appriver.com Open in urlscan Pro
199.30.234.249 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%8...
Effective URL:
https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%8...
Submission: On April 10 via manual (April 10th 2021, 8:47:35 am UTC) from IN

Summary HTTP 162 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 17 domains to perform 162 HTTP transactions. The main IP is 199.30.234.249, located in United States and belongs to ASN-CUST, US. The main domain is appriver.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 16th 2020. Valid for: 2 years.

This is the only time appriver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
61	199.30.234.249 199.30.234.249	13380 (ASN-CUST) (ASN-CUST)
1	52.203.96.188 52.203.96.188	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	52.239.137.4 52.239.137.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.114.109 151.101.114.109	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:710... 2a02:26f0:7100:295::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
66	54.192.210.116 54.192.210.116	16509 (AMAZON-02) (AMAZON-02)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.179.11 52.222.179.11	16509 (AMAZON-02) (AMAZON-02)
6	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
1	3.224.7.114 3.224.7.114	14618 (AMAZON-AES) (AMAZON-AES)
2	100.24.186.63 100.24.186.63	14618 (AMAZON-AES) (AMAZON-AES)
2	52.0.189.149 52.0.189.149	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
162	22

61 199.30.234.249 (United States)

ASN13380 (ASN-CUST, US)
PTR: zix.com

appriver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.96.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-96-188.compute-1.amazonaws.com

www.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.239.137.4 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

optanon.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:295::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 54.192.210.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-210-116.ham50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.179.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-11.ham50.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.7.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-7-114.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.24.186.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-186-63.compute-1.amazonaws.com

targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.189.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-189-149.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	driftt.com js.driftt.com	737 KB
61	appriver.com appriver.com	335 KB
11	drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com	5 KB
4	typekit.net use.typekit.net p.typekit.net	84 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	marketo.net munchkin.marketo.net	7 KB
2	polyfill.io cdn.polyfill.io	754 B
2	windows.net optanon.blob.core.windows.net	21 KB
1	driftcdn.com embeds.driftcdn.com	6 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	doubleclick.net stats.g.doubleclick.net	86 B
1	jquery.com code.jquery.com	30 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	bugherd.com www.bugherd.com	724 B
162	17

	Domain	Requested by
66	js.driftt.com	appriver.com js.driftt.com
61	appriver.com	appriver.com
6	metrics.api.drift.com	js.driftt.com
3	use.typekit.net	appriver.com use.typekit.net
3	fonts.googleapis.com	appriver.com js.driftt.com
2	fonts.gstatic.com	fonts.googleapis.com
2	event.api.drift.com	js.driftt.com
2	targeting.api.drift.com	js.driftt.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	munchkin.marketo.net	appriver.com munchkin.marketo.net
2	cdn.polyfill.io	appriver.com
2	optanon.blob.core.windows.net	appriver.com optanon.blob.core.windows.net
1	bootstrap.api.drift.com	js.driftt.com
1	embeds.driftcdn.com	js.driftt.com
1	www.google.de	appriver.com
1	www.google.com	appriver.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	code.jquery.com	optanon.blob.core.windows.net
1	p.typekit.net	use.typekit.net
1	www.googletagmanager.com	appriver.com
1	www.bugherd.com	appriver.com
162	21

This site contains links to these domains. Also see Links.

Domain
cookiepedia.co.uk
onetrust.com
support.zixcorp.com
workforcenow.adp.com
account.appriver.com
cp.appriver.com
partnerpower.appriver.com
twitter.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.appriver.com DigiCert SHA2 Secure Server CA	`2020-07-16` - `2022-09-21`	2 years	crt.sh
www.bugherd.com R3	`2021-03-18` - `2021-06-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-03-03` - `2022-03-03`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-25` - `2022-03-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
Frame ID: A9380540E719AD3C775B99C7C8EAA825
Requests: 87 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
Frame ID: 1546BC7BD2747E3B689C707FC63BEC66
Requests: 36 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat
Frame ID: 3595EC86222BAD813CB833C120A4231F
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i
meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

162
Requests

100 %
HTTPS

48 %
IPv6

17
Domains

21
Subdomains

22
IPs

5
Countries

1316 kB
Transfer

3772 kB
Size

5
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More Information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://support.zixcorp.com/
Title: Submit a Ticket

Search URL Search Domain Scan URL

URL: https://workforcenow.adp.com/mascsr/default/mdf/recruitment/recruitment.html?cid=1160b267-5cb8-4301-8c38-f24bf00a4d01&ccId=1586553155625989_4900&type=MP&lang=en_US
Title: Careers

Search URL Search Domain Scan URL

URL: https://account.appriver.com/identity/login
Title: Login

Search URL Search Domain Scan URL

URL: https://cp.appriver.com/
Title: Login

Search URL Search Domain Scan URL

URL: https://partnerpower.appriver.com/
Title: Partner Login

Search URL Search Domain Scan URL

URL: https://twitter.com/appriver
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/appriver
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/appriver
Title: LinkedIn

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

162 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request Cookie set powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6 Show response
appriver.com/resources/blog/january-2020/ 58 KB
61 KB 1079ms
398ms Document
text/html 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

c1b07ba41970108f5bf4ceb68230b11abe4028beedd8134b7e9c9a9e0010eb98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: appriver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff nosniff
Cache-Control: must-revalidate, no-cache, private
X-Drupal-Dynamic-Cache: HIT
Link: <https://appriver.com/404-appriver>; rel="canonical" <https://appriver.com/404-appriver>; rel="alternate"; hreflang="en" <https://appriver.com/404-appriver>; rel="revision" <https://appriver.com/404-appriver>; rel="canonical" <https://appriver.com/404-appriver>; rel="alternate"; hreflang="en" <https://appriver.com/404-appriver>; rel="revision"
X-UA-Compatible: IE=edge
Content-language: en
X-Frame-Options: SAMEORIGIN
X-Drupal-Cache-Tags: 4xx-response block_content:773 block_content:774 block_content:775 block_content:776 block_content:777 block_content:778 block_content:786 block_content_view block_view config:block.block.appriver_content config:block.block.appriver_help config:block.block.appriver_local_actions config:block.block.appriver_local_tasks config:block.block.appriver_messages config:block.block.appriveractionsmenu config:block.block.appriverfootermenu config:block.block.appriverlegalmenu config:block.block.apprivermainmenu config:block.block.appriversearch config:block.block.appriversocialmenu config:block_list config:core.entity_view_display.node.page.default config:filter.format.basic_html config:system.menu.appriver-actions-menu config:system.menu.appriver-footer-menu config:system.menu.appriver-legal-menu config:system.menu.appriver-main-menu config:system.menu.appriver-social-menu config:system.site config:user.role.anonymous http_response local_task node:4405 node:4409 node:4423 node:4440 node:4446 node:4447 node:4448 node:4449 node:4450 node:4457 node:4458 node:4460 node:4464 node:4465 node:4467 node:4468 node:4469 node:4470 node:4471 node:4477 node:4478 node:4479 node:4480 node:4481 node:4482 node:4484 node:4485 node:4513 node:4514 node:4568 node:4627 node:4628 node:4629 node:4630 node:4631 node:4632 node:4633 node:4634 node:4644 node:4711 node:4718 node:4725 node:4790 node_view rendered url.site user:104
X-Drupal-Cache-Contexts: cookies:big_pipe_nojs languages:language_interface layout_builder_is_active:node route session.exists theme timezone url user.node_grants:view user.permissions user.roles:anonymous user.roles:authenticated
Expires: Sun, 19 Nov 1978 05:00:00 GMT
X-Drupal-Cache: HIT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Set-Cookie: BIGipServer~Corporate~www.zix.com=!ONZMxU2FUK+Vyi7yWujtueQp9URVvGueoTYJl075H9cMdDp6sbYnTVbZL1zMc7seVaUNtChhydqvzUg=; path=/; Httponly; Secure

