frame ID: 1D5B02CDE875C7EEDA348E0ECAE0A22D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bottomline | Insider Fraud In Banks - The Post-Covid Threat Landscape

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Woopra (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.woopra\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

197
Requests

97 %
HTTPS

32 %
IPv6

36
Domains

58
Subdomains

56
IPs

6
Countries

2437 kB
Transfer

7072 kB
Size

42
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://investors.bottomline.com/overview/default.aspx
Title: Investors Overview

Search URL Search Domain Scan URL

URL: https://investors.bottomline.com/overview/#financial-graphs
Title: Financial Results

Search URL Search Domain Scan URL

URL: https://investors.bottomline.com/overview/#analyst
Title: Analyst Coverage

Search URL Search Domain Scan URL

URL: https://investors.bottomline.com/overview/#governance
Title: Governance

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1649100734538&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1378034%26time%3D1649100734538%26url%3Dhttps%253A%252F%252Fwww.bottomline.com%252Fus%252Fresources%252Finsider-fraud-banks-post-covid-threat-landscape%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1649100734538&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1649100734538&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&liSync=true&e_ipv6=AQKFl7MGQuYtkgAAAX_2EEWtn0vKtmqXLMvVYXu8efWSZCWDP6KiD5SDCuox-SjgCFMv6FHZ

Request Chain 75

https://insight.adsrvr.org/tags/hags91v/ei4lk5t/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/hags91v/ei4lk5t/iframe

197 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request insider-fraud-banks-post-covid-threat-landscape Show response
www.bottomline.com/us/resources/ 142 KB
18 KB 485ms
247ms Document
text/html 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

1282c44c427efc83fd575e44459de1dbdd38112cb82b8c97a1a32d57f7e8690f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: none
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 17654
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 19:32:14 GMT
expires: Tue, 05 Apr 2022 00:26:11 GMT
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block

GET
H2 200 application.css
www.bottomline.com/application/themes/rawnet/app/stylesheets/ 200 KB
32 KB 112ms
111ms Stylesheet
text/css 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bottomline.com/application/themes/rawnet/app/stylesheets/application.css?v=20220404150024

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2da48a572044a36bb3915cb59721ebd8cfd3a51632f3ac7f135f53e5f10ddeea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:14 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:57:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, must-revalidate
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: none
content-length: 32346
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:14 GMT

GET
H2 200 611a6996-dd87-46c1-8144-c6100f79f2a2.js Show response
cdn-cs.conductor.com/ 178 B
617 B 521ms
450ms Script
text/javascript 2600:9000:225e:1c00:12:95e6:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cs.conductor.com/611a6996-dd87-46c1-8144-c6100f79f2a2.js
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1c00:12:95e6:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ff27dc0162f420aa372eff623121e91d5f732e2625310714efa815f5c561f0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: GW8W9WVjt3MAohsJvBa__rG2T7vfBJFr
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Mon, 07 Jun 2021 19:08:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "9a73d27bfdf1a6a9bbf80a811fc1397a"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: no-cache
date: Mon, 04 Apr 2022 19:32:15 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 178
x-amz-cf-id: bsw2WHi10eT4OR-uwFZNCnC9-bv9wvigWc3HE7nm9y7EwLyNRbQ8jQ==

GET
H2 200 scalpel.js Show response
cdn-cs.conductor.com/ 7 KB
7 KB 11ms
8ms Script
text/javascript 2600:9000:225e:1c00:12:95e6:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cs.conductor.com/scalpel.js
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1c00:12:95e6:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ebb9b897f55ed59ddf1e303c7eab74c6db109e705bfaa7a2dc6b93ce095b3c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: cmXkYHjITqwsq9AlI5y8ehQQjGWOuTes
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 13:30:59 GMT
server: AmazonS3
age: 57928
etag: "6dfc6e162082ae784a176aee14928d27"
x-cache: Hit from cloudfront
content-type: text/javascript
date: Mon, 04 Apr 2022 03:26:47 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 6804
x-amz-cf-id: qU7TOjXaz5DTYt_dvvnfmVfoOtNizGmFzxPovXoKkpH7gc1EFNzsbA==

GET
H/1.1 200
OK 212347.js Show response
secure.thaw6lily.com/js/ 16 B
448 B 344ms
23ms Script
text/javascript 51.145.21.84
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.thaw6lily.com/js/212347.js
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.145.21.84 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 668b3dde12ba2c46fd18c8e7270d5f1ede8dfcd29f1a0361c83a4098286e144a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 19:32:14 GMT
Content-Encoding: gzip
Server: Kestrel
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: 0
Cache-Control: no-store, must-revalidate
Content-Length: 136
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20

GET
H2 200 logo.svg
www.bottomline.com/application/themes/rawnet/app/images/interface/ 3 KB
2 KB 222ms
219ms Image
image/svg+xml 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bottomline.com/application/themes/rawnet/app/images/interface/logo.svg

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

7e901163204b65620c38bbf4dd8a5678a354a26d0067e02f7629c2ce742a9495

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:14 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:57:33 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: none
content-length: 1428
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:14 GMT

GET
H2 200 bottomline-white-header.svg
www.bottomline.com/application/themes/rawnet/app/images/interface/ 3 KB
2 KB 221ms
218ms Image
image/svg+xml 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bottomline.com/application/themes/rawnet/app/images/interface/bottomline-white-header.svg

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

97df892c59981568a9466da49daa104339eeb3f8c6947b38b9dcada00a93726f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:14 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:57:33 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: none
content-length: 1609
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:14 GMT

GET
H2 200 branded-media-right.svg
www.bottomline.com/application/themes/rawnet/app/images/interface/ 701 B
1 KB 221ms
219ms Image
image/svg+xml 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bottomline.com/application/themes/rawnet/app/images/interface/branded-media-right.svg

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

327a79e144f3e526e2d743a3e768e34371934b910b7f1526e416d13675de89c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:14 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:57:33 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: none
content-length: 453
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:14 GMT

GET
H2 200 BT_blue@2x.png
www.bottomline.com/application/themes/rawnet/app/images/interface/ 1 KB
2 KB 222ms
220ms Image
image/png 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bottomline.com/application/themes/rawnet/app/images/interface/BT_blue@2x.png

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f5f54175bb5edf8394bd6466dfcc39f198058765a6b8931eb100e7c170829c03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:14 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:57:33 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, must-revalidate
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
accept-ranges: bytes
content-length: 1514
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:14 GMT

GET
H2 200 Themis_Logo_2020.png
d2eu0qnja3p3n3.cloudfront.net/9716/4615/1098/ 15 KB
15 KB 418ms
367ms Image
image/png 2600:9000:2251:ac00:4:6246:6bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2eu0qnja3p3n3.cloudfront.net/9716/4615/1098/Themis_Logo_2020.png
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:ac00:4:6246:6bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c6aa602a751bf59150f83ec1bbcde710d6d48985ce1829424b480daf92e68f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: DniiYEjC6Kx.kuNsOh.b.eUxIotPiozf
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Tue, 01 Mar 2022 16:11:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "9b182b40f0a22d551358205b66af1c8c"
x-cache: RefreshHit from cloudfront
content-type: image/png
date: Mon, 04 Apr 2022 19:32:15 GMT
content-length: 15044
x-amz-cf-id: R-C6ImXKxt2X2ImeIxHH1aH6RRp67Y3gXckRaf33Q1ZheDouxJgjsg==

GET
H2 200 BT_resource@2x.png
www.bottomline.com/application/themes/rawnet/app/images/interface/book_covers/ 4 KB
5 KB 223ms
221ms Image
image/png 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bottomline.com/application/themes/rawnet/app/images/interface/book_covers/BT_resource@2x.png

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

9b43b554cefb3e260220353d66c1fff02b52fde52340c621ca5bc07da15415d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:14 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:57:33 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, must-revalidate
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
accept-ranges: bytes
content-length: 4280
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:14 GMT

GET
H2 200 footer-curve.svg
www.bottomline.com/application/themes/rawnet/app/images/interface/ 424 B
990 B 221ms
219ms Image
image/svg+xml 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bottomline.com/application/themes/rawnet/app/images/interface/footer-curve.svg

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

9d71fba23742acdc4f9eda4d74efb43015bb7d10ca8d287657b05b497c02ebbb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:14 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:57:33 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: none
content-length: 295
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:14 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 198ms
61ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 12:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Apr 2023 12:14:02 GMT

GET
H2 200 application.js Show response
www.bottomline.com/application/themes/rawnet/app/javascript/ 434 KB
123 KB 124ms
120ms Script
application/x-javascript 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bottomline.com/application/themes/rawnet/app/javascript/application.js?v=20220404150024

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

1df8f89884af76e482f3b299a9a6bea9c72645557d9cea73ea2fa2c265e8b405

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:14 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:57:33 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, must-revalidate
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: none
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:14 GMT

GET
H2 200 drift.js Show response
www.bottomline.com/application/themes/rawnet/js/ 1 KB
1 KB 222ms
220ms Script
application/x-javascript 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bottomline.com/application/themes/rawnet/js/drift.js

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

557e08395a5ca4ed5592738b18e5faa23edd63a0939f7b5233545de268b1bd9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:14 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:58:46 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, must-revalidate
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: none
content-length: 580
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:14 GMT

GET
H2 200 marketo.js Show response
www.bottomline.com/application/themes/rawnet/js/ 591 B
1015 B 221ms
220ms Script
application/x-javascript 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bottomline.com/application/themes/rawnet/js/marketo.js

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

cabbc928cde8a1e64cf9497d586bdd6e6ad4ba86b07f0494670736cb95c8e6b3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:14 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:58:46 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, must-revalidate
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: none
content-length: 308
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 485 KB
90 KB 265ms
139ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

111b264be3b5a34a64aca23b9e2d59bec6162e005b01b0a19a958ba820376b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92146
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Apr 2022 19:32:14 GMT

GET
H2 200 39713.js Show response
sleeknotecustomerscripts.sleeknote.com/ 19 KB
3 KB 153ms
121ms Script
text/javascript 13.32.99.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotecustomerscripts.sleeknote.com/39713.js
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-18.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: faba506dba0349736b95b770edec7a4eea32962b2ce0c18316a6cd8c0025e60a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: z1Mo2SCvKVSDmVPfzaskNJnviiS2Q6TG
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 15:30:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "21b78bb028f14ab34fa744fed67164a6"
x-cache: RefreshHit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
cache-control: max-age=60
date: Mon, 04 Apr 2022 19:32:15 GMT
accept-ranges: bytes
content-length: 2651
x-amz-cf-id: 5RT3inKvJi8ImmNs4gtEM_NGMqXE0Jf5JNwoMdzvB0FluB-eslbuDw==

GET
H2 200 sprite.svg
www.bottomline.com/application/themes/rawnet/app/images/ 6 KB
3 KB 222ms
221ms Other
image/svg+xml 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bottomline.com/application/themes/rawnet/app/images/sprite.svg

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

adde2a843bfe6b6ef40f4b0ef88d1a3a6f1f637b3c1056cd8dabb372b4f5c991

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:14 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:57:33 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: none
content-length: 2074
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v27/ 51 KB
51 KB 273ms
138ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa400cfeb6d1019e0e3d18fd57ded1a50754057af2e5231a6d1ed2bfc5a07a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bottomline.com/
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 21:22:51 GMT
x-content-type-options: nosniff
age: 598163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51992
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 23:15:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 28 Mar 2023 21:22:51 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 11 KB
11 KB 318ms
182ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bottomline.com/
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 18:15:30 GMT
x-content-type-options: nosniff
age: 436604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10996
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 18:15:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v27/ 11 KB
11 KB 206ms
71ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6621200328c67a58e7f049fc077058611d49a8b0462acecdd1f25ef0b20a831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bottomline.com/
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:25:24 GMT
x-content-type-options: nosniff
age: 324410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11048
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 01:25:24 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efbc8aa649e3aa51247c8e3510c73fe797e529486a5150641462ace52aaaa672

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bb7e74139db0bc9e205af2f1459a595c963c5e3b5528e769d494f555712c539

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 164 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 887060479e6f06e560832afe204b63f4f89db286966020a48d341481ff8a5846

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v27/ 11 KB
11 KB 195ms
125ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b276a3df6dcdcd6c00183988721ddac6786ef8ffbc664e87e8c34dac70ca199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bottomline.com/
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 17:08:28 GMT
x-content-type-options: nosniff
age: 527026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11132
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 17:08:28 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v27/ 13 KB
13 KB 128ms
59ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

090625522e49ad90e9db9ec649e3da9107fe04e007ec8fe7dcd3674cc415e7ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bottomline.com/
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:04:28 GMT
x-content-type-options: nosniff
age: 5266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12800
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 04 Apr 2023 18:04:28 GMT

GET
H2 200 forms2.min.js Show response
app-ab06.marketo.com/js/forms2/js/ 205 KB
68 KB 247ms
33ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab06.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/application/themes/rawnet/app/javascript/application.js?v=20220404150024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
age: 4454
etag: "460aa9-3326e-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6f6c780acebb9196-FRA
vary: Accept-Encoding
expires: Mon, 04 Apr 2022 23:32:15 GMT

GET
H2 200 chevron.svg
www.bottomline.com/application/themes/rawnet/app/images/interface/ 239 B
885 B 125ms
121ms Image
image/svg+xml 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bottomline.com/application/themes/rawnet/app/images/interface/chevron.svg