GET
H/1.1 200
OK normalize.css
appriver.com/core/assets/vendor/normalize-css/ 8 KB
3 KB 548ms
210ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/assets/vendor/normalize-css/normalize.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 2578
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "1e1c-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sat, 24 Apr 2021 08:47:11 GMT

GET
H/1.1 200
OK normalize-fixes.css
appriver.com/core/misc/ 254 B
767 B 748ms
262ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/misc/normalize-fixes.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

848e395b67c5a776114425ac9ea4cc4f809cdca2caf2685fd2f6a94eba4c7238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 199
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "fe-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK ajax-progress.module.css
appriver.com/core/themes/stable/css/system/components/ 1 KB
1 KB 750ms
263ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/ajax-progress.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

018bc192232b968b662399f1cb800c44ee22b64285a6334366c667f7ebfea058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 481
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "40b-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK align.module.css
appriver.com/core/themes/stable/css/system/components/ 484 B
785 B 771ms
284ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/align.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

97fe5992208187911c3daff7fe8556ee254ca0a340ab9af0e3ba04ce7e40e2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 216
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "1e4-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK autocomplete-loading.module.css
appriver.com/core/themes/stable/css/system/components/ 611 B
820 B 772ms
284ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/autocomplete-loading.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

f5ac9ecf677f9a456c8faf304f9cd9a6deb61b2f7cad70bac84c63428bc7dbe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 251
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "263-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK fieldgroup.module.css
appriver.com/core/themes/stable/css/system/components/ 95 B
662 B 771ms
284ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/fieldgroup.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

c799ec87fb8a6e52bd93a883abdc71eef0dec77d2365ce4c2f46178a3e0909fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 95
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "5f-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK container-inline.module.css
appriver.com/core/themes/stable/css/system/components/ 222 B
721 B 752ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/container-inline.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

c5730d19f43f160faa47af29f7e1dc2bafc393be75aa71d21dc93c775a1833c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 154
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "de-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK clearfix.module.css
appriver.com/core/themes/stable/css/system/components/ 306 B
789 B 1090ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/clearfix.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

a0645960ade152760a6cefc0b03736a9565c09a46c94b2dd39e54da585bde30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 221
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "132-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK details.module.css
appriver.com/core/themes/stable/css/system/components/ 127 B
688 B 1092ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/details.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

f31746cbb75773acc9358471805e24d2f80184a9686f2e4dfbf57530c3a583c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 121
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "7f-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK hidden.module.css
appriver.com/core/themes/stable/css/system/components/ 1 KB
1 KB 1113ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/hidden.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

144c2b996574a2f16003848858de86dc5ad3486fb4fe14a5d5a79d134086e763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 649
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "54f-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK item-list.module.css
appriver.com/core/themes/stable/css/system/components/ 285 B
722 B 1121ms
210ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/item-list.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

5251ec9a6d7f9cc54b205363d70eb38bf67517f8e02b3ae04e85c9cf5f908228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 154
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "11d-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK js.module.css
appriver.com/core/themes/stable/css/system/components/ 402 B
800 B 1126ms
215ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/js.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

132298c08776faea963092e83b7c30712bde095c62530bd3a613322987c4663e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 232
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "192-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK nowrap.module.css
appriver.com/core/themes/stable/css/system/components/ 96 B
671 B 1145ms
213ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/nowrap.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

4a4fa2a793d87c88f1509f370dbc40b6deec2188b6a918f92365f873b7bc566d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 104
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "60-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK position-container.module.css
appriver.com/core/themes/stable/css/system/components/ 95 B
660 B 1432ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/position-container.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

92931ceb6a0ad1c9b3e8fc6f335b9dfd6f0c7c8ee36f089bb10241c142a78faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 94
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "5f-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK progress.module.css
appriver.com/core/themes/stable/css/system/components/ 826 B
920 B 1435ms
203ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/progress.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

4d9de30f44d155113b05e267edeb3f534339c20b02135b37b954e2be32f1f061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 352
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "33a-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK reset-appearance.module.css
appriver.com/core/themes/stable/css/system/components/ 274 B
757 B 1454ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/reset-appearance.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

0ac01ab832b811cdc2dfddaf28ba2f1ee3ef3bb6486cbaeb424226fde71ee625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 189
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "112-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK resize.module.css
appriver.com/core/themes/stable/css/system/components/ 270 B
723 B 1463ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/resize.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

299064cf3027c5efab4ab6df345de1302dfa562db83eca51965371938480f56c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 155
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "10e-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK sticky-header.module.css
appriver.com/core/themes/stable/css/system/components/ 163 B
711 B 1468ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/sticky-header.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

0b61e01fa0fa02eba3c6a074427ddf2a6cf98c01727b2796309b2b5b005fac70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 144
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "a3-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK system-status-counter.css
appriver.com/core/themes/stable/css/system/components/ 742 B
875 B 1487ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/system-status-counter.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

6f0160c0d198d260e42d1394b516e5495ee57c204e41cd2147e4026110843d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 307
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "2e6-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Sat, 24 Apr 2021 08:47:12 GMT

GET
H/1.1 200
OK system-status-report-counters.css
appriver.com/core/themes/stable/css/system/components/ 557 B
873 B 1823ms
207ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/system-status-report-counters.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

da6360a75aac69be7076b4a5a4a2d0bfbd3bc4a674bba2e7a9cb698035719159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 305
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "22d-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK system-status-report-general-info.css
appriver.com/core/themes/stable/css/system/components/ 255 B
740 B 1824ms
204ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/system-status-report-general-info.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

d106f9ce97021e6ce9a05e593a70ec7e4956667eab83726c9eb1b473b709fb8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 173
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "ff-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK tabledrag.module.css
appriver.com/core/themes/stable/css/system/components/ 2 KB
1 KB 1829ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/tabledrag.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

8188bad0f77aaf0e06c5d199b36c85263048a4ac6361bed201939fdab3dd196f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 636
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "730-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK tablesort.module.css
appriver.com/core/themes/stable/css/system/components/ 373 B
780 B 1837ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/tablesort.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

750e66789618a2e5a917b34aa2e29abd2713041f80259ce54ef1b4f0fdffcbdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 212
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "175-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK tree-child.module.css
appriver.com/core/themes/stable/css/system/components/ 478 B
791 B 1846ms
203ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/stable/css/system/components/tree-child.module.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

7b01b36d9b978726eeb935eb9cf4ca4b7ac06e7191264f079068f6b0f3a51e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 223
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "1de-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK action-links.css
appriver.com/core/themes/classy/css/components/ 832 B
931 B 1857ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/action-links.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

8e2c11562c4db62fcaa730cee623e84c9a205115de4bb13785cc434c152831da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 363
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "340-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK breadcrumb.css
appriver.com/core/themes/classy/css/components/ 491 B
848 B 2202ms
240ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/breadcrumb.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

3dc4c8976917e48d271dc01b9cea9b0fd1b52811fb4a85ba5d807735b0312f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 280
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "1eb-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK button.css
appriver.com/core/themes/classy/css/components/ 204 B
702 B 2204ms
241ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/button.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

29a630cf5111901233f94887450c9fe9189ea23f6ba08c0e7c60629b3b85049e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 135
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "cc-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK collapse-processed.css
appriver.com/core/themes/classy/css/components/ 825 B
900 B 2205ms
229ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/collapse-processed.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

dcdb22c649de0d33d65a202d01640250834ba056731b1379abf74e0235497667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 332
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "339-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK container-inline.css
appriver.com/core/themes/classy/css/components/ 477 B
750 B 2205ms
220ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/container-inline.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

10504939833401b539099f2fe040c8346889db8387ada82330f1fc377bc2fc64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 182
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "1dd-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK details.css
appriver.com/core/themes/classy/css/components/ 492 B
874 B 2229ms
231ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/details.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

27ade4448213a70309ff4c8e6157e4a386d24af7c89abecb8df2cfd88fc65701

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 306
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "1ec-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK exposed-filters.css
appriver.com/core/themes/classy/css/components/ 905 B
871 B 2217ms
207ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/exposed-filters.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

694010e3722a2e8575aef0c6684b60ceed96995a9558d56fbdf7ee7339cc0438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 303
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "389-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK field.css
appriver.com/core/themes/classy/css/components/ 526 B
778 B 2544ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/field.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

2e6726a445d070701980a6ba5e452381f6a9cf2fb9265ae574b861c3f6c21612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 210
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "20e-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Sat, 24 Apr 2021 08:47:13 GMT

GET
H/1.1 200
OK form.css
appriver.com/core/themes/classy/css/components/ 2 KB
1 KB 2556ms
212ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/form.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

e8a680ead09d80d74ea14470a6308e2dcec48b7308baa6a914417a2af5b687a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 781
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "888-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK icons.css
appriver.com/core/themes/classy/css/components/ 421 B
835 B 2554ms
210ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/icons.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

14ffae1f46d118d9c065d96f02ee4fa16061dbf1a7620957d9564b51289a4317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 267
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "1a5-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK inline-form.css
appriver.com/core/themes/classy/css/components/ 741 B
860 B 2554ms
209ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/inline-form.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

dc0fb547c3465ce7d3f9c8c532278d9466fcfe4b1477bb346c031f2f5da2fd88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 292
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "2e5-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK item-list.css
appriver.com/core/themes/classy/css/components/ 546 B
819 B 2565ms
209ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/item-list.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

1bab3880f653cc4d004c2012e94eed50909ba0a6cfd8540d5a5ffce7caf56c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 251
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "222-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK link.css
appriver.com/core/themes/classy/css/components/ 217 B
736 B 2571ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/link.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

b16f119714d9dbe39af89d26b0545d10cfc34751216fded19ff68b2c5078a48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 169
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "d9-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK links.css
appriver.com/core/themes/classy/css/components/ 343 B
777 B 2910ms
205ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/links.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

80dd92890eb3b5cf2998f3141668bf956843764f1027e038df2dc80ce145bd8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 209
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "157-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK menu.css
appriver.com/core/themes/classy/css/components/ 672 B
863 B 2930ms
206ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/menu.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

ff310fb7f3399a67a4be790b014dfddb3b8e5178b2ca9fd93ee9a14543181e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 295
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "2a0-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK more-link.css
appriver.com/core/themes/classy/css/components/ 171 B
718 B 2944ms
207ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/more-link.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

322caa9e5fdb996a5afa9ef6283b3f0646c72c2add2f2540a82ac24e7c7d917a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 151
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "ab-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK pager.css
appriver.com/core/themes/classy/css/components/ 203 B
727 B 2942ms
205ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/pager.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

7e0f43d721b07d29d6310e31aa037a28371e3d85d5ad27592ab1daab3a589e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 160
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "cb-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK tabledrag.css
appriver.com/core/themes/classy/css/components/ 202 B
725 B 2944ms
204ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/tabledrag.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

a08a772c49fef577fd5e0a37663d6d010473be40763496bedb29cf77176bc7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 158
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "ca-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK tableselect.css
appriver.com/core/themes/classy/css/components/ 302 B
763 B 2955ms
203ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/tableselect.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

5b159e6ef41dbba1dffa56e2a922733a81656a00324bcf82b9b0e48cd6af325a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 195
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "12e-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK tablesort.css
appriver.com/core/themes/classy/css/components/ 126 B
691 B 3272ms
202ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/tablesort.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

b46e0f428fdce40677abe43f33575023b1b2d87cc3285138bb06b253313a7665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 124
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "7e-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK tabs.css
appriver.com/core/themes/classy/css/components/ 470 B
838 B 3287ms
206ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/tabs.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

732ac3d1e0be45497ec275b2d9b3f926661e243a4d80da8240abfeaa5eee21bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 270
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "1d6-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK textarea.css
appriver.com/core/themes/classy/css/components/ 169 B
716 B 3287ms
205ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/textarea.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

e7c9610ec0d923171ec822d71c9b605456b690320a72f4546af38aedf87737a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 149
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "a9-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK ui-dialog.css
appriver.com/core/themes/classy/css/components/ 208 B
727 B 3288ms
205ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/ui-dialog.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

d99dd4d581c7006eabeebac8e77dbeae96fbc430cfa28bfffa222f4348d17127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 160
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "d0-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK messages.css
appriver.com/core/themes/classy/css/components/ 2 KB
1 KB 3298ms
206ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/messages.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