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

64c416c1d79907969c428deae3f443c880c719d7c3ebc3683d15d9ae45d84778

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:57:33 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: none
content-length: 190
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:15 GMT

GET
H2 200 BT-themis-whitepaper-banner.webp
d2eu0qnja3p3n3.cloudfront.net/840x670/jpg/8116/4605/6148/ 28 KB
29 KB 39ms
38ms Image
image/png 2600:9000:2251:ac00:4:6246:6bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2eu0qnja3p3n3.cloudfront.net/840x670/jpg/8116/4605/6148/BT-themis-whitepaper-banner.webp
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:ac00:4:6246:6bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f069f27ab73d60c3b99867edc3274e0a3ebc725e1f395e4d7532f5b2ae234b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 10:36:35 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Mon, 28 Feb 2022 13:51:00 GMT
server: AmazonS3
age: 118541
etag: "2f04304ae3af8bbc102f51512d5a5f6f"
x-cache: Hit from cloudfront
x-amz-version-id: Bvzw77JhQG98EWgaBvWJ5OVInsnRoJxE
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P3
content-type: image/png
content-length: 29158
x-amz-cf-id: mYhcs3FSDE7uCwz10KMeG5m9ObYJyQQr9ygjzibC8PBiM0L2V5LEow==

GET
H2 200 types-of-fraud-mediatext.webp
d2eu0qnja3p3n3.cloudfront.net/630x353/jpg/2716/4615/1052/ 40 KB
40 KB 24ms
23ms Image
image/png 2600:9000:2251:ac00:4:6246:6bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2eu0qnja3p3n3.cloudfront.net/630x353/jpg/2716/4615/1052/types-of-fraud-mediatext.webp
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:ac00:4:6246:6bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e7365fd12c640647a7dad70785be67ae8c345d40fe06db1681698f1a9463de5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 10:41:00 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Tue, 01 Mar 2022 16:12:06 GMT
server: AmazonS3
age: 118276
etag: "f69c25b5a1a39e659fd286f95305098d"
x-cache: Hit from cloudfront
x-amz-version-id: 4K4tTR_O8kFS2ve15Ny1LiuwzXPxvfAN
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P3
content-type: image/png
content-length: 40454
x-amz-cf-id: NEip2EHp3UE2eXlk9ZlP04I0CFolX3ShtXYbHfVrtTIIU7e70RDtOw==

GET
H2 200 BT_data_representation-28.webp
d2eu0qnja3p3n3.cloudfront.net/80x105/png/9515/7952/1193/ 2 KB
2 KB 39ms
38ms Image
image/png 2600:9000:2251:ac00:4:6246:6bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2eu0qnja3p3n3.cloudfront.net/80x105/png/9515/7952/1193/BT_data_representation-28.webp
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:ac00:4:6246:6bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48b5d240aa0f530c8681d1d886469c6493ae0fdaca7d57ba0b92eaff9ee7c80f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 10:03:28 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jun 2020 13:30:09 GMT
server: AmazonS3
age: 6773328
etag: "13e2cde71ac5e11a9b7b4364cdb47999"
x-cache: Hit from cloudfront
x-amz-version-id: qH3dTAqvw.6e7madgPod75GnwHUF_p3v
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P3
content-type: image/png
content-length: 1640
x-amz-cf-id: 0kPhvHR2Drd6jMcAeoElYPT0A29bHnxKHGXDFf58l0FPzpANPs8Teg==

GET
H2 200 BT_documentation__messaging-52.webp
d2eu0qnja3p3n3.cloudfront.net/80x105/png/4815/7952/1219/ 1 KB
2 KB 39ms
39ms Image
image/png 2600:9000:2251:ac00:4:6246:6bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2eu0qnja3p3n3.cloudfront.net/80x105/png/4815/7952/1219/BT_documentation__messaging-52.webp
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:ac00:4:6246:6bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d04f793271da0e8dacca8cacdcb068214bb35b161101d02c4242c6e89ac5a44c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 10:16:29 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jun 2020 13:30:09 GMT
server: AmazonS3
age: 119747
etag: "0ea46b560d14494f350d6b27508b5eba"
x-cache: Hit from cloudfront
x-amz-version-id: xV7AeTXnLfhDlhLJsfocHRhTltBOBJ1K
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P3
content-type: image/png
content-length: 1240
x-amz-cf-id: wEemv-Eo6apCX7v6rpE_H-cTZFRLE6fw-0v1VDKhnn4fhrMG_5SADg==

GET
H2 200 54uv9fyxt7ee.js Show response
js.driftt.com/include/1649100900000/ 230 KB
66 KB 302ms
146ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1649100900000/54uv9fyxt7ee.js

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/application/themes/rawnet/js/drift.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

bad973a62c4f835380e13cab41e2c1f31e353070b361972575a2a075f004aef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: chI38zSfCrp4pO3dxxnfQ0qXrPE8BG0y
content-encoding: gzip
etag: W/"2ecaefc42dd3b3de18b1412573114b86"
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 17:33:52 GMT
server: nginx
date: Mon, 04 Apr 2022 19:32:15 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BjGqayEW55bwJ4kVFWeinkm-ZIMI0HzqCAtAVLu648chKEuBD7vNcw==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 162ms
7ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/application/themes/rawnet/js/marketo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 19:32:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
65 KB 75ms
75ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HZ69YE96Q9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad715b7a82804918b62c7d3a62a9c1267511672a64a91f8dd9905bc5b1cf2547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66865
x-xss-protection: 0
expires: Mon, 04 Apr 2022 19:32:15 GMT

GET
H2 200 hotjar-1395637.js Show response
static.hotjar.com/c/ 7 KB
3 KB 140ms
45ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1395637.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

765de1e44c0c171c8a55fd34b7b5fe05434f62b8f052781a04055f96386045f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/ba68d83cbc7c41f0189a8f6ff21ea637
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: zQ9PdcQUa3qieL2yT6aGEPcO51IFzrSgGhWhbwW-5JktoXmp7-KUAA==
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 115ms
8ms Script
application/x-javascript 2a02:26f0:3500:7::17d8:4dc7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dc7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 19:32:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Mar 2022 23:45:34 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=32902
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3104

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 175ms
64ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

de2f7f8d7b163a0d422d2a426f84db938dbdae1a8fde621b123306a4a12652a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14881
x-xss-protection: 0
server: cafe
etag: 17469320936275902838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 19:32:15 GMT

GET
H2 200 6787.js Show response
pixel.convertize.io/ 0
174 B 134ms
33ms Script
application/javascript 54.220.54.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.convertize.io/6787.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.54.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-54-122.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
last-modified: Mon, 13 Sep 2021 15:31:00 GMT
server: nginx
content-type: application/javascript
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
content-length: 0

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/12433/ 28 KB
9 KB 103ms
15ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12433/Bootstrap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 86b8dc2db84bd7a554214d0dcac4d3807276c7c2cc5ce75a298c8c9d74548b1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 17:04:03 GMT
server: nginx
etag: W/"6116a603-7013"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H2 200 Ei89xrHr4hANrgxJsdOQ Show response
ws.zoominfo.com/pixel/ 778 B
1006 B 298ms
193ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/Ei89xrHr4hANrgxJsdOQ

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d910e3ee339554225ae581d3d13e83beb7ccee06bfcc063fd1594b1c32c736b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6f6c780af9069b1c-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
via: 1.1 google

GET
H2 200 flow-gallery.min.js Show response
cdn.jsdelivr.net/npm/flow-gallery@latest/dist/ 14 KB
6 KB 164ms
58ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flow-gallery@latest/dist/flow-gallery.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdd32a0cc2ef39c888bb3df1fbf7d268fe84e9c3fff9fc6f14ef25c4a92b0d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35970
x-jsd-version: 0.1.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19182-FRA, cache-hhn4081-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"39d2-Z4FHy+Il/DMUZ94tNQtTVA0Z5gI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6f6c780af9ad9060-FRA

GET
H2 200 3159.js Show response
js.idio.co/ 27 KB
6 KB 370ms
326ms Script
application/javascript 18.66.112.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.idio.co/3159.js
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b4ce0ccabdb1ecd0b48a4012e8030ea6feba330f9a8a9f7db421c58159fe467

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 02:34:43 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 16:34:22 GMT
server: AmazonS3
age: 61053
etag: W/"4c221ead5f401a5db561a77e54ed8c0e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: qDALSNID8BJBLsBj4Fnlt2psmDzMV8x8tRNVY0G8BVOmJIY5g0aseg==

GET
H2 200 w.js Show response
static.woopra.com/js/ 35 KB
12 KB 335ms
275ms Script
text/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.woopra.com/js/w.js
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 61f7a047ea18784e81e12d1c7815ccd060ed2601fe178eea3cd02bc2028c87aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: gzip
age: 67945
x-cache: HIT
content-length: 12465
x-served-by: cache-hhn4061-HHN
access-control-allow-origin: *
last-modified: Wed, 09 Mar 2022 23:29:34 GMT
server: Apache/2.2.15 (Red Hat)
x-timer: S1649100736.520715,VS0,VE0
etag: "21dbc-8d51-5d9d178605fd0"
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 varnish
cache-control: public, max-age=86400, proxy-revalidate
accept-ranges: bytes
x-cache-hits: 1727

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 231 KB
70 KB 359ms
38ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cec849442968b066b49995c54e546640f94d0b31f6184d1203bf3e5cb4332b68

Request headers

Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:57:42 GMT
content-encoding: gzip
age: 2073
x-guploader-uploadid: ADPycduNLlkaHXJm8odtfToS-xCyRSueYy7CwOHLG24WIGyS5N8ImaLPvPpRQOVLkwHei0Qm1p3EGcPAYQCWinhCLnD6gZvG72EJ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70851
last-modified: Sat, 02 Apr 2022 15:05:47 GMT
server: UploadServer
etag: "6943cd020a6a276667640f25d7bd7d99"
x-goog-hash: crc32c=MZ+dAQ==, md5=aUPNAgpqJ2ZnZA8l1719mQ==
x-goog-generation: 1648911947746417
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70851
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 04 Apr 2022 19:57:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 272ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26313
x-xss-protection: 0
pragma: public
x-fb-debug: T1pkGRR21xiTVI1rNg9wp9hrA9mVCuTvMD4Lrcr+BG5HdfIjo0MBD3MrSYnAbHINkiCKvj6jhrEzqYwQ+EMIiA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 04 Apr 2022 19:32:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ 11 KB
5 KB 401ms
253ms Script
application/javascript 2600:9000:2490:1a00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=cb2e97df
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1a00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf2a8df3761c722599171ce0c6eec8fa4630e4c04203d4e4f8551a559c880aa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:02:19 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 17:02:08 GMT
server: AmazonS3
age: 1797
etag: "63e77f3ff8dd6b9f692060a75e292530"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-length: 4324
x-amz-cf-id: QWvx1p-5Ra04UIF-P27VG_M0z_6HWZPQszZZEKGMQs_e6T0auBT4jA==

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 93 KB
37 KB 445ms
68ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-5P2CWQ2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d93da9438e22388a9774be9726cf624eb689b184587c40f05377fcdee593bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37301
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Apr 2022 19:32:15 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1649100734538&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1378034%26time%3D1649100734538%26url%3Dhttps%253A%252F%252Fwww.bottomline.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1649100734538&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1649100734538&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&liSync=true&e_...

0
264 B

215ms
188ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1649100734538&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&liSync=true&e_ipv6=AQKFl7MGQuYtkgAAAX_2EEWtn0vKtmqXLMvVYXu8efWSZCWDP6KiD5SDCuox-SjgCFMv6FHZ
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 65133A9F9B8140B58A960DB2038024D2 Ref B: FRAEDGE0812 Ref C: 2022-04-04T19:32:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXb2S+TXmjh2H9pVgihSA==
x-li-fabric: prod-lor1

Redirect headers

date: Mon, 04 Apr 2022 19:32:15 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: BBB83438A5EF4951BC50676652FE74B4 Ref B: FRAEDGE0822 Ref C: 2022-04-04T19:32:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1378034&time=1649100734538&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&liSync=true&e_ipv6=AQKFl7MGQuYtkgAAAX_2EEWtn0vKtmqXLMvVYXu8efWSZCWDP6KiD5SDCuox-SjgCFMv6FHZ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXb2S+P9UmxGFPp2UAQdg==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 31ms
22ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 19:32:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Wed, 13 Jul 2022 19:32:15 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
349 B 494ms
66ms Ping
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HZ69YE96Q9&gtm=2oe3u0&_p=1598554301&sr=1600x1200&_gaz=1&ul=en-us&cid=1699349294.1649100735&_s=1&dl=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&dt=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&sid=1649100734&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HZ69YE96Q9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bottomline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 231ms
122ms Ping
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HZ69YE96Q9&cid=1699349294.1649100735&gtm=2oe3u0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HZ69YE96Q9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bottomline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 235ms
109ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HZ69YE96Q9&cid=1699349294.1649100735&gtm=2oe3u0&aip=1&z=787901993

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ff-2.min.js Show response
cdn-0.d41.co/tags/ 169 KB
169 KB 43ms
11ms Script
application/javascript 18.66.122.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.d41.co/tags/ff-2.min.js
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/application/themes/rawnet/app/javascript/application.js?v=20220404150024
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-85.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e111614ac18cf0c829a3dbfc6aff736c03536ec281330daf38e4bb3fb6ddfca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 19:28:19 GMT
Via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
Last-Modified: Tue, 24 Nov 2020 18:53:44 GMT
Server: AmazonS3
Age: 243
ETag: "da4912a78302efa0a3cb5d43a88f0e41"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
Content-Length: 172705
X-Amz-Cf-Id: ArEZYjM_z7hP3ECwmrIihu_g9rMUr0NTh_ojszF412oEy15ETjIAbg==

GET
H2 200 modules.681b17e679ac939c3f40.js Show response
script.hotjar.com/ 236 KB
62 KB 36ms
8ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.681b17e679ac939c3f40.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1395637.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

c48af1698e6e13a34a137eb360a3e7d0937ba31bd0332eee8af2b2972b49dd49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34209
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63051
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 10:02:01 GMT
etag: "3c5b1dac19edd9cdf05d029e575db3b3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: zVY5O9iHpXgVw8DosDCTATwFONQNAPFchOffAGoE7tH21pymY2k9Ow==

GET
BLOB 200
OK ef8c7b31-2e23-4945-8b7f-245e62bd13b5
https://www.bottomline.com/ 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bottomline.com/ef8c7b31-2e23-4945-8b7f-245e62bd13b5
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/flow-gallery@latest/dist/flow-gallery.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d22817007abfad8e597fa2a7427fa4c78bc050d436a9f3dcd7fbc12cfcf7da6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 2233
Content-Type: text/css

GET
H/1.1 204
No Content / Show response
api2963.d41.co/sync/ 0
520 B 486ms
153ms Script
text/plain 54.82.204.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api2963.d41.co/sync/

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.204.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-204-65.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 19:32:15 GMT
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
access-control-allow-origin: https://www.bottomline.com
Cache-Control: no-cache, no-store
access-control-allow-credentials: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/12433/ 507 B
649 B 39ms
18ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12433/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/12433/code/&publishedOn=Fri%20Aug%2013%2017:04:02%20GMT%202021&ClientID=923&PageID=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12433/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 73a7e8c46e9b977cf8bb02af02cc6b3136a88725bb92f8d036b8022b22232d9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 507
expires: Mon, 04 Apr 2022 19:32:14 GMT

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 2AD4 2 KB
1 KB 64ms
22ms Document
text/html 18.66.139.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1395637.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-40.fra60.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 5136009
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Feb 2022 08:52:06 GMT
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
vary: Accept-Encoding
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-id: CM2IJIKHr-q_Wd_VmNGTUwZomYYy3CfO3Pb998j81I8u6QOUXzyAuQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 77c8a79c3eceb7286da725c5dad81362.js Show response
nexus.ensighten.com/choozle/12433/code/ 1 KB
869 B 10ms
9ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12433/code/77c8a79c3eceb7286da725c5dad81362.js?conditionId0=4891948&conditionId1=4891949
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12433/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 992716b0faca93c60ac27cbb7cfa884893074a19f77f9c962882273c3decd468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 18:15:47 GMT
server: nginx
etag: W/"5f874053-5cc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 0ee22d19d7821b7fec335bef9914ffde.js Show response
nexus.ensighten.com/choozle/12433/code/ 1 KB
699 B 10ms
9ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12433/code/0ee22d19d7821b7fec335bef9914ffde.js?conditionId0=4898977
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12433/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 58b7844b7a2286550f8a03b2094b55e4457024ff68e748a76173096cf5c375b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 17:53:13 GMT
server: nginx
etag: W/"602ab509-440"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 7e3bcccbe9be6061a65a6eb142929580.js Show response
nexus.ensighten.com/choozle/12433/code/ 2 KB
558 B 10ms
10ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12433/code/7e3bcccbe9be6061a65a6eb142929580.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12433/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 21:29:31 GMT
server: nginx
etag: W/"6074bbbb-746"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H/1.1 200
OK 20683
cs.choozle.com/dp/chz/ 35 B
123 B 778ms
100ms Image
image/gif 34.195.146.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.choozle.com/dp/chz/20683?d=www.bottomline.com&cb=2338467089
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.146.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-146-54.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

POST
H/1.1 200
OK visitWebPage
498-xvr-738.mktoresp.com/webevents/ 2 B
311 B 608ms
106ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://498-xvr-738.mktoresp.com/webevents/visitWebPage?_mchNc=1649100734777&_mchCn=&_mchId=498-XVR-738&_mchTk=_mch-bottomline.com-1649100734776-29086&_mchHo=www.bottomline.com&_mchPo=&_mchRu=%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 19:32:16 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 78276d92-5e44-4938-9f31-6768548dfaa2

GET
H3 200 3085532068369073 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 105ms
86ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3085532068369073?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49197ce94967db84e5b1ac6c01e511b4a9f014716548262ad8c493926392d096

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: s5s/zQIts7FoZdf+3ibMWFDr25xpX5TO3U3bv7dlUqQjXIyu0nEj7zUeb4jHFuqYJTsidXXzT2m7AFT723xGpg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Apr 2022 19:32:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 getForm Show response
app-ab06.marketo.com/index.php/form/ 18 KB
5 KB 496ms
496ms Script
application/javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab06.marketo.com/index.php/form/getForm?munchkinId=498-XVR-738&form=1974&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&callback=jQuery112409821165912277556_1649100734646&_=1649100734647

Requested by

Host: app-ab06.marketo.com
URL: https://app-ab06.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

009a96e114417bf17322807135be2174edbcdfe310653ef7e5f7a6333b921d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=63113904
cf-ray: 6f6c780d6cc29196-FRA
cached: false

GET
H2 200 ia.js Show response
s.idio.co/ 2 KB
2 KB 56ms
3ms Script
application/javascript 18.66.122.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.idio.co/ia.js
Requested by: Host: js.idio.co
URL: https://js.idio.co/3159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd21acbddbfa634e9870ed1b19093b0eb7bbe8636d4de590e2aadb23ead5cb3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 01:02:22 GMT
content-encoding: gzip
etag: W/"46727094ad49ed02b04a5f128b993736"
last-modified: Wed, 05 Aug 2020 11:08:42 GMT
server: AmazonS3
age: 66622
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: 1S6q3ZrJD7NtHE1bpUkI0UVCWGIMztPG13uIwxILMJzRbrskFPw2EA==

GET
H2 200 ip.js Show response
s.idio.co/ 12 KB
5 KB 37ms
5ms Script
application/javascript 18.66.122.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.idio.co/ip.js
Requested by: Host: js.idio.co
URL: https://js.idio.co/3159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f8c26695e4fe2f4397e1a08c7b39633b2811b38d9023d42d3be32a27d23caa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:27:50 GMT
content-encoding: gzip
etag: W/"667295c9be42d098b9271c04e336acee"
last-modified: Wed, 05 Aug 2020 11:08:59 GMT
server: AmazonS3
age: 270
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: ror6smnImNoM0_wa0uKPk3RZISngWpjtGy7rijz_U9mq7AstJoahBA==

GET
H2 200 / Show response
www.woopra.com/track/ce/ 67 B
238 B 627ms
143ms Script
text/javascript 162.55.95.216
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.woopra.com/track/ce/?project=bottomline.com&instance=woopra&meta=&screen=1600x1200&language=en-US&app=js-client&referer=&cookie=DO28XznKbsVI&event=pv&timeout=600000&idptnc=aUmcQN7Xiy7t&ce_url=%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&ce_title=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&ce_domain=www.bottomline.com&ce_uri=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&ce_scroll%20depth=0.2746623941405356&ce_returning=false
Requested by: Host: static.woopra.com
URL: https://static.woopra.com/js/w.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.95.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.216.95.55.162.clients.your-server.de
Software: /
Resource Hash: 3e99b129ea61e1f4763a0010353b8b9421c810d6dcf7d85fac4908e78051ec4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Apr 2022 19:32:16 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 67
content-type: text/javascript; charset=utf-8

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/940292856/ 2 KB
2 KB 214ms
76ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940292856/?random=1649100734971&cv=9&fst=1649100734971&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&tiba=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75314d75e825826dcd36270252af82ff7cc9389d5f3b8b9e21564bcc7875170d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976009631/ 2 KB
1 KB 213ms
77ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976009631/?random=1649100734974&cv=9&fst=1649100734974&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&tiba=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

089cccb04c5d820119165d353abd55468d8ba3a04be7aa66d44ed8da11de0c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1395637/ 147 B
323 B 118ms
34ms XHR
application/json 34.250.211.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1395637/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.681b17e679ac939c3f40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.211.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-211-64.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c

Request headers

Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H2 202 page Show response
rs.fullstory.com/rec/ 51 B
260 B 380ms
118ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

12e440bcb9155cad3dda382b086d353a0f73c4c8da328a534cfa7685a7d88ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Apr 2022 19:32:16 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bottomline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51

GET
H3 200 cb2e97df Show response
settings.luckyorange.com/ 4 KB
2 KB 143ms
123ms Fetch
application/json 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/cb2e97df
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 11130819df2651a950270dd34effe61ed30cd8efca4f3fed10f13b86d9ac09c9

Request headers

Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Accept-Language: de-DE,de;q=0.9
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:16 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bottomline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

OPTIONS
H2 200 cb2e97df
settings.luckyorange.com/ Frame 0
0 162ms
117ms Preflight 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/cb2e97df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-uid
Access-Control-Request-Method: GET
Origin: https://www.bottomline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.bottomline.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Apr 2022 19:32:15 GMT
via: 1.1 google

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/hags91v/ei4lk5t/ Frame 3D13
Redirect Chain

https://insight.adsrvr.org/tags/hags91v/ei4lk5t/iframe
https://d1eoo1tco6rr5e.cloudfront.net/hags91v/ei4lk5t/iframe

138 B
668 B

284ms
10ms

Document
text/html

18.66.123.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/hags91v/ei4lk5t/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12433/code/77c8a79c3eceb7286da725c5dad81362.js?conditionId0=4891948&conditionId1=4891949
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.123.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-123-144.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc2db6544bb23b5d49be7fc4221fcd0c704e34c9ca1f28158e74e637cb587b2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 57459
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Mon, 04 Apr 2022 03:34:38 GMT
ETag: "3764944266f3b3d592c2532afa0ebd0a"
Last-Modified: Sat, 02 Oct 2021 00:04:51 GMT
Server: AmazonS3
Via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
X-Amz-Cf-Id: NMwRGnp-aa2ozIecQwkx7AzpqnMVXUVVn8GR-sI_9u_1yZx3eEFC7A==
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 19:32:15 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/hags91v/ei4lk5t/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H/1.1 200
OK ia.gif
a.idio.co/ 26 B
239 B 415ms
103ms Image
image/gif 35.169.225.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.idio.co/ia.gif?r=&s=0ca4788c-d7f6-4692-823a-87b6e0072921&x%5Bidio_visitor_id%5D%5B0%5D=240bc991-7375-4b6f-8cf3-c96772e89c6f&c=bottomline&d=3159&a=consume&u=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&l=1649100735120&z=0.5327525291517228

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.225.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-225-70.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 19:32:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 26
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/gif

GET
H/1.1 200
OK _filter Show response
api.idio.co/1.0/users/idio_visitor_id:240bc991-7375-4b6f-8cf3-c96772e89c6f/content/ 7 KB
2 KB 516ms
215ms Script
application/javascript 52.72.101.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.idio.co/1.0/users/idio_visitor_id:240bc991-7375-4b6f-8cf3-c96772e89c6f/content/_filter?query=section%3A54%20AND%20-original_url%3A%22https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-and-employee-fraud-solution-simulator%22%20AND%20-original_url%3A%22https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Ffraud-analytics-optimisation%22&include_topics&callback=idio.check0&key=GIZTCTX8ABJJZG62XW87&session[]=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&session[]=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&_method=post&rpp=2&record=pending
Requested by: Host: s.idio.co
URL: https://s.idio.co/ip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.101.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-101-102.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7e3e418e1410f42f7bff7a3c1291eec4764b68afb5717355437912f034fef00f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 19:32:16 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 1809
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf8

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 48ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3085532068369073&ev=PageView&dl=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&rl=&if=false&ts=1649100735140&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649100735138.1315790175&it=1649100734879&coo=false&exp=p0&rqm=GET

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 04 Apr 2022 19:32:15 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 139ms
57ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5249
date: Mon, 04 Apr 2022 18:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Apr 2022 20:04:46 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/940292856/ 42 B
108 B 212ms
76ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/940292856/?random=1649100734971&cv=9&fst=1649098800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&tiba=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&async=1&fmt=3&is_vtc=1&random=1792071160&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/940292856/ 42 B
64 B 167ms
87ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/940292856/?random=1649100734971&cv=9&fst=1649098800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&tiba=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&async=1&fmt=3&is_vtc=1&random=1792071160&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/976009631/ 42 B
548 B 167ms
73ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976009631/?random=1649100734974&cv=9&fst=1649098800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&tiba=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&async=1&fmt=3&is_vtc=1&random=1576741342&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/976009631/ 42 B
64 B 153ms
74ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976009631/?random=1649100734974&cv=9&fst=1649098800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&tiba=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&async=1&fmt=3&is_vtc=1&random=1576741342&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 64ms
63ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Apr 2022 19:58:50 GMT

GET
H/1.1 200
OK dnb_coretag_v5.min.js Show response
cdn-0.d41.co/tags/ 74 KB
75 KB 10ms
7ms Script
application/javascript 18.66.122.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.d41.co/tags/dnb_coretag_v5.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N62V977
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-85.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cc0b251ec54fdd5cd55d98cbe7a7af00bd34f9cfd71fd01ca08c83121c89720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 19:29:20 GMT
Via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
Last-Modified: Thu, 18 Nov 2021 14:57:39 GMT
Server: AmazonS3
Age: 179
ETag: "13bc1e6c74c25b3098a3b54b58b70b3c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
Content-Length: 76038
X-Amz-Cf-Id: vsnrZj42nreIeT10nVGsWKlJ7zI24f3-me4R21SkWif_4SUHbjcecw==