9018c4c78b2c89ae030f975ba18c806a4b825d8b470e0f51cfc1327ae09723a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 618
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "77d-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK node.css
appriver.com/core/themes/classy/css/components/ 98 B
679 B 3298ms
204ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/themes/classy/css/components/node.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

a720a090101e698013011a9d951fa992ca6d948356759db34ed04f4695d6896c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 112
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "62-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Sat, 24 Apr 2021 08:47:14 GMT

GET
H/1.1 200
OK main.css
appriver.com/themes/custom/zixappriver/css/ 407 KB
59 KB 3658ms
247ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/themes/custom/zixappriver/css/main.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

338a0aa671d44549b3059a89647224c19557e207430e7378abbfbfdb7a1c8a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Feb 2021 17:40:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "65ada-5bb13052c54f8-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Sat, 24 Apr 2021 08:47:15 GMT

GET
H/1.1 200
OK main.css
appriver.com/themes/custom/appriver/css/ 100 KB
16 KB 3647ms
220ms Stylesheet
text/css 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/themes/custom/appriver/css/main.css?qodjit

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

94612244705355e1924213a1f6e001e0d06656dca057d82ee3b7f1ba0e5e18f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 16013
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 06 Jul 2020 17:04:30 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "18eba-5a9c8de3aec7b-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Sat, 24 Apr 2021 08:47:15 GMT

GET
H/1.1 200
OK sidebarv2.js Show response
www.bugherd.com/ 19 B
724 B 436ms
156ms Script
text/javascript 52.203.96.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bugherd.com/sidebarv2.js?apikey=xmelnlgyr96uwfcdwov8tg

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.96.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-96-188.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

55232dd39e62d18f8a17fa1d3d2f48616c0c1a702a053a62e9289bacc00191d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
P3p: CP="NOI ADM DEV COM NAV OUR STP"
Connection: close
X-Xss-Protection: 1; mode=block
X-Request-Id: fa39a08d-ad8f-412b-bb24-f4fdfe1e27f3
X-Runtime: 0.015691
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"f82947d7c12388356459172d86a58695"
X-Download-Options: noopen
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Via: 1.1 vegur
Cache-Control: max-age=0, private, must-revalidate

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-247764-29

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

659c08a5799af9f14a52f5ee7544388c7a4ccf80d01c48dc3f7edd5513aa2dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 08:47:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39151
x-xss-protection: 0
last-modified: Sat, 10 Apr 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Apr 2021 08:47:15 GMT

GET
H/1.1 200
OK ed8b9d97-10f7-4bca-b219-e713c47aadc7.js Show response
optanon.blob.core.windows.net/consent/ 60 KB
15 KB 315ms
85ms Script
application/x-javascript 52.239.137.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://optanon.blob.core.windows.net/consent/ed8b9d97-10f7-4bca-b219-e713c47aadc7.js
Requested by: Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ddb2daebb6efd8ffcf0340d8c52dcfbe2e716235c98ddc6ec92e8353f49397a9

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 10 Apr 2021 08:47:11 GMT
Content-Encoding: GZIP
Last-Modified: Fri, 29 May 2020 21:35:48 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: tVuCtj0bTRFTEw5DAo73UQ==
ETag: 0x8D80418410BD0AF
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 6875a56f-601e-0002-22e6-2dda1c000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=14400
x-ms-version: 2009-09-19
Content-Length: 14599

GET
H/1.1 200
OK logo.png
appriver.com/themes/custom/appriver/ 13 KB
14 KB 449ms
238ms Image
image/png 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://appriver.com/themes/custom/appriver/logo.png

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

ca1b758f7a51e35fd5b191618de7c923f075d6faecbbd82ea2f6c0b0907765f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 06 Jul 2020 17:04:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "350f-5a9c8de433593"
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 13583
X-XSS-Protection: 1; mode=block
Expires: Sat, 24 Apr 2021 08:47:16 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
555 B 55ms
54ms Script
text/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 5634278
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=0
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Feb 2021 05:28:20 GMT
date: Sat, 10 Apr 2021 08:47:15 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK jquery.min.js Show response
appriver.com/core/assets/vendor/jquery/ 87 KB
31 KB 208ms
207ms Script
application/javascript 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/assets/vendor/jquery/jquery.min.js?v=3.5.1

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 30910
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "15d84-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Sat, 24 Apr 2021 08:47:15 GMT

GET
H/1.1 200
OK drupalSettingsLoader.js Show response
appriver.com/core/misc/ 519 B
896 B 203ms
202ms Script
application/javascript 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/misc/drupalSettingsLoader.js?v=8.9.10

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

5f8f69ec521f7998af455985a8ede6d8dcf3527b43795fe3d26f1f1b57a5a554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 314
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "207-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Sat, 24 Apr 2021 08:47:15 GMT

GET
H/1.1 200
OK drupal.js Show response
appriver.com/core/misc/ 6 KB
2 KB 206ms
203ms Script
application/javascript 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/misc/drupal.js?v=8.9.10

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

990fda61c1303a87f6317b47fef824552d611209f0537bd4faaa9648d3de1363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1855
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "18a8-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Sat, 24 Apr 2021 08:47:15 GMT

GET
H/1.1 200
OK drupal.init.js Show response
appriver.com/core/misc/ 727 B
971 B 205ms
203ms Script
application/javascript 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/core/misc/drupal.init.js?v=8.9.10

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

41683e0bdfed00e74de14d86441e289271ca70b2a94c721653b9a49dc32fb24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 389
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 26 Nov 2020 01:49:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "2d7-5b4f8c0515cc0-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Expires: Sat, 24 Apr 2021 08:47:15 GMT

GET
H/1.1 200
OK bootstrap.js Show response
appriver.com/libraries/bootstrap/dist/js/ 133 KB
26 KB 225ms
222ms Script
application/javascript 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/libraries/bootstrap/dist/js/bootstrap.js?v=1.x

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

8bf26ae9373c49b3cc06b9efabfb0e4df1fcd615b97a655ae0ecd93ea85cc2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 25825
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 06 Jul 2020 16:58:13 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "21483-5a9c8c7bbf634-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Sat, 24 Apr 2021 08:47:15 GMT

GET
H/1.1 200
OK main.js Show response
appriver.com/themes/custom/zixappriver/js/ 10 KB
4 KB 206ms
203ms Script
application/javascript 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/themes/custom/zixappriver/js/main.js?v=1.x

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

c4a8599757555a03484a229716b862a12de6a1c097f6264f2a0be56ebad2e2e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 3055
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 04 Dec 2020 05:09:35 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "280b-5b59c7b86787d-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Sat, 24 Apr 2021 08:47:15 GMT

GET
H/1.1 200
OK main.js Show response
appriver.com/themes/custom/appriver/js/ 2 KB
1 KB 203ms
202ms Script
application/javascript 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/themes/custom/appriver/js/main.js?v=1.x