GET
H/1.1 200
OK api Show response
api2963.d41.co/ 55 B
609 B 113ms
111ms Fetch
application/json 54.82.204.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api2963.d41.co/api?req=api2963&form=json&p1=www.bottomline.com&p2=_2Fus_2Fresources_2Finsider-fraud-banks-post-covid-threat-landscape&p3=

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.204.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-204-65.compute-1.amazonaws.com

Software

Resource Hash

24937d7140dbec8f50327bcb6e1cd2c815ddb0b4831ab59b8253ea6838aa8a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 19:32:16 GMT
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/json
access-control-allow-origin: https://www.bottomline.com
Cache-control: no-store
access-control-allow-credentials: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 55
X-XSS-Protection: 1; mode=block

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 90ms
44ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19605027-4&cid=1699349294.1649100735&jid=1807925592&gjid=2119143348&_gid=893360.1649100735&_u=aCDAgEAjQAAAAE~&z=1886917323

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Apr 2022 19:32:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.bottomline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 58ms
57ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1598554301&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&dr=&ul=en-us&de=UTF-8&dt=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjQ~&jid=1807925592&gjid=2119143348&cid=1699349294.1649100735&tid=UA-19605027-4&_gid=893360.1649100735&gtm=2wg3u0N62V977&cg3=Enterprises%20%7C%20White%20paper&z=1414710203

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 17:31:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7246
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core.js Show response
tools.luckyorange.com/core/ Frame 493B 202 KB
61 KB 29ms
8ms Script
application/javascript 2600:9000:2490:1a00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/core.js?v=09df4dc
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=cb2e97df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1a00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8fd746409a426b94cf372b74e68d7a8db57678a12340b58854439f4c980e0e91

Request headers

Referer
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:00:06 GMT
content-encoding: gzip
age: 16331
x-cache: Hit from cloudfront
content-length: 61596
access-control-allow-origin: *
last-modified: Thu, 31 Mar 2022 17:02:09 GMT
server: AmazonS3
etag: "33ec46a231dc33caae01d09c46ea8289"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: -QHd81LqjgltiaxDqjBwCjrQ7_QldhvvqmqJ-_bWCs_TNAjjDDj5Rg==

GET
H2 200 forms2.css
app-ab06.marketo.com/js/forms2/css/ 13 KB
3 KB 39ms
38ms Stylesheet
text/css 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab06.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-ab06.marketo.com
URL: https://app-ab06.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4231
vary: Accept-Encoding
content-length: 2623
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
etag: "460aa0-3437-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6f6c7810bbee9196-FRA
expires: Mon, 04 Apr 2022 23:32:16 GMT

GET
H2 200 forms2-theme-simple.css
app-ab06.marketo.com/js/forms2/css/ 826 B
339 B 137ms
135ms Stylesheet
text/css 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab06.marketo.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: app-ab06.marketo.com
URL: https://app-ab06.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 242
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
etag: "5413a9-33a-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6f6c7810bbf19196-FRA
expires: Mon, 04 Apr 2022 23:32:16 GMT

GET
H2 200 main.js Show response
tools.luckyorange.com/integrations/integration-google-analytics/core/ Frame 493B 9 KB
4 KB 12ms
10ms Script
application/javascript 2600:9000:2490:1a00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/integrations/integration-google-analytics/core/main.js
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=09df4dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1a00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58d23165b7c2d48e79fdce04d21286450a744fcbb7f046af0403c915edeabb42

Request headers

Referer
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:14:48 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 21:01:42 GMT
server: AmazonS3
age: 1048
etag: W/"162eb9c6e991a0e1ffc2dc808e0b17eb"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: q1CohxdP5FR0YR9xxMgRnSRVe1l0qeAGHmnE2WF6oyElyjIm7sCLQQ==
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame BA52 56 KB
18 KB 13ms
10ms Script
application/javascript 2600:9000:2490:1a00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=09df4dc
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=09df4dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1a00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 483d48d52e9c2099f1347609a75810acbee2faea45a888a334e2d156f26b74cb

Request headers

Referer
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:06:47 GMT
content-encoding: gzip
age: 1530
x-cache: Hit from cloudfront
content-length: 17990
access-control-allow-origin: *
last-modified: Thu, 31 Mar 2022 17:02:08 GMT
server: AmazonS3
etag: "d187c5fcffefc713d1bd1d063d5e2e66"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: 6ZC7WvLAfnwVispOqxkS89jm4cIk8ETnn72GzptmEqKHQENO1_k3qw==

GET frame.js
tools.luckyorange.com/core/ Frame 3D13 0
0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 169ms
100ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19605027-4&cid=1699349294.1649100735&jid=1807925592&_u=aCDAgEAjQAAAAE~&z=11151133

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 93ms
93ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19605027-4&cid=1699349294.1649100735&jid=1807925592&_u=aCDAgEAjQAAAAE~&z=11151133

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 3D13 70 B
260 B 36ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=hags91v&ct=0:ei4lk5t&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/hags91v/ei4lk5t/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 downarrow.svg
www.bottomline.com/application/themes/rawnet/app/images/interface/ 148 B
835 B 106ms
105ms Image
image/svg+xml 54.234.2.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bottomline.com/application/themes/rawnet/app/images/interface/downarrow.svg

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/application/themes/rawnet/app/stylesheets/application.css?v=20220404150024

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.234.2.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-2-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

db3ac234d9794b80ae382c7bae640f788ebc790df0238784c0744201b985095d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/application/themes/rawnet/app/stylesheets/application.css?v=20220404150024
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:16 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 14:57:33 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
content-security-policy: frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: none
content-length: 140
x-content-type-options: nosniff
expires: Tue, 04 Apr 2023 19:32:16 GMT

GET
H/1.1 204
No Content / Show response
vff2963.d41.co/sync/ 0
520 B 442ms
108ms Script
text/plain 34.234.238.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vff2963.d41.co/sync/

Requested by

Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/ff-2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.238.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-238-86.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 19:32:16 GMT
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
access-control-allow-origin: https://www.bottomline.com
Cache-Control: no-cache, no-store
access-control-allow-credentials: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dnb_coretag_v4.min.js Show response
cdn-0.d41.co/tags/ 74 KB
75 KB 7ms
7ms Script
application/javascript 18.66.122.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.d41.co/tags/dnb_coretag_v4.min.js
Requested by: Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/ff-2.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-85.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52c766d175703482411d165b1339220aac1167e3315b792928eb51de6d6b3183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 19:28:30 GMT
Via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
Last-Modified: Thu, 18 Nov 2021 14:57:32 GMT
Server: AmazonS3
Age: 227
ETag: "c5b0d60b7c887bcae6d8897835a15d14"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
Content-Length: 76079
X-Amz-Cf-Id: uIpUTnQlE70KrS1j92r654HRwfG97SXxwSr9MVlmlUJ89817WLkdlw==

GET
H2 200 XDFrame Show response
app-ab06.marketo.com/index.php/form/ Frame B857 2 KB
862 B 129ms
124ms Document
text/html 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab06.marketo.com/index.php/form/XDFrame

Requested by

Host: app-ab06.marketo.com
URL: https://app-ab06.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d96ea65724ef8698cfd2581855c430a4d3d6b890511f2aa094be8a2f777683b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 6f6c781319009196-FRA
content-encoding: gzip
content-length: 653
content-type: text/html; charset=utf-8
date: Mon, 04 Apr 2022 19:32:16 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=63113904
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 4175 56 KB
18 KB 16ms
11ms Script
application/javascript 2600:9000:2490:1a00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=09df4dc
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=09df4dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1a00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 483d48d52e9c2099f1347609a75810acbee2faea45a888a334e2d156f26b74cb

Request headers

Referer
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:06:47 GMT
content-encoding: gzip
age: 1530
x-cache: Hit from cloudfront
content-length: 17990
access-control-allow-origin: *
last-modified: Thu, 31 Mar 2022 17:02:08 GMT
server: AmazonS3
etag: "d187c5fcffefc713d1bd1d063d5e2e66"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: 30VZrUuuTahbYg1s7VY-Ru6rQMTPqUqN_AOLJjApAs5D_lRh2Jxlqg==

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame B857 56 KB
18 KB 13ms
11ms Script
application/javascript 2600:9000:2490:1a00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=09df4dc
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=09df4dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1a00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 483d48d52e9c2099f1347609a75810acbee2faea45a888a334e2d156f26b74cb

Request headers

Referer
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:06:47 GMT
content-encoding: gzip
age: 1530
x-cache: Hit from cloudfront
content-length: 17990
access-control-allow-origin: *
last-modified: Thu, 31 Mar 2022 17:02:08 GMT
server: AmazonS3
etag: "d187c5fcffefc713d1bd1d063d5e2e66"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: 5yXw7L9x2BpLosoWFtnS2Ox7Q23b0-X0OamT1jBKqx4yMXvM-wRvyg==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4175 0
17 B 33ms
17ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://www.bottomline.com
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.bottomline.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 19:32:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK c2eeafb9-7fff-40a4-beeb-25dd5952a041 Show response
api.idio.co/1.0/recommendations/ 25 B
259 B 159ms
159ms Script
application/javascript 52.72.101.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.idio.co/1.0/recommendations/c2eeafb9-7fff-40a4-beeb-25dd5952a041?pending=false&_method=patch&key=GIZTCTX8ABJJZG62XW87
Requested by: Host: s.idio.co
URL: https://s.idio.co/ip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.101.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-101-102.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4f0174da434c9da57c0541730ddbc365915ba5e0290128ed9c1854fdd7eb4344

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 19:32:16 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 45
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf8

GET
H2 200 BT_security_fraud__risk-156.png
d2eu0qnja3p3n3.cloudfront.net/50x65/4215/7952/1331/ 835 B
1 KB 13ms
10ms Image
image/png 2600:9000:2251:ac00:4:6246:6bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2eu0qnja3p3n3.cloudfront.net/50x65/4215/7952/1331/BT_security_fraud__risk-156.png
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:ac00:4:6246:6bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70e67e7659a0cfb92c097aa7f9a5891c8e069040d22152fdb3d5fed0386fad75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 10:34:40 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jun 2020 10:36:30 GMT
server: AmazonS3
age: 896257
etag: "7b73570648221f35d58c3262ee1329bf"
x-cache: Hit from cloudfront
x-amz-version-id: nAXlTWNxT9ei8jfdVFzr9E86kHVJPDR7
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P3
content-type: image/png
content-length: 835
x-amz-cf-id: TzHZ87zbZEaZKjd7Lsh9xFNgl2U2IHrPFKA0epMA4flaXFKqG-4Ixw==

GET
H2 200 cH
i.idio.co/bottomline/ 2 KB
2 KB 53ms
18ms Image
image/png 13.32.121.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.idio.co/bottomline/cH?h=50&w=50

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-63.fra60.r.cloudfront.net

Software

imgix /

Resource Hash

fb09aacd7db73d06629cb73829b92394ec508d5c038a3a714b8c57c42aa8b6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 10:12:38 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 634591
x-cache: Hit from cloudfront
x-imgix-id: c26e5bcf7e648b169cebe4eca9ad273d4692dba1
content-length: 1950
x-served-by: cache-sjc10083-SJC, cache-fra19139-FRA
last-modified: Mon, 28 Mar 2022 11:15:45 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: E3AP1e6vybLTw2YthFU5-BOz9OFudu89mKXXFBKne8N-dJzvlj8oIg==
cross-origin-resource-policy: cross-origin

GET
H2 200 forms2.min.js Show response
app-ab06.marketo.com/js/forms2/js/ Frame B857 205 KB
68 KB 33ms
32ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab06.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: app-ab06.marketo.com
URL: https://app-ab06.marketo.com/index.php/form/XDFrame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app-ab06.marketo.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
age: 4455
etag: "460aa9-3326e-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6f6c7813faaf9196-FRA
vary: Accept-Encoding
expires: Mon, 04 Apr 2022 23:32:16 GMT

GET
H/1.1 200
OK api Show response
vff2963.d41.co/ 55 B
609 B 111ms
111ms Fetch
application/json 34.234.238.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vff2963.d41.co/api?req=vff2963&form=json

Requested by

Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.238.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-238-86.compute-1.amazonaws.com

Software

Resource Hash

24937d7140dbec8f50327bcb6e1cd2c815ddb0b4831ab59b8253ea6838aa8a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Apr 2022 19:32:16 GMT
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/json
access-control-allow-origin: https://www.bottomline.com
Cache-control: no-store
access-control-allow-credentials: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 55
X-XSS-Protection: 1; mode=block

GET
H2 200 core Show response
js.driftt.com/ Frame 2EC6 2 KB
1 KB 122ms
122ms Document
text/html 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1649100900000/54uv9fyxt7ee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c962b520ba17da76a4f38cdfbf1d0142af677566323ac9b263f161eaf6f5425e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 04 Apr 2022 19:32:16 GMT
etag: W/"dc025b2f2a02d66401983e7c39896e99"
last-modified: Mon, 04 Apr 2022 17:33:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-id: opZPSoIfdZTqHuz9sfwMtdjQ0RS5ncpyvJQ_KI_8mry5PyOxRb5WrQ==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: KPhN9JFm5WdbXoOU6rn6iKKaBZBWD.6b
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 391E 2 KB
1 KB 120ms
119ms Document
text/html 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1649100900000/54uv9fyxt7ee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c962b520ba17da76a4f38cdfbf1d0142af677566323ac9b263f161eaf6f5425e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 04 Apr 2022 19:32:16 GMT
etag: W/"dc025b2f2a02d66401983e7c39896e99"
last-modified: Mon, 04 Apr 2022 17:33:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-id: HjUDpzUkjoTCtLEqpXz-I6mbtjs9_TLxlZAYuHwXaKCL2ZzjCeoLrQ==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: KPhN9JFm5WdbXoOU6rn6iKKaBZBWD.6b
x-cache: RefreshHit from cloudfront

GET
H2 200 core-c.js Show response
sleeknotestaticcontent.sleeknote.com/ 3 KB
2 KB 44ms
6ms Script
application/javascript 13.32.99.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/core-c.js
Requested by: Host: sleeknotecustomerscripts.sleeknote.com
URL: https://sleeknotecustomerscripts.sleeknote.com/39713.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1096d12cbd4a7b08e6c4770e16bf80428c411c61c51ef35f2d7860af68564d13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:05:06 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 14:04:51 GMT
server: AmazonS3
age: 19631
etag: W/"be83d226446c7bd8d73711276453ea91"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: VvXHB80N9bDno8tnqn5tcIST8M5qM8X1
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA60-P3
content-type: application/javascript
x-amz-cf-id: QJl54aXL1KUXipvMeGmg28EBhKUgmzVGqKSGFqpnwgLLfwJQ1iVDzw==

GET
H/1.1 200
OK pd.js Show response
www1.bottomline.com/ 5 KB
2 KB 518ms
106ms Script
application/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.bottomline.com/pd.js
Requested by: Host: www.bottomline.com
URL: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-3-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:17 GMT
content-encoding: gzip
X-Pardot-Route: 07c6fec365d81c66b16ef70448a47c0a
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
last-modified: Mon, 04 Apr 2022 05:15:25 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=63072000
accept-ranges: bytes
content-length: 1950
expires: Wed, 03 Apr 2024 19:32:17 GMT

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 2EC6 56 KB
18 KB 15ms
12ms Script
application/javascript 2600:9000:2490:1a00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=09df4dc
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=09df4dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1a00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 483d48d52e9c2099f1347609a75810acbee2faea45a888a334e2d156f26b74cb

Request headers

Referer
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:06:47 GMT
content-encoding: gzip
age: 1530
x-cache: Hit from cloudfront
content-length: 17990
access-control-allow-origin: *
last-modified: Thu, 31 Mar 2022 17:02:08 GMT
server: AmazonS3
etag: "d187c5fcffefc713d1bd1d063d5e2e66"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: W7rZBVNpv2vzwZLtp-DW6k5A69ojjHjTK2996IGup5vb22jka70Q1w==

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 391E 56 KB
18 KB 14ms
13ms Script
application/javascript 2600:9000:2490:1a00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=09df4dc
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=09df4dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1a00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 483d48d52e9c2099f1347609a75810acbee2faea45a888a334e2d156f26b74cb

Request headers

Referer
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:06:47 GMT
content-encoding: gzip
age: 1530
x-cache: Hit from cloudfront
content-length: 17990
access-control-allow-origin: *
last-modified: Thu, 31 Mar 2022 17:02:08 GMT
server: AmazonS3
etag: "d187c5fcffefc713d1bd1d063d5e2e66"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: RhlU78rAFkiHTHCwCd6W1DFnY-7W61QtDkkYBAc_gVq_9YL2vBU19g==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 70ms
70ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1598554301&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&ul=en-us&de=UTF-8&dt=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Scroll&ea=Page%3A%20https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&el=Scroll%3A%2025%25&_u=aCDAAEAjQAAAAG~&jid=954069880&gjid=137146818&cid=1699349294.1649100735&tid=UA-19605027-4&_gid=893360.1649100735&_r=1&gtm=2wg3u0N62V977&z=1753470849

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bottomline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 package-core-boot.js Show response
sleeknotestaticcontent.sleeknote.com/c/ 113 KB
36 KB 35ms
35ms Script
application/javascript 13.32.99.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/c/package-core-boot.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core-c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 518e2830b9db022e36591ad492a5424318d67a95ba36b4127ff294d1c4a42f97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: O9LvVYwM7ROdLRKMFmBCJ0stxZ4aEec.
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 14:04:49 GMT
server: AmazonS3
age: 57
etag: W/"207260466f8c7e38b01a83ad0d0cf817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
cache-control: no-cache
date: Mon, 04 Apr 2022 19:31:27 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: AVhikBv_85vNplDYiCgdy7zWhfyiNn7BkKN-zsAdKD5SFvdqorHiqA==

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 1D5B 56 KB
18 KB 18ms
17ms Script
application/javascript 2600:9000:2490:1a00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=09df4dc
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=09df4dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1a00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 483d48d52e9c2099f1347609a75810acbee2faea45a888a334e2d156f26b74cb

Request headers

Referer
Origin: https://www.bottomline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:06:47 GMT
content-encoding: gzip
age: 1530
x-cache: Hit from cloudfront
content-length: 17990
access-control-allow-origin: *
last-modified: Thu, 31 Mar 2022 17:02:08 GMT
server: AmazonS3
etag: "d187c5fcffefc713d1bd1d063d5e2e66"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: IsSL9pMzBTfM1XL7cSEm1F2A2F0MvPMol19DM5Lf0JFMJ0j6ty71YQ==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 42ms
38ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19605027-4&cid=1699349294.1649100735&jid=954069880&gjid=137146818&_gid=893360.1649100735&_u=aCDAAEAjQAAAAG~&z=325373767

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Apr 2022 19:32:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.bottomline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init Show response
ff.d41.co/v1/ 12 B
788 B 226ms
156ms XHR
application/json 23.36.163.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ff.d41.co/v1/init?v=

Requested by

Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/ff-2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

2e5c7b92a4f464afb283fa11dc41795db507c51f36a0b6d23cbf40bdc2d67afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:17 GMT
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1
cache-control: no-cache, no-store, max-age=0
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
expires: 0

GET
H2 200 split-tests.js Show response
sleeknotestaticcontent.sleeknote.com/c/ 4 KB
2 KB 12ms
6ms Script
application/javascript 13.32.99.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/c/split-tests.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core-c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d39b1c963678e3bd5fc2de395b0a8694d304d8181392272e61dd0a175478a060

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: zgstNit6PhfEgMzvFzDrlZZ4wDClBnZs
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 14:04:50 GMT
server: AmazonS3
age: 10
etag: W/"ca051da7eaaf3f2ff6da2950a273187e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
cache-control: no-cache
date: Mon, 04 Apr 2022 19:32:11 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: H8KGSwpBvOYXFnyM9Eu7-Sh3r3ERWMAdVyKS7IjSDy9HokE7WD8Fug==

GET
H2 200 runtime~main.973ee101.js Show response
js.driftt.com/core/assets/js/ Frame 391E 6 KB
3 KB 10ms
7ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

7c66748a9c4ec1a5a9b8ce81b903dc60fc0f33e955ecd6b127abd80fbb7085a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:33:42 GMT
content-encoding: gzip
age: 7115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 17:20:13 GMT
server: nginx
etag: W/"bd5906f53766307872f0235f74299b7c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OpfCYQYfMAd13qNBZfHWtyJDEMieL8Df
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4BQ_DDrE3CTXe3mkuvLNKzWQyppuQlQmOyD4NLdGwzze1ZLVcXB-rg==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 58 KB
20 KB 10ms
6ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 00:15:05 GMT
content-encoding: gzip
age: 6463032
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: P_j_K9jDbxJyM90WDdS2X.rONeS2gHZN
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zv7Dqx6Zq1tgxrsIqCUXnlKJbWxraOR7_zgXGX6BeTuSQ2fIibhSLQ==

GET
H2 200 main~493df0b3.590f1a1c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 6 KB
3 KB 10ms
7ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.590f1a1c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ed84d9abf30b626f827d00e91ba265c59a8d644bc6994c75181e36857d286f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 1833836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:24 GMT
server: nginx
etag: W/"56b1fdbf9f4fceaf79dbb7f1e085c35f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .VbPHImM8_ns5xOgvCbvXJ2d13mU5n0l
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q-ZJta8kYN7anLr7_ch916k9G27pUMdkZDsv-8rIi1AI7CseucZZDw==

GET
H2 200 runtime~main.973ee101.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 6 KB
3 KB 11ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

7c66748a9c4ec1a5a9b8ce81b903dc60fc0f33e955ecd6b127abd80fbb7085a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:33:42 GMT
content-encoding: gzip
age: 7115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 17:20:13 GMT
server: nginx
etag: W/"bd5906f53766307872f0235f74299b7c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OpfCYQYfMAd13qNBZfHWtyJDEMieL8Df
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9nwVRYv6pMQE1tS8uA3qoYC0x7i4UDs9ryFHuuIoRHEnmzkF5ps67A==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 58 KB
20 KB 10ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 00:15:05 GMT
content-encoding: gzip
age: 6463032
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: P_j_K9jDbxJyM90WDdS2X.rONeS2gHZN
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hhYysT5G1u-BkVjTzcCUNq9nJG6oQMdzKoKdrjkNT-ggxD79ZpwojA==

GET
H2 200 main~493df0b3.590f1a1c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 6 KB
3 KB 13ms
11ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.590f1a1c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ed84d9abf30b626f827d00e91ba265c59a8d644bc6994c75181e36857d286f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 1833836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:24 GMT
server: nginx
etag: W/"56b1fdbf9f4fceaf79dbb7f1e085c35f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .VbPHImM8_ns5xOgvCbvXJ2d13mU5n0l
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _1NX1wQaMvlYSQZEYaKe8YHHqN6kLpt4EOJmk0oN1biZl9wi4e4zoQ==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 101ms
99ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19605027-4&cid=1699349294.1649100735&jid=954069880&_u=aCDAAEAjQAAAAG~&z=84671036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 101ms
100ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19605027-4&cid=1699349294.1649100735&jid=954069880&_u=aCDAAEAjQAAAAG~&z=84671036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 package-tracker.js Show response
sleeknotestaticcontent.sleeknote.com/c/ 12 KB
5 KB 8ms
8ms Script
application/javascript 13.32.99.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/c/package-tracker.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core-c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc33f4d973d22040befe531530957e027f079e88ef121405d20c525cb8461ac3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: gwdDEeRAU.ayPVlVIlay4gyZ_.z2sQnZ
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 14:04:50 GMT
server: AmazonS3
age: 58
etag: W/"b15270dc7d42ae3593ed3850a2a609a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
cache-control: no-cache
date: Mon, 04 Apr 2022 19:31:28 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: zAxp_HXE5XAMGen14FlmiPXFdqODwXnUiQoN01n_NjG97Hy5Ogk8sQ==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 47 KB
14 KB 8ms
7ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 1833836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zBmoh2tQAT_vfEDC2Fd97hmCr0r_AZnb
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2yz7yGYZZXohyjT6QvU-lnuAj3ujfb8GcfQYkUjd4x6IXzKToi03hw==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 44 KB
13 KB 9ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CKHDkz2xmRwhXMUGsuw7GIZFUxHJ4T9tPQGH094MDOTu51mh7QPUMQ==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 25 KB
8 KB 10ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9tWw3Jn-fA5SjNW2q-zk9Ov6vBYm49zdv4uOZX0XIDAztsJAVC1kJw==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 16 KB
5 KB 10ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7789115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9xc01RrETDSup6wvh7Dgy0BJ85KSk_UIXSaF3j_HSrBKZDN_QMTD-Q==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 72 KB
22 KB 12ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:43 GMT
content-encoding: gzip
age: 7789114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sFGNFeQhGMbAMrdVt4PXliu-HVce6kjrciz6DnLoSD3tcdB296gn3g==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 16 KB
6 KB 12ms
10ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 73J1mckYz6K2lgSy9KY_VLmiaIwu207uS-6Q7cYeBvnlxwDcgTx4Mw==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 59 KB
19 KB 13ms
11ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 8446754
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OvQtVKqO553qPTBk5PumVHmcmZT9jyO2jb_BTfDBjZPAcM-E71GHgA==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 91 KB
28 KB 18ms
17ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QHcjm-hAkDgOKHOihqoLHhMhSr5qssalb01qfm5rML6ialrZpWnkww==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 24 KB
7 KB 22ms
20ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 6545809
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:33 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qO3a.NcOI1oBDRBABVLWfFTMfjEE__CA
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UktPEfbXD5-AfttNIm65_RBbRfpU2FkvqAKuzWbQy7Mb08fa0XjsvQ==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 62 KB
20 KB 23ms
21ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BfVYPQtTGs_-pE3W2zpJHTagwe0iy9-eWt-j4yPIz1txK9-O6CoTcg==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 105 KB
34 KB 24ms
22ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 1833836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: x3rSxj7JZVbdd2BnNrxQR_ngKfchLMH4
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qZPcx1CXmGG8BWiyKrKA4KiCMUEZbw8RpZDF6kenNoOHa9YkJXMqew==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 12 KB
4 KB 27ms
24ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 6545809
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 123ec01tvkGnjrPsnvwWzlXkBB9QJfPb
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KCVdPupJn_S_i4FLv62uFIzozLTl0OdKvOywyh7xd9Bp2z-DFmWfwg==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 12 KB
5 KB 27ms
24ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dGDopPwQWK9MmTbySUTcC6UchxwJeFw7wxVEOvOT_U-Ku-PT7abjpA==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 17 KB
7 KB 28ms
25ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7A-dZDx_h4T0MxWetFTYULd2WLQMB6m2Gz8dhoxCQ5KBzOZrTimk8g==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 391E 11 KB
3 KB 28ms
25ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rFls0DbNkrhxzASfs94YYq6wIOqJEmbsYDvosczck2juipZPzJVu8Q==