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

ff825cd45eac63178665c8f0634486bd29a2c62a6069310334a1a02cde87bf63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 535
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 06 Jul 2020 17:04:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "65e-5a9c8de470df2-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Expires: Sat, 24 Apr 2021 08:47:16 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
922 B 52ms
38ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900&display=swap

Requested by

Host: appriver.com
URL: https://appriver.com/themes/custom/appriver/css/main.css?qodjit

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fc05d56619f9c8c9bb02bbac38dffbd0616ba1b462b1ed9a342a86644fdd887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Apr 2021 07:44:32 GMT
server: ESF
date: Sat, 10 Apr 2021 08:47:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Apr 2021 08:47:15 GMT

GET
H2 200 hei5fry.css
use.typekit.net/ 13 KB
2 KB 176ms
151ms Stylesheet
text/css 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/hei5fry.css

Requested by

Host: appriver.com
URL: https://appriver.com/themes/custom/appriver/css/main.css?qodjit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

01b900fe24ac693e90b1b84b3997ff06bda6c701030b4a30024abb5a67fb2ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sat, 10 Apr 2021 08:47:15 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1336

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 28ms
12ms Stylesheet
text/css 2a02:26f0:7100:295::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=hei5fry&ht=tk&f=2001.2002.2042.6862.6863.6868.17007.17008.17009.17011.17013.17016.25390.25391.25396.25399.31744.31745&a=33649479&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hei5fry.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:295::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 08:47:15 GMT
last-modified: Wed, 02 Sep 2020 03:55:18 GMT
server: nginx
etag: "5f4f17a6-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 n3tifahsaxzc.js Show response
js.driftt.com/include/1618044600000/ 212 KB
60 KB 308ms
200ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1618044600000/n3tifahsaxzc.js

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

9db6b287d26113420992948384e1452ac263c8fbe1e0ce55d177b4fc5e05e301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sJeeK6WZx7vR8vurzuWyk0IDQNe6w2mq
content-encoding: gzip
etag: W/"72a7d2d98706be10010ea2ffdf0d51c1"
x-amz-cf-pop: HAM50-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 09 Apr 2021 13:08:20 GMT
server: nginx
date: Sat, 10 Apr 2021 08:47:16 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4AEYxiX-LAjaf845qWEm4jTjZEOngParpwWgK8D_RABJ_8uhlXQ-aA==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 174ms
54ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H/1.1 200
OK optanon.css
optanon.blob.core.windows.net/skins/6.1.0/default_flat_bottom_two_button_black/v2/css/ 23 KB
6 KB 78ms
77ms Stylesheet
text/css 52.239.137.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://optanon.blob.core.windows.net/skins/6.1.0/default_flat_bottom_two_button_black/v2/css/optanon.css
Requested by: Host: optanon.blob.core.windows.net
URL: https://optanon.blob.core.windows.net/consent/ed8b9d97-10f7-4bca-b219-e713c47aadc7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 10 Apr 2021 08:47:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jun 2020 06:38:19 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: InA19oQG3NGSIUwiDPvLUQ==
ETag: 0x8D80D08DD100AAA
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 6875ad32-601e-0002-73e6-2dda1c000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 5553

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 29ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: optanon.blob.core.windows.net
URL: https://optanon.blob.core.windows.net/consent/ed8b9d97-10f7-4bca-b219-e713c47aadc7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://appriver.com
Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 08:47:15 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1618044435.dop160.fr8.t,1618044435.cds222.fr8.hn,1618044435.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
DATA 200
OK truncated
/ 468 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 330f669838be77a98c44d2f6549f8535ce664ae1593dbdb36d42f3f36e98c9d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 863 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26516bbdbb417efc0b2f9d1af071b402e6057353e8a8ac6b972298a6d1dc545

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: baa1f0b24ae1516253650d1a3458b627463fcc70a01c86a15bafaa1a4c7c7045

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 763 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccf3c4413cd84668a268612e463fdfd1ce9231a319a8c64d9b6240c8e3b2966c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 l
use.typekit.net/af/9f2f2a/00000000000000003b9acf30/27/ 41 KB
41 KB 29ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9f2f2a/00000000000000003b9acf30/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hei5fry.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0e61bbf1fcf3573627de44aa6799cce3ed481ae1962ad7d98f9a996db96f8c8f

Request headers

Origin: https://appriver.com
Referer: https://use.typekit.net/hei5fry.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 08:47:15 GMT
server: nginx
etag: "cead359c4b45407be04b075734084dfc296015c0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42004

GET
H2 200 l
use.typekit.net/af/03e1a3/00000000000000003b9acf2d/27/ 41 KB
41 KB 30ms
7ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/03e1a3/00000000000000003b9acf2d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hei5fry.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3388130914aa9782e9d5a20234f4dcd5055bd86a9a9ed579ab84a597107c3593

Request headers

Origin: https://appriver.com
Referer: https://use.typekit.net/hei5fry.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 08:47:15 GMT
server: nginx
etag: "c85df0a9a8d5ceea0379089b42901c24f9cf3cd3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42016

GET
H/1.1 200
OK fa-solid-900.woff2
appriver.com/libraries/fortawesome--fontawesome-free/webfonts/ 78 KB
78 KB 518ms
240ms Font
text/plain 199.30.234.249
ASN-CUST

General

Check archive.org

Show headers Download Go to

Full URL

https://appriver.com/libraries/fortawesome--fontawesome-free/webfonts/fa-solid-900.woff2

Requested by

Host: appriver.com
URL: https://appriver.com/themes/custom/zixappriver/css/main.css?qodjit

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.30.234.249 , United States, ASN13380 (ASN-CUST, US),

Reverse DNS

zix.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /

Resource Hash

fc408eac229b6c8af6e076c9cc316208606bdf78e2b981d2215c1c050dbead5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://appriver.com
Referer: https://appriver.com/themes/custom/zixappriver/css/main.css?qodjit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Apr 2020 12:35:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag: "13654-5a3538c7063dd"
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 79444
X-XSS-Protection: 1; mode=block
Expires: Sat, 24 Apr 2021 08:47:16 GMT

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ 222 B
199 B 50ms
50ms Other
text/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 5634279
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=0
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Feb 2021 05:28:20 GMT
date: Sat, 10 Apr 2021 08:47:16 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-247764-29