GET
H2 200 8.dff1772e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 70 KB
22 KB 31ms
28ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.dff1772e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9c95b9cb9c1837ed5e0575784d1843bd56007c3b697380440a1e7aa7a108c767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 19:03:09 GMT
content-encoding: gzip
age: 260948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 18:31:24 GMT
server: nginx
etag: W/"d7c7c593bd6b1bc01f5b1be97f24d4cd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gNbA3RYm3LHWJd1VZE8ZjXEuEJLeMigc
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kStGisH5KZu73PJbFNvAiUmXNjF7tp53SGuBzEG06lm4Mt4uZFbY_Q==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 391E 24 B
666 B 30ms
27ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dQnwri2Zp3Li7AyZlwruGGxkVeSt6whJtYdVlnmEx-7qpLDyp21plw==

GET
H2 200 15.78f0dcc0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 75 KB
19 KB 30ms
28ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.78f0dcc0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e4cc79944b238c5f144d21312d00500fefe5c417f60a772c8d24b72f7f39403b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:37:08 GMT
content-encoding: gzip
age: 21309
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 13:32:13 GMT
server: nginx
etag: W/"f9398455cfeacc19f27d719b40aae603"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HAbyiUhLAGngfCFwgi_s791Is934cNuN
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gmDY3y9uFMCU0Ovsjs9r9EhhHtO4HXvn3dml34_2JBa8F1M3UXv9-g==

GET
H2 200 22.f9842666.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 47 KB
13 KB 36ms
34ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.f9842666.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8a8c0fa1249037db5fc3c80ae9925bb0b1187ac5ad0416a2f984d576f64cb917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:35:21 GMT
content-encoding: gzip
age: 1735016
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 14:29:25 GMT
server: nginx
etag: W/"84aab2b92fbe097cc233d28cfcd07e34"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qu.tZP1dAb8G86QkRQ86fcMrVoZpSglm
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LZQ6YnfxwWPmLHYvRvBjoWQTnbWuCnmB9RlFLyjnbsLuqOGzy2xKoA==

GET
H2 200 13.bdd51afd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 41 KB
13 KB 38ms
36ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.bdd51afd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

89c1e33fd438566caa3c64829677630e11c7e1e69bfd0157b7f3adaf47c5a088

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:33:42 GMT
content-encoding: gzip
age: 7115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 17:20:10 GMT
server: nginx
etag: W/"dabb668a19331983eee660bee802ac7c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _0nY6T3RGZcGOjEDmiOHsSHnEAzaisT9
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E36VUSQJLGsQbBQAAAvomayq9bEMPKwRyD9Ssby2gCAXGEJJyqkS5A==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 47 KB
14 KB 33ms
13ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 1833836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zBmoh2tQAT_vfEDC2Fd97hmCr0r_AZnb
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: drn7IvSyTAYMHt7lnSq26Dr3kKYaN4QSCXFsULeYT2ALztWmHYSpPw==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 44 KB
13 KB 34ms
13ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ugvv7OHjQSKRJMEpZX5xrOGCbqgykDFmTyfis_mnAT-lrn_u89Os8A==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 25 KB
8 KB 34ms
14ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zoPPT-vlJC3TeLoWDnzfP72HUfZ8UzdUl2fM4AU9b47DQ4_5NEHgDA==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 16 KB
5 KB 35ms
15ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7789115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tnksUrYI1ULlaa6I0O6ddgNj8YIwBGbDSlLo_POKzD1BQH-Au8TVYA==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 72 KB
22 KB 35ms
16ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:43 GMT
content-encoding: gzip
age: 7789114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qk6SH-fRI2lS-LQc2p6KzDWD9Y2wz-2Cr9QqVBF-sBo8o8xmUwPsaQ==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 16 KB
6 KB 41ms
21ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8VKpeuehl6dduzN7g9HIG0-qHvq26FaMz2L68qnJaQnlFrCZ4vaGmQ==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 59 KB
19 KB 42ms
23ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 8446754
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 07yfYVK2IP7dEnqqSIS-DX8kn2kaztrjNtQZDYibf5RJBU7HoLOdUQ==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 91 KB
28 KB 45ms
26ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1iEPl87u4TjWsux4gimYLKfmf8jStBUXl-eHTMFn8Ez18idf_QQjbQ==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 24 KB
7 KB 46ms
27ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 6545809
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:33 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qO3a.NcOI1oBDRBABVLWfFTMfjEE__CA
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Kj2BxtuyfyA8H_zD94ap0CvCRXM_rAqpGouztIdfE_yk99oukYnlWQ==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 62 KB
20 KB 47ms
28ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UvZNUJ4O-_deKqFTEU2rlDBiCjoGYWPnJZDBcGNyruTSOejrpDnANg==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 105 KB
34 KB 51ms
32ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 1833836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: x3rSxj7JZVbdd2BnNrxQR_ngKfchLMH4
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -6IWOi8-iHv6ELSr--mGvoeutZnIJNpy9ByiR04dD7I00seW2B4MBg==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 12 KB
4 KB 52ms
27ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 6545809
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 123ec01tvkGnjrPsnvwWzlXkBB9QJfPb
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: phwTeYrfwWz7IpZpV-z6gCzemcaS62KGixa4JcjkN6FgchIEvBy0gA==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 12 KB
5 KB 53ms
28ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mBjJErK-a-GbGAHMNKjCMp3PzFcsouA_ptKQL9C17QOIzGfS4OG-9w==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 17 KB
7 KB 54ms
29ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T1NXdJoTkckDLSjoOKOe3MYAFOVusdoaIIr0Yp7MPHZcsQVyXMh0Fg==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 2EC6 11 KB
3 KB 50ms
25ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mJzIX73NkZCXzXaTX_aFSMeURlJN7rP0iPmmedUFFlNVOdQWbrjlRA==

GET
H2 200 8.dff1772e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 70 KB
22 KB 54ms
30ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.dff1772e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9c95b9cb9c1837ed5e0575784d1843bd56007c3b697380440a1e7aa7a108c767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 19:03:09 GMT
content-encoding: gzip
age: 260948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 18:31:24 GMT
server: nginx
etag: W/"d7c7c593bd6b1bc01f5b1be97f24d4cd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gNbA3RYm3LHWJd1VZE8ZjXEuEJLeMigc
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GXRzHWeXxim5AJDIBJLD8wPULeh6Ptrnn_hZ1MvS6HrTleT1JRgANg==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 2EC6 24 B
666 B 51ms
26ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
age: 7789116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _9QS7zpmFaZnShSctcDl05LizTm617hjiBmYpRqSLQdpOgP-uWJ9Eg==

GET
H2 200 15.78f0dcc0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 75 KB
19 KB 59ms
34ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.78f0dcc0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e4cc79944b238c5f144d21312d00500fefe5c417f60a772c8d24b72f7f39403b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:37:08 GMT
content-encoding: gzip
age: 21309
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 13:32:13 GMT
server: nginx
etag: W/"f9398455cfeacc19f27d719b40aae603"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HAbyiUhLAGngfCFwgi_s791Is934cNuN
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6UDEqTqL-mMk63V85vOvPGrJqo0e9Wi5KNXkQb2JcKinsOKrrQCVCA==

GET
H2 200 22.f9842666.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 47 KB
13 KB 60ms
36ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.f9842666.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8a8c0fa1249037db5fc3c80ae9925bb0b1187ac5ad0416a2f984d576f64cb917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:35:21 GMT
content-encoding: gzip
age: 1735016
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 14:29:25 GMT
server: nginx
etag: W/"84aab2b92fbe097cc233d28cfcd07e34"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qu.tZP1dAb8G86QkRQ86fcMrVoZpSglm
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oj8MGn1KHgmR6yItekbiCFu5kNAxSLI5wM2tPzbMtpjlRO5Mz_r_nQ==

GET
H2 200 13.bdd51afd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 41 KB
13 KB 68ms
44ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.bdd51afd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

89c1e33fd438566caa3c64829677630e11c7e1e69bfd0157b7f3adaf47c5a088

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:33:42 GMT
content-encoding: gzip
age: 7115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 17:20:10 GMT
server: nginx
etag: W/"dabb668a19331983eee660bee802ac7c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _0nY6T3RGZcGOjEDmiOHsSHnEAzaisT9
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6RX7AAkPKFGs_BgdJSl6t9v1wNBKgojV6XiQOW9HiDU9w-TM_lX2jg==

GET
H2 200 /
analytics.sleeknote.com/ 35 B
229 B 88ms
32ms Image
image/gif 216.239.34.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.sleeknote.com/?v8=2_pageview&v0=f4286a97dbbaec4d5a0c3f943d6e1bcd&v3=2022-04-04T19%3A32%3A16Z&v6=2022-04-04T19%3A32%3A16Z&v20=true&v25=true&v27=0&s4=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&s9=https%3A&s11=%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&s12=&s13=&s2=Bottomline+%7C+Insider+Fraud+In+Banks+-+The+Post-Covid+Threat+Landscape&c1=&s7=en-US&v5=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.60+Safari%2F537.36&v22=chrome&v23=100&v24=windows&v26=desktop&v21=e1d7f65f-c8cf-4887-b780-80ee9a2a1709&s1=39713&s3=www.bottomline.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2215.1e100.net

Software

/ Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:17 GMT
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 35
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 391E 3 KB
1 KB 10ms
9ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7789115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u5jls1rsjTMRW03RSXYJxMQTbD86EmFF
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lWIsaWCoJRanzp0KptVjKPQ1ltiL5aMn_b84HaF9Opxl2PHXT5YamQ==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 3 KB
2 KB 10ms
10ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:05:36 GMT
content-encoding: gzip
age: 6391601
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 18:53:54 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9pIhc0wyy2uFZp3UiIdf1ZYNnPQh9D45
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1vEjRTL2550aZwdETTJ_EY7ZWokyP2KEP2ZQ7dV1Ng3Pqk4A-bEpSQ==

GET
BLOB 200
OK 397d1602-d64b-4893-bd7c-195f21c1edec
https://www.bottomline.com/ Frame 493B 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bottomline.com/397d1602-d64b-4893-bd7c-195f21c1edec
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 0

GET
BLOB 200
OK 9cb4a595-c2c1-48fe-800a-e9ef279ec3b6
https://www.bottomline.com/ Frame 493B 22 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bottomline.com/9cb4a595-c2c1-48fe-800a-e9ef279ec3b6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa08c6950c457a969f6339da91c3228b327d7e20089ffe4d10ed9427b953f3a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 22873

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 9 KB
3 KB 9ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7789115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oH9HFqX_Uu8r1rZd0BB19S5X7qIJDYX5VUTBuM4yLOeG8NMf3xgAzw==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 33 KB
10 KB 14ms
12ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7789115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LcjepTSdTIP3TYamt9S6TQ4IzFvRquuU
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uIvz3moHmGDn2g6sKhhsKMUFVtxztfCsocttPvcaL447FYpB8D6FaQ==

GET
H2 200 25.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame 2EC6 8 KB
2 KB 16ms
13ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:12:42 GMT
content-encoding: gzip
age: 2762375
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Mar 2022 19:35:45 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nIQWP_TNHXf6VKMh1KLKq0CMzjnrVBjf
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eMK4jWp1-IU6lT6k3mIbeyNmI9uyFeKOInp4LnBiRyduiCjPPXpiDw==

GET
H2 200 25.13d11617.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 12 KB
5 KB 16ms
13ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.13d11617.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9e92f9ea0db38a6487f6588e962ed6a06e478237173eca4d0e45b8fe7b86112a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:35:22 GMT
content-encoding: gzip
age: 1735015
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 14:29:25 GMT
server: nginx
etag: W/"7cedab80631abf72e0de1939789e9982"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: o7tckVqeYvUaD8_hBcoukPgLK9HumXku
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: e0nLiuxLIHT0EuSCZya5TWfOBevGSPv9q50_XOBDrM7DqfHrChdnjA==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 2EC6 365 B
1008 B 17ms
14ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
age: 7789115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eDSgTpssczGDn2812OLuvvF.eUpzKWka
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Mi7kQKoaUj5-GG-G3z1c_AaN5JoJDbtKUMYXUCzXxgS5LqS--hS8SQ==

GET
H2 200 19.cbd00f6b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2EC6 85 KB
24 KB 15ms
14ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.cbd00f6b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

7fac9a43ab09cf21eafe26af20439d52313fa761cf6100c10ef950a6af22f7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=54uv9fyxt7ee&region=US&forceShow=false&skipCampaigns=false&sessionId=7634e7cc-31e7-4165-948c-51d4827932aa&sessionStarted=1649100736.178&campaignRefreshToken=415bd51f-1f4b-465c-9cb5-46eafe053ce1&hideController=false&pageLoadStartTime=1649100733639&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:35:22 GMT
content-encoding: gzip
age: 1735015
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 14:29:25 GMT
server: nginx
etag: W/"e5d01e169fc99a46f4cbb5ef34e481c4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WWKq4EyTp5AxwFncXlaQBYSiy4CobYNg
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kVpuK3CwbplousIGoYJjIF0zyV8CnY7BFk6XdEKyBZsZiEIEdL7Bog==