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 6843
date: Sat, 10 Apr 2021 06:53:13 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sat, 10 Apr 2021 08:53:13 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 57ms
57ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 08:47:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Mon, 19 Jul 2021 08:47:16 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
64 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1939427058&t=pageview&_s=1&dl=https%3A%2F%2Fappriver.com%2Fresources%2Fblog%2Fjanuary-2020%2Fpowerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%25E2%2580%25A6&ul=en-us&de=UTF-8&dt=404%20-%20AppRiver%20%7C%20AppRiver&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1761066364&gjid=549731447&cid=731396957.1618044436&tid=UA-247764-29&_gid=564705638.1618044436&_r=1&gtm=2ou3v0&z=1290019664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 08:47:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://appriver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-247764-29&cid=731396957.1618044436&jid=1761066364&gjid=549731447&_gid=564705638.1618044436&_u=IEBAAUAAAAAAAC~&z=768914123

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 10 Apr 2021 08:47:16 GMT
content-type: text/plain
access-control-allow-origin: https://appriver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-247764-29&cid=731396957.1618044436&jid=1761066364&_u=IEBAAUAAAAAAAC~&z=154420232

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 08:47:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-247764-29&cid=731396957.1618044436&jid=1761066364&_u=IEBAAUAAAAAAAC~&z=154420232

Requested by

Host: appriver.com
URL: https://appriver.com/resources/blog/january-2020/powerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%E2%80%A6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appriver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 08:47:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 1546 3 KB
1 KB 161ms
161ms Document
text/html 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1618044600000/n3tifahsaxzc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

ab027534ceb362f1414e210763531bbe768a19c9533a117c0d0f5f41878511d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appriver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://appriver.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 09 Apr 2021 13:08:10 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: F0OH1mLPc9wwP5WFD_Yg9xK6FcsUA.zD
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Sat, 10 Apr 2021 08:47:16 GMT
cache-control: no-cache
etag: W/"5c05456bb189de08d99b690288b83029"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: Bplab5SBgtYG8VryhI-XblrZBN2UUZK7Ipb-JqR9g8PRXAELYMo-SQ==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 3595 3 KB
1 KB 160ms
160ms Document
text/html 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1618044600000/n3tifahsaxzc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

ab027534ceb362f1414e210763531bbe768a19c9533a117c0d0f5f41878511d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appriver.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://appriver.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 09 Apr 2021 13:08:10 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: F0OH1mLPc9wwP5WFD_Yg9xK6FcsUA.zD
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Sat, 10 Apr 2021 08:47:16 GMT
cache-control: no-cache
etag: W/"5c05456bb189de08d99b690288b83029"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: C-OB2rPA2eFGCQzffdz6ZgujsZwbvqtSeWKZJJxeotqma2VgKJBz7g==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41dc2d9b16f7d31dfbc105ac685bdef7ac934113d70842048735ecb98d93f40e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 runtime~main.60e4a1d0.js Show response
js.driftt.com/core/assets/js/ Frame 3595 5 KB
3 KB 55ms
53ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

b289dad9bc85f77885699d2e459240f314ecefb32d6f0dd5ae13afcabb03ca74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 17:41:47 GMT
content-encoding: gzip
age: 140729
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 08 Apr 2021 16:21:16 GMT
server: nginx
etag: W/"a27aabd54918dea8ef029f5918d4c82b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tdl5_7G_oMdo08dmfeeDUAm_t3SJugaO
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rv1ldL6dlKJRNJKx3gcW_IQLh658bWBZ8-tRCu3ObvRicOjHUnhjVg==

GET
H2 200 38.feef3c6b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 40 KB
12 KB 56ms
53ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

af8a20e6bd6c6de708d7aeffdd3afab1a47a00f91b53618d246cdb73410f147c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 03:47:32 GMT
content-encoding: gzip
age: 6152384
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Jan 2021 22:54:33 GMT
server: nginx
etag: W/"8a244bcbbb9c80ac041e954050101a6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Y2xtiqOhyUagLaCd4JUdQFq9_qeHBQGq
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7CWr2mFC-A33sfOV5fs-FfgK7iyaySvdahdg-YSflriJZZdNDHkX0g==

GET
H2 200 24.51b9fb55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 42 KB
12 KB 56ms
53ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.51b9fb55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

d411775260d8563a58272ca5581260d0594ff8377e4820e885eac1ffcba4d858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:10 GMT
server: nginx
etag: W/"cef2e36f386b30af63a3565f56cb570c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2YkFlG1sZ1uGuw9fRJhr_rduXEPaItbU
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bsWE9vTpYLRtvS_32x1BoX5lXdfTQ7nU8fmlzG3f5pfjI0LBegQ-YQ==

GET
H2 200 18.df9af1cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 70 KB
21 KB 56ms
54ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.df9af1cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

03be51173737fdb5d979dfd9736dbf9bca895c9c9b30f4d4b64e7e54975948ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:09 GMT
server: nginx
etag: W/"4dd1a4c39ef032a7370127a7a049792b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: h.C2zbsx58v1pJxunn7Ah5lgmrvqa1du
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DVcRE-FiWe7_uGTPo8ecZsBs13hbZuobQCGorw0OAsRv7yZVlI1Bbg==

GET
H2 200 30.d7884983.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 48 KB
15 KB 56ms
54ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.d7884983.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

93854156369ac26c93cb9cb6d7b78cb087e4c0727c27c18086ec516212c65822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 3169395
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"4e1b145be04e5bc76ea6d15f491a0174"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RQGg9Lzfff.JlTlK.NLmBXc6K0oL5gia
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3KD7U3kmi0fSNBqTE0liPGFrbILpOzYcqTSVe95hSi2TXKWuD4meHw==

GET
H2 200 17.01346f26.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 29 KB
8 KB 56ms
54ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.01346f26.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

5a548f4f0fe598ab0e32909884865c4b244d8e8f1caf01a2678a7aa2f032dccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:09 GMT
server: nginx
etag: W/"d881c1078c1983fec915bc6b6aa0deb9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DZAqQV.UJvsXxwZF6YiaFl2qyaLgaBjX
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y6bzGmDHZDDMrXsjeeuLjFjptRmOgYofDb1i8XxKKprx9utwb4sGlQ==

GET
H2 200 19.96441b8b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 39 KB
10 KB 56ms
54ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.96441b8b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

2f5cdaaa7889492b45c17f3fd0d79f8a7f72fccb1bb40ad956b37bf11d8c0175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:09 GMT
server: nginx
etag: W/"854e298ba40cc0c37109059dacdab629"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MzIZE0mgaY7m.fGb.LX9IlVUAL8cjvev
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HmffZzxui_ygCsE7gvmMA8N12mSoHxdwRWcDkjGm_xn4xDOj0ZWoEg==

GET
H2 200 35.a8afab31.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 52 KB
18 KB 56ms
54ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.a8afab31.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

f86e08b2390d477db93fb1f6549ef75530790c121d24a531a6acb0c0b811fceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:47:00 GMT
content-encoding: gzip
age: 2552415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 11 Mar 2021 19:15:02 GMT
server: nginx
etag: W/"e000fed6be2bb9d6650a3d6298820c00"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .G4l5M3zdEr.H9Ym7Vn1RjNno_gNBdpu
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AJdOky9gXmfdGT2bYr6iFgW0apkV6UcOFvL5b6TtdPgMCOXxHtSoyQ==

GET
H2 200 33.6dcbce8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 24 KB
10 KB 56ms
54ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.6dcbce8f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

dfedea6b2e0237cfc559e282854a9ec1afe30dfb45e492447b134d6be359f275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:28:48 GMT
content-encoding: gzip
age: 3158308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 16:50:21 GMT
server: nginx
etag: W/"185cc47f69cf9cfd71f532b15a0b6e8e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Sa1cQ5AXCSfvmijtq3l0XPcobRiPq9R0
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f3sRmsnbyQCAPl_4ldo1bFTqFUoxfOLq6eaioCyNQ_x2LR1JNg-VzQ==

GET
H2 200 13.dce07d58.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 60 KB
21 KB 56ms
55ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.dce07d58.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

43661692d21cddb1129b99f9138bfe095a1494a236c4d8b58d0c764f57815d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:09 GMT
server: nginx
etag: W/"53cb1bc6a93f37cb23bd87c0969623e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9qKAkZ_gCQFUK9XQjx8Tol3YM6NhFM1
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AxNydqPu8FDzhPkRu7gAeSppLXXQpTeudFelaqsJChiKmnrII67CcQ==

GET
H2 200 main~493df0b3.40a201b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 21 KB
7 KB 106ms
105ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.40a201b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

4e1216a3c268146f3c0f7de270620acee8acaf2ab775759d01c2793519351545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 17:33:03 GMT
content-encoding: gzip
age: 314053
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Apr 2021 17:14:15 GMT
server: nginx
etag: W/"69fb0eac23d360e99d09dc8ff2d9f962"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bSwH_75xAiofeTvLmJWwyVFlVbSGw1A9
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F-ERH-mRw8g0BOkzuHZI_g5xkPyCV2TmXoaepWiaPbVKCafFRV2fpg==

GET
H2 200 main~970f9218.fe9024ab.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 63 KB
16 KB 107ms
105ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.fe9024ab.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

ab3f245ea1ff84ac1a4ee97d2bf88b1e56ec56f5dad70c1b73a105f2101c45a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 17:33:02 GMT
content-encoding: gzip
age: 314053
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Apr 2021 17:14:15 GMT
server: nginx
etag: W/"e5ee197ba311176a274dc6e7fee6e7f6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7P0jL99.Os6SrCjfRNCPbidx0BZ2SnmU
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xyaHpikr1RG_bmAqmSo3evMg6Xq8qVHIUBfKHIZpfj9FpMIDjNxccQ==

GET
H2 200 main~89e24786.afbb2c59.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 62 KB
17 KB 107ms
106ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.afbb2c59.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

50765708bd9430e89e962b38ef89dc39c6cb8ca35856c7e82c3a0a74998e39f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 17:33:02 GMT
content-encoding: gzip
age: 314053
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Apr 2021 17:14:15 GMT
server: nginx
etag: W/"664d363329fb00cc74d058503814a7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JcerQY68_yXSuUYCWk2Pjyd9PnG2n_nr
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KN4p8ebuu5fSfqgkggoF7eeH7RkocVX92RVc25gpuj0STqryJCMBKg==

GET
H2 200 main~53ca99a6.730a0fa2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 28 KB
9 KB 107ms
106ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.730a0fa2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

fc9e879da81f1bfe42bfefa7bd82064132ba23b00992a870eb9021d725cdbe6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 13:08:10 GMT
content-encoding: gzip
age: 70746
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 09 Apr 2021 12:58:49 GMT
server: nginx
etag: W/"939aa5527b9e69b10a548f6eb2dd184e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SFaqRE7behZdAzatI7_gAXV4GtdCQeKS
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iLlwiNRo_Z6AINe0qckYSvQ-cRQs27PMKEw0Z7RVhQbqNUxWgau5ZA==

GET
H2 200 runtime~main.60e4a1d0.js Show response
js.driftt.com/core/assets/js/ Frame 1546 5 KB
3 KB 104ms
103ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

b289dad9bc85f77885699d2e459240f314ecefb32d6f0dd5ae13afcabb03ca74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 17:41:47 GMT
content-encoding: gzip
age: 140729
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 08 Apr 2021 16:21:16 GMT
server: nginx
etag: W/"a27aabd54918dea8ef029f5918d4c82b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tdl5_7G_oMdo08dmfeeDUAm_t3SJugaO
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CUM8ZZHKkYms2Q8Jpor4mdvAaRIRocsB2oP1frI9i_9cYyOdmXx3Mw==

GET
H2 200 38.feef3c6b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 40 KB
12 KB 104ms
102ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

af8a20e6bd6c6de708d7aeffdd3afab1a47a00f91b53618d246cdb73410f147c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 03:47:32 GMT
content-encoding: gzip
age: 6152384
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Jan 2021 22:54:33 GMT
server: nginx
etag: W/"8a244bcbbb9c80ac041e954050101a6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Y2xtiqOhyUagLaCd4JUdQFq9_qeHBQGq
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ufG5VtBiiCWIMTBYVQs70uHxr8sJH7AqwxZUW8li06-z9RdthOrQ5A==

GET
H2 200 24.51b9fb55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 42 KB
12 KB 104ms
100ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.51b9fb55.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

d411775260d8563a58272ca5581260d0594ff8377e4820e885eac1ffcba4d858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:10 GMT
server: nginx
etag: W/"cef2e36f386b30af63a3565f56cb570c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2YkFlG1sZ1uGuw9fRJhr_rduXEPaItbU
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4d_fUsDegVpugJRBLF4HhofiA0fYGKdTIDE6j1PAdoA_Q_gfyIFfwQ==

GET
H2 200 18.df9af1cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 70 KB
21 KB 104ms
101ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.df9af1cd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

03be51173737fdb5d979dfd9736dbf9bca895c9c9b30f4d4b64e7e54975948ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:09 GMT
server: nginx
etag: W/"4dd1a4c39ef032a7370127a7a049792b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: h.C2zbsx58v1pJxunn7Ah5lgmrvqa1du
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nTR7sdwNLDnn4aZDulMSERgydMr-wqTIL2BdtIWrCfh0nEfAfDaGAQ==

GET
H2 200 30.d7884983.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 48 KB
15 KB 104ms
96ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.d7884983.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

93854156369ac26c93cb9cb6d7b78cb087e4c0727c27c18086ec516212c65822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 3169395
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"4e1b145be04e5bc76ea6d15f491a0174"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RQGg9Lzfff.JlTlK.NLmBXc6K0oL5gia
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GDTCIPd4VtV7Nl-uvsYlU0-cr1CQzR2B8E4fxu1tquJdK1GXLWYgow==