GET
BLOB 200
OK 7643bde3-b17f-413b-9b23-5b406dadbbd4
https://www.bottomline.com/ Frame 493B 22 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bottomline.com/7643bde3-b17f-413b-9b23-5b406dadbbd4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa08c6950c457a969f6339da91c3228b327d7e20089ffe4d10ed9427b953f3a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 22873

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 9 KB
3 KB 24ms
18ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7789115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JUFPGMEjk9VflQN-ke1FaZM2LCMDjMpAMF7D8Gs677G0Czyth6j_rg==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 391E 7 KB
2 KB 27ms
20ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7789115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Y5MQMpfNZ9bYDeQmDMLbw0xNzGrQukfM
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4wSvzM06VsrJ2lBUlbymw_r0h7-11W2r0d7Yq_oGppovIvI2m2OjBg==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 54 KB
16 KB 29ms
23ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7789115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dNyr.b_J6AuxSb56NRWJ3LKsWJ9BzeOS
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AtrMR-Of_7aADiKSiydXiv0FCvrndU7gkMnqF-1_5GiODcLLSzw1ww==

GET
H2 200 1.e5dfd51a.chunk.css
js.driftt.com/core/assets/css/ Frame 391E 43 KB
7 KB 27ms
21ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e5dfd51a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:51:52 GMT
content-encoding: gzip
age: 1575625
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 13:34:19 GMT
server: nginx
etag: W/"2c40725f3e291f40133c5dd42e2d2809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PxBjSXKv2D9iu62R72tGZ7okhSAARqe8
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aGoKKO3XtkDy7Gl7YOKe9fLhoiFSkE_mtsrUMOjbWg6TUF9eU024mA==

GET
H2 200 1.43135c2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 73 KB
25 KB 30ms
24ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.43135c2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

60f11b592e3cdd09a585b2282b2075d0bb7966d07b82348c8b3ccb501c63a288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:33:42 GMT
content-encoding: gzip
age: 7114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 17:20:09 GMT
server: nginx
etag: W/"babca985c66662a5953e03fb0cb46e22"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .J2YAlQGWVv4nG4qatVuUfEa2y6k.WVB
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uvltpnVhedPq23Eei9u8YL5KDK_54uD0bkFY06PDu_vSd3KQTgUXSg==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame 391E 12 KB
3 KB 27ms
22ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 5109437
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: e.sL0vOF62s4pyHwBuhbHf.Miph1ZlJo
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qFSBy4qMknYmrO5HZW3q2IidvcKFVGdFHpkk-AuhmPv09jJd4fqKrg==

GET
H2 200 30.304d4bf2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 391E 11 KB
5 KB 34ms
30ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.304d4bf2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.973ee101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

79c254652bb96247b5470d8d7d30bdef4ae96a7e61743ac4ef6b423502cd8c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1649100733639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:35:22 GMT
content-encoding: gzip
age: 1735015
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 14:29:25 GMT
server: nginx
etag: W/"38d96c6ccd18212a914f55851e7dea75"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NMIjSc_O1m0oYNrwPiID10ULv1PB3Qyi
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4HkUUmL8OpLb69eZDEOml1lXd_2TUvDkWUNT8PQNdPui_3Gghv2GEw==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 332ms
101ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 04 Apr 2022 19:32:17 GMT
requestid: drift42d18084affb338739d7fc19399
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 2EC6 25 B
122 B 110ms
110ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 04 Apr 2022 19:32:17 GMT
server: istio-envoy
requestid: 638a70d0cf2ee24c
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 2EC6 147 B
245 B 99ms
99ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

a6045c3f0068c427620700ef546c824c774a4ea1ca64bc90e4c2e99c71cd4bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 04 Apr 2022 19:32:17 GMT
server: istio-envoy
requestid: 9a157d4d7e57c6ba
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 306ms
100ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 04 Apr 2022 19:32:17 GMT
requestid: driftc738504416a971b16b57e335814
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

GET
H/1.1 200
OK analytics Show response
www1.bottomline.com/ 1 KB
2 KB 324ms
322ms Script
text/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.bottomline.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=null&account_id=12082&title=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&referrer=
Requested by: Host: www1.bottomline.com
URL: https://www1.bottomline.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-3-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 9906d30012fcb4c191d6815e2ff3fd542a5c1c5df93ac82d2fe89f06633fa994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:17 GMT
content-encoding: gzip
X-Pardot-Route: eb06fc631066edc75188604bf4f20e9d
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 548
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 50 B
1 KB 531ms
220ms Script
text/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?conly=true&visitor_id=612012917&visitor_id_sign=693adb48dbfca3582dac7885f66c31ca8d8bc5cdef6556232b5a0756f25b05f895449aedf2021df09f13aef9cba3a5f1da73fbc8&pi_opt_in=&campaign_id=108216&account_id=12082&title=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&referrer=

Requested by

Host: www1.bottomline.com
URL: https://www1.bottomline.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=null&account_id=12082&title=Bottomline%20%7C%20Insider%20Fraud%20In%20Banks%20-%20The%20Post-Covid%20Threat%20Landscape&url=https%3A%2F%2Fwww.bottomline.com%2Fus%2Fresources%2Finsider-fraud-banks-post-covid-threat-landscape&referrer=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-3-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 19:32:18 GMT
X-Pardot-Route: 403edde838d926b2f64a33ea88db7473
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
x-pardot-rsp: 0/0/1
vary: User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 50
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 54uv9fyxt7ee.json Show response
embeds.driftcdn.com/embeds/ Frame 2EC6 159 KB
22 KB 421ms
405ms XHR
application/json 13.32.99.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/54uv9fyxt7ee.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-60.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 547c894fe635cb5d3ed946017eae558cc161556fcbb932f839caff01d0a9ae50

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:32:19 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 19:25:40 GMT
server: AmazonS3
etag: W/"5066d93a2f0cdf6fee58713deeb7d242"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: tivtHo96LHuBLLomo-3K6T6vptF8_oKha7BsoI8ogTbxjpsboPQ4wQ==

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 103ms
102ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 04 Apr 2022 19:32:19 GMT
requestid: drift23486324c98a7c34a38ad26098f
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 2EC6 25 B
88 B 117ms
117ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 04 Apr 2022 19:32:19 GMT
server: istio-envoy
requestid: fcafac4df03893ef
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 19
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/frame.js?v=09df4dc

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bottomline.com/	1970-01-20 04:14:36	Name: _gcl_au Value: 1.1.1649694824.1649100734
.app-ab06.marketo.com/	1970-01-20 02:05:02	Name: __cf_bm Value: Df_zA9UcUDFmdFadd__V5nVcEgIjSjzVnZxUEnb9cVs-1649100735-0-Ae8IxKgGbm99p/6gruz2ix5+T35a5OLesds3LHi3XB5CE4zQ8xazxsaDnSCnlVNSxAjDzJVOuK/Vue+u7XnxiJc=
.bottomline.com/	1970-01-20 19:36:12	Name: _ga_HZ69YE96Q9 Value: GS1.1.1649100734.1.0.1649100734.60
.ws.zoominfo.com/	1970-01-20 10:50:36	Name: visitorId Value: 7fd3bf691d3ecfe10c15072431debb2d7520a31c709b8fc039b7d115d6b31a08
.bottomline.com/	1970-01-20 19:36:12	Name: _mkto_trk Value: id:498-XVR-738&token:_mch-bottomline.com-1649100734776-29086
.linkedin.com/	1970-01-20 02:48:12	Name: UserMatchHistory Value: AQITBVWh0Z8-qwAAAX_2EEPzpVd2ivCkZ8NWdaUpyArLZ4DScIDKWsecsBB1lPj8OG00e-EQzr8T4g
.linkedin.com/	1970-01-20 02:48:12	Name: AnalyticsSyncHistory Value: AQIGhbv8L8k9ggAAAX_2EEPzpM6JR0vhQsVTbPRbdQ-v7C7INxylIHOy7imOIFVnYfBWmVxQS9qNhdIwjbH7Aw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:36:54	Name: bcookie Value: "v=2&b7174574-a314-4db9-80be-90671da2e7ad"
.linkedin.com/	1970-01-20 02:06:27	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2594:u=1:x=1:i=1649100735:t=1649187135:v=2:sig=AQF6CZkiisIVHaNPqkgBRJMjINqEcMfX"
.bottomline.com/	1970-01-20 19:36:12	Name: wooTracker Value: DO28XznKbsVI
.bottomline.com/	1970-01-20 10:50:36	Name: _hjSessionUser_1395637 Value: eyJpZCI6IjgyZmFmNGIxLTIwOTUtNWQ3Yi1iMzhhLWU2YTgxMTBiYTg4OCIsImNyZWF0ZWQiOjE2NDkxMDA3MzQ5NTIsImV4aXN0aW5nIjpmYWxzZX0=
.bottomline.com/	1970-01-20 02:05:02	Name: _hjFirstSeen Value: 1
www.bottomline.com/	1970-01-20 02:05:00	Name: _hjIncludedInSessionSample Value: 0
.bottomline.com/	1970-01-20 02:05:02	Name: _hjSession_1395637 Value: eyJpZCI6IjBiOGFmMjk1LTg2MDAtNDQ0MS05ZDA0LWFmODA5MzIxYWVkZSIsImNyZWF0ZWQiOjE2NDkxMDA3MzQ5NzgsImluU2FtcGxlIjpmYWxzZX0=
www.bottomline.com/	1970-01-20 02:05:00	Name: _hjIncludedInPageviewSample Value: 1
.bottomline.com/	1970-01-20 02:05:02	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 19:36:54	Name: bscookie Value: "v=1&20220404193215a5f70645-f6c4-41bf-8016-fc166c7925b9AQHp-oxnhEEClJZGxHtiTFK5W9eUTccU"
.linkedin.com/	1970-01-20 19:27:41	Name: li_gc Value: MTswOzE2NDkxMDA3MzU7MjswMjGyjIJOmZ8IJtm0UO8lblqZM0n3KXXAjzuT2qGK9FDqIQ==
.bottomline.com/	1970-01-20 02:05:02	Name: is Value: 0ca4788c-d7f6-4692-823a-87b6e0072921
.bottomline.com/	1970-01-20 19:36:12	Name: iv Value: 240bc991-7375-4b6f-8cf3-c96772e89c6f
.bottomline.com/	1970-01-20 04:14:36	Name: _fbp Value: fb.1.1649100735138.1315790175
.doubleclick.net/	1970-01-20 02:05:01	Name: test_cookie Value: CheckForPermission
.bottomline.com/	1970-01-20 19:36:12	Name: _ga Value: GA1.2.1699349294.1649100735
.bottomline.com/	1970-01-20 02:06:27	Name: _gid Value: GA1.2.893360.1649100735
.bottomline.com/	1970-01-20 02:05:00	Name: _dc_gtm_UA-19605027-4 Value: 1
.bottomline.com/	1970-01-20 19:37:39	Name: lo-uid Value: cb2e97df-1649100736004-df657b5a00ada2c3
.bottomline.com/	1970-01-20 19:37:39	Name: lo-visits Value: 1
www.bottomline.com/	1970-01-20 02:05:02	Name: drift_campaign_refresh Value: 415bd51f-1f4b-465c-9cb5-46eafe053ce1
.bottomline.com/	1970-01-20 02:05:00	Name: _gat_UA-19605027-4 Value: 1
www.bottomline.com/	1969-12-31 23:59:59	Name: SNS Value: 1
www.bottomline.com/	1970-01-20 10:50:36	Name: _sn_m Value: {"r":{"n":1}}
www.bottomline.com/	1970-01-20 10:50:36	Name: _sn_n Value: {"a":{"i":"e1d7f65f-c8cf-4887-b780-80ee9a2a1709"}}
www.bottomline.com/	1970-01-20 10:50:36	Name: _sn_a Value: {"a":{"s":1649100736424,"l":"https://www.bottomline.com/us/resources/insider-fraud-banks-post-covid-threat-landscape"},"v":"63a148c2-84d1-418a-8336-13ccc9d78e64"}
www1.bottomline.com/	1970-01-23 17:41:00	Name: visitor_id11082 Value: 612012917
www1.bottomline.com/	1970-01-23 17:41:00	Name: visitor_id11082-hash Value: 693adb48dbfca3582dac7885f66c31ca8d8bc5cdef6556232b5a0756f25b05f895449aedf2021df09f13aef9cba3a5f1da73fbc8
www1.bottomline.com/	1970-01-20 02:05:02	Name: lpv11082 Value: aHR0cHM6Ly93d3cuYm90dG9tbGluZS5jb20vdXMvcmVzb3VyY2VzL2luc2lkZXItZnJhdWQtYmFua3MtcG9zdC1jb3ZpZC10aHJlYXQtbGFuZHNjYXBl
www.bottomline.com/	1970-01-23 17:41:00	Name: visitor_id11082 Value: 612012917
www.bottomline.com/	1970-01-23 17:41:00	Name: visitor_id11082-hash Value: 693adb48dbfca3582dac7885f66c31ca8d8bc5cdef6556232b5a0756f25b05f895449aedf2021df09f13aef9cba3a5f1da73fbc8
.pardot.com/	1970-01-23 17:41:00	Name: visitor_id11082 Value: 612012917
.pardot.com/	1970-01-23 17:41:00	Name: visitor_id11082-hash Value: 693adb48dbfca3582dac7885f66c31ca8d8bc5cdef6556232b5a0756f25b05f895449aedf2021df09f13aef9cba3a5f1da73fbc8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://login.dvci.uk.pt-x.com https://login.dvqa.uk.pt-x.com https://login.uat.uk.pt-x.com https://login.go.pt-x.com https://dvci.uk.pt-x.com https://login.demo.uk.pt-x.com https://login.cat.uk.pt-x.com https://login.vf.pt-x.com http://localhost:9999 https://secure.emandates.co.uk https://uat.emandates.co.uk https://datamart.emandates.co.uk https://sandbox.emandates.co.uk https://demonstration.emandates.co.uk;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

498-xvr-738.mktoresp.com
a.idio.co
ajax.googleapis.com
analytics.google.com
analytics.sleeknote.com
api.idio.co
api2963.d41.co
app-ab06.marketo.com
bootstrap.api.drift.com
cdn-0.d41.co
cdn-cs.conductor.com
cdn.jsdelivr.net
connect.facebook.net
cs.choozle.com
d1eoo1tco6rr5e.cloudfront.net
d2eu0qnja3p3n3.cloudfront.net
edge.fullstory.com
embeds.driftcdn.com
ff.d41.co
fonts.gstatic.com
googleads.g.doubleclick.net
i.idio.co
in.hotjar.com
insight.adsrvr.org
js.driftt.com
js.idio.co
metrics.api.drift.com
munchkin.marketo.net
nexus.ensighten.com
pi.pardot.com
pixel.convertize.io
px.ads.linkedin.com
px4.ads.linkedin.com
rs.fullstory.com
s.idio.co
script.hotjar.com
secure.thaw6lily.com
settings.luckyorange.com
sleeknotecustomerscripts.sleeknote.com
sleeknotestaticcontent.sleeknote.com
snap.licdn.com
static.hotjar.com
static.woopra.com
stats.g.doubleclick.net
tools.luckyorange.com
vars.hotjar.com
vff2963.d41.co
ws.zoominfo.com
www.bottomline.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.woopra.com
www1.bottomline.com
tools.luckyorange.com
104.111.234.67
104.16.95.80
13.107.42.14
13.32.121.63
13.32.99.18
13.32.99.60
13.32.99.74
142.250.184.226
151.101.129.91
162.55.95.216
18.195.42.228
18.66.112.118
18.66.112.62
18.66.122.76
18.66.122.85
18.66.123.144
18.66.139.40
18.66.97.37
192.28.144.124
216.239.34.21
23.36.163.234
2600:9000:2251:ac00:4:6246:6bc0:21
2600:9000:225e:1c00:12:95e6:ac80:93a1
2600:9000:2490:1a00:18:6c16:27c0:93a1
2606:4700::6810:5614
2606:4700::6810:a852
2620:1ec:21::14
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9a
2a02:26f0:3500:7::17d8:4dc7
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.94.218.138
34.107.203.234
34.195.146.54
34.234.238.86
34.250.211.64
35.169.225.70
35.174.150.168
35.186.194.58
35.201.112.186
50.16.7.188
51.145.21.84
52.222.236.122
52.223.40.198
52.72.101.102
54.220.54.122
54.234.2.175
54.82.204.65
009a96e114417bf17322807135be2174edbcdfe310653ef7e5f7a6333b921d8d
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
089cccb04c5d820119165d353abd55468d8ba3a04be7aa66d44ed8da11de0c21
090625522e49ad90e9db9ec649e3da9107fe04e007ec8fe7dcd3674cc415e7ce
0b4ce0ccabdb1ecd0b48a4012e8030ea6feba330f9a8a9f7db421c58159fe467
0d93da9438e22388a9774be9726cf624eb689b184587c40f05377fcdee593bb0
0e7365fd12c640647a7dad70785be67ae8c345d40fe06db1681698f1a9463de5
0f8c26695e4fe2f4397e1a08c7b39633b2811b38d9023d42d3be32a27d23caa2
1096d12cbd4a7b08e6c4770e16bf80428c411c61c51ef35f2d7860af68564d13
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11130819df2651a950270dd34effe61ed30cd8efca4f3fed10f13b86d9ac09c9
111b264be3b5a34a64aca23b9e2d59bec6162e005b01b0a19a958ba820376b2d
1282c44c427efc83fd575e44459de1dbdd38112cb82b8c97a1a32d57f7e8690f
12e440bcb9155cad3dda382b086d353a0f73c4c8da328a534cfa7685a7d88ba7
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
1df8f89884af76e482f3b299a9a6bea9c72645557d9cea73ea2fa2c265e8b405
24937d7140dbec8f50327bcb6e1cd2c815ddb0b4831ab59b8253ea6838aa8a5e
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2da48a572044a36bb3915cb59721ebd8cfd3a51632f3ac7f135f53e5f10ddeea
2e5c7b92a4f464afb283fa11dc41795db507c51f36a0b6d23cbf40bdc2d67afc
327a79e144f3e526e2d743a3e768e34371934b910b7f1526e416d13675de89c0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e99b129ea61e1f4763a0010353b8b9421c810d6dcf7d85fac4908e78051ec4d
3f069f27ab73d60c3b99867edc3274e0a3ebc725e1f395e4d7532f5b2ae234b9
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
483d48d52e9c2099f1347609a75810acbee2faea45a888a334e2d156f26b74cb
48b5d240aa0f530c8681d1d886469c6493ae0fdaca7d57ba0b92eaff9ee7c80f
49197ce94967db84e5b1ac6c01e511b4a9f014716548262ad8c493926392d096
49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44
4b276a3df6dcdcd6c00183988721ddac6786ef8ffbc664e87e8c34dac70ca199
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4f0174da434c9da57c0541730ddbc365915ba5e0290128ed9c1854fdd7eb4344
518e2830b9db022e36591ad492a5424318d67a95ba36b4127ff294d1c4a42f97
52c766d175703482411d165b1339220aac1167e3315b792928eb51de6d6b3183
547c894fe635cb5d3ed946017eae558cc161556fcbb932f839caff01d0a9ae50
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
557e08395a5ca4ed5592738b18e5faa23edd63a0939f7b5233545de268b1bd9a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
58b7844b7a2286550f8a03b2094b55e4457024ff68e748a76173096cf5c375b3
58d23165b7c2d48e79fdce04d21286450a744fcbb7f046af0403c915edeabb42
5bb7e74139db0bc9e205af2f1459a595c963c5e3b5528e769d494f555712c539
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
5d96ea65724ef8698cfd2581855c430a4d3d6b890511f2aa094be8a2f777683b
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
60f11b592e3cdd09a585b2282b2075d0bb7966d07b82348c8b3ccb501c63a288
61f7a047ea18784e81e12d1c7815ccd060ed2601fe178eea3cd02bc2028c87aa
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
64c416c1d79907969c428deae3f443c880c719d7c3ebc3683d15d9ae45d84778
668b3dde12ba2c46fd18c8e7270d5f1ede8dfcd29f1a0361c83a4098286e144a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cc0b251ec54fdd5cd55d98cbe7a7af00bd34f9cfd71fd01ca08c83121c89720
6ff27dc0162f420aa372eff623121e91d5f732e2625310714efa815f5c561f0f
70e67e7659a0cfb92c097aa7f9a5891c8e069040d22152fdb3d5fed0386fad75
731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1
73a7e8c46e9b977cf8bb02af02cc6b3136a88725bb92f8d036b8022b22232d9b
73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb
75314d75e825826dcd36270252af82ff7cc9389d5f3b8b9e21564bcc7875170d
765de1e44c0c171c8a55fd34b7b5fe05434f62b8f052781a04055f96386045f3
79c254652bb96247b5470d8d7d30bdef4ae96a7e61743ac4ef6b423502cd8c51
7c66748a9c4ec1a5a9b8ce81b903dc60fc0f33e955ecd6b127abd80fbb7085a7
7e3e418e1410f42f7bff7a3c1291eec4764b68afb5717355437912f034fef00f
7e901163204b65620c38bbf4dd8a5678a354a26d0067e02f7629c2ce742a9495
7fac9a43ab09cf21eafe26af20439d52313fa761cf6100c10ef950a6af22f7d4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
86b8dc2db84bd7a554214d0dcac4d3807276c7c2cc5ce75a298c8c9d74548b1b
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
887060479e6f06e560832afe204b63f4f89db286966020a48d341481ff8a5846
89c1e33fd438566caa3c64829677630e11c7e1e69bfd0157b7f3adaf47c5a088
8a8c0fa1249037db5fc3c80ae9925bb0b1187ac5ad0416a2f984d576f64cb917
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8c6aa602a751bf59150f83ec1bbcde710d6d48985ce1829424b480daf92e68f0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fd746409a426b94cf372b74e68d7a8db57678a12340b58854439f4c980e0e91
9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97df892c59981568a9466da49daa104339eeb3f8c6947b38b9dcada00a93726f
9906d30012fcb4c191d6815e2ff3fd542a5c1c5df93ac82d2fe89f06633fa994
992716b0faca93c60ac27cbb7cfa884893074a19f77f9c962882273c3decd468
9b43b554cefb3e260220353d66c1fff02b52fde52340c621ca5bc07da15415d8
9c95b9cb9c1837ed5e0575784d1843bd56007c3b697380440a1e7aa7a108c767
9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635
9d71fba23742acdc4f9eda4d74efb43015bb7d10ca8d287657b05b497c02ebbb
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
9e111614ac18cf0c829a3dbfc6aff736c03536ec281330daf38e4bb3fb6ddfca
9e92f9ea0db38a6487f6588e962ed6a06e478237173eca4d0e45b8fe7b86112a
9ebb9b897f55ed59ddf1e303c7eab74c6db109e705bfaa7a2dc6b93ce095b3c5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
a6045c3f0068c427620700ef546c824c774a4ea1ca64bc90e4c2e99c71cd4bc1
aa08c6950c457a969f6339da91c3228b327d7e20089ffe4d10ed9427b953f3a3
ad715b7a82804918b62c7d3a62a9c1267511672a64a91f8dd9905bc5b1cf2547
adde2a843bfe6b6ef40f4b0ef88d1a3a6f1f637b3c1056cd8dabb372b4f5c991
b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0
b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838
bad973a62c4f835380e13cab41e2c1f31e353070b361972575a2a075f004aef9
bf2a8df3761c722599171ce0c6eec8fa4630e4c04203d4e4f8551a559c880aa7
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c48af1698e6e13a34a137eb360a3e7d0937ba31bd0332eee8af2b2972b49dd49
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
c962b520ba17da76a4f38cdfbf1d0142af677566323ac9b263f161eaf6f5425e
cabbc928cde8a1e64cf9497d586bdd6e6ad4ba86b07f0494670736cb95c8e6b3
cc2db6544bb23b5d49be7fc4221fcd0c704e34c9ca1f28158e74e637cb587b2d
cdd32a0cc2ef39c888bb3df1fbf7d268fe84e9c3fff9fc6f14ef25c4a92b0d2e
cec849442968b066b49995c54e546640f94d0b31f6184d1203bf3e5cb4332b68
d04f793271da0e8dacca8cacdcb068214bb35b161101d02c4242c6e89ac5a44c
d22817007abfad8e597fa2a7427fa4c78bc050d436a9f3dcd7fbc12cfcf7da6a
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4
d39b1c963678e3bd5fc2de395b0a8694d304d8181392272e61dd0a175478a060
d6621200328c67a58e7f049fc077058611d49a8b0462acecdd1f25ef0b20a831
d910e3ee339554225ae581d3d13e83beb7ccee06bfcc063fd1594b1c32c736b3
db3ac234d9794b80ae382c7bae640f788ebc790df0238784c0744201b985095d
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd21acbddbfa634e9870ed1b19093b0eb7bbe8636d4de590e2aadb23ead5cb3e
de2f7f8d7b163a0d422d2a426f84db938dbdae1a8fde621b123306a4a12652a6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e4cc79944b238c5f144d21312d00500fefe5c417f60a772c8d24b72f7f39403b
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed84d9abf30b626f827d00e91ba265c59a8d644bc6994c75181e36857d286f1b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
efbc8aa649e3aa51247c8e3510c73fe797e529486a5150641462ace52aaaa672
f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f5f54175bb5edf8394bd6466dfcc39f198058765a6b8931eb100e7c170829c03
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fa400cfeb6d1019e0e3d18fd57ded1a50754057af2e5231a6d1ed2bfc5a07a1e
faba506dba0349736b95b770edec7a4eea32962b2ce0c18316a6cd8c0025e60a
fb09aacd7db73d06629cb73829b92394ec508d5c038a3a714b8c57c42aa8b6d1
fc33f4d973d22040befe531530957e027f079e88ef121405d20c525cb8461ac3

www.bottomline.com Open in urlscan Pro 54.234.2.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

197 Requests

97 %HTTPS

32 %IPv6

36 Domains

58 Subdomains

56 IPs

6 Countries

2437 kBTransfer

7072 kBSize

42 Cookies

4 Outgoing links

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bottomline.com Open in urlscan Pro
54.234.2.175 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

97 %
HTTPS

32 %
IPv6

36
Domains

58
Subdomains

56
IPs

6
Countries

2437 kB
Transfer

7072 kB
Size

42
Cookies

197 HTTP transactions
3 data transactions