GET
H2 200 17.01346f26.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 29 KB
8 KB 104ms
96ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.01346f26.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

5a548f4f0fe598ab0e32909884865c4b244d8e8f1caf01a2678a7aa2f032dccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:09 GMT
server: nginx
etag: W/"d881c1078c1983fec915bc6b6aa0deb9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DZAqQV.UJvsXxwZF6YiaFl2qyaLgaBjX
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kPQdJspKWDiSu74CU9J-Qiv_FENyDZYRBCYBrqY7kjyfI2fFy8Tibw==

GET
H2 200 19.96441b8b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 39 KB
10 KB 105ms
97ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.96441b8b.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

2f5cdaaa7889492b45c17f3fd0d79f8a7f72fccb1bb40ad956b37bf11d8c0175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:09 GMT
server: nginx
etag: W/"854e298ba40cc0c37109059dacdab629"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MzIZE0mgaY7m.fGb.LX9IlVUAL8cjvev
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JNnf1OpWTh3wELUxoBka6A7_Zx9tnx28R_o9-xvDh9kbCAiE-gIKOA==

GET
H2 200 35.a8afab31.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 52 KB
18 KB 104ms
95ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.a8afab31.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

f86e08b2390d477db93fb1f6549ef75530790c121d24a531a6acb0c0b811fceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:47:00 GMT
content-encoding: gzip
age: 2552415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 11 Mar 2021 19:15:02 GMT
server: nginx
etag: W/"e000fed6be2bb9d6650a3d6298820c00"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .G4l5M3zdEr.H9Ym7Vn1RjNno_gNBdpu
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tbhsuFSoEpJa4KTvGJiGb25zGqEeU_0sBo-LNzTD0xeRPRTs1uKNmg==

GET
H2 200 33.6dcbce8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 24 KB
10 KB 105ms
96ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.6dcbce8f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

dfedea6b2e0237cfc559e282854a9ec1afe30dfb45e492447b134d6be359f275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:28:48 GMT
content-encoding: gzip
age: 3158308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 16:50:21 GMT
server: nginx
etag: W/"185cc47f69cf9cfd71f532b15a0b6e8e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Sa1cQ5AXCSfvmijtq3l0XPcobRiPq9R0
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L4Tlx2mIHKej8cOqoEPwHzu-YwoctuFvF_fvFDI1jKlg6lMyUwKB-g==

GET
H2 200 13.dce07d58.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 60 KB
21 KB 128ms
120ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.dce07d58.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

43661692d21cddb1129b99f9138bfe095a1494a236c4d8b58d0c764f57815d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:09 GMT
server: nginx
etag: W/"53cb1bc6a93f37cb23bd87c0969623e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9qKAkZ_gCQFUK9XQjx8Tol3YM6NhFM1
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8YEWzhlDe2K73QRvPaJRviu2A0Vb1XifDIAgGF-KCSpl76TEcsNEfw==

GET
H2 200 main~493df0b3.40a201b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 21 KB
7 KB 128ms
120ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.40a201b4.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

4e1216a3c268146f3c0f7de270620acee8acaf2ab775759d01c2793519351545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 17:33:03 GMT
content-encoding: gzip
age: 314053
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Apr 2021 17:14:15 GMT
server: nginx
etag: W/"69fb0eac23d360e99d09dc8ff2d9f962"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bSwH_75xAiofeTvLmJWwyVFlVbSGw1A9
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gVNaHSLWrP6oM4CqJ5Tubf1NaEavA3mguleG6j-pT-f5tncf0NyQyw==

GET
H2 200 main~970f9218.fe9024ab.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 63 KB
16 KB 128ms
120ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.fe9024ab.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

ab3f245ea1ff84ac1a4ee97d2bf88b1e56ec56f5dad70c1b73a105f2101c45a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 17:33:02 GMT
content-encoding: gzip
age: 314053
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Apr 2021 17:14:15 GMT
server: nginx
etag: W/"e5ee197ba311176a274dc6e7fee6e7f6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7P0jL99.Os6SrCjfRNCPbidx0BZ2SnmU
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZjQ6t77E3zE6KDpMlJ0NAprBqKFwQz7VSoYgFhwITD7uJPw1eMsrIw==

GET
H2 200 main~89e24786.afbb2c59.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 62 KB
17 KB 128ms
120ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.afbb2c59.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

50765708bd9430e89e962b38ef89dc39c6cb8ca35856c7e82c3a0a74998e39f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 17:33:02 GMT
content-encoding: gzip
age: 314053
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Apr 2021 17:14:15 GMT
server: nginx
etag: W/"664d363329fb00cc74d058503814a7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JcerQY68_yXSuUYCWk2Pjyd9PnG2n_nr
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vlvBMxF53f8-Kp8ofUg8yFAmyGq93-T0DBzOWF0k5j6iSEc5K9ml_g==

GET
H2 200 main~53ca99a6.730a0fa2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 28 KB
9 KB 128ms
120ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.730a0fa2.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

fc9e879da81f1bfe42bfefa7bd82064132ba23b00992a870eb9021d725cdbe6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 13:08:10 GMT
content-encoding: gzip
age: 70746
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 09 Apr 2021 12:58:49 GMT
server: nginx
etag: W/"939aa5527b9e69b10a548f6eb2dd184e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SFaqRE7behZdAzatI7_gAXV4GtdCQeKS
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: suU8YhCzggVN3nF0kLSyA4fe2qt-JjjAmU5PPKBkrIe23_RK-QyRnw==

GET
H2 200 36.56cefaf3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 6 KB
3 KB 50ms
50ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.56cefaf3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

e9f1723d153401796dcde6f2d1fbf9a6e2181ac7e94049fc88126fbff1abd38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:50:09 GMT
content-encoding: gzip
age: 5468228
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:45 GMT
server: nginx
etag: W/"199a90762d66f2a85b69771e3ad0d5d5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QapLgE7Hrz7BOH3CyhE2UBgsF1vU.UM6
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1BgzZNqDUG64Zj_0p2Jk1dZ2fcYuRH9WSzVGtWxSttHurn6jJSqsqQ==

GET
H2 200 34.fe729046.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 107 KB
34 KB 51ms
50ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.fe729046.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

ff04dd81bb93731c0d1f8e7d384b370f26b93f4352980404fcdc4518e386bedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 07:29:10 GMT
content-encoding: gzip
age: 5879887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 18:47:31 GMT
server: nginx
etag: W/"b75bf38c8eee61f620998bf4e506f0a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sSsGb8qv3FA_x9pHEEYoEYgTo0k7yLWg
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d0pOlUpZCfYdigqvzA-f9U09N7Mn8HuMlNxAmadQwJm8ur8vfuSfZQ==

GET
H2 200 27.fca79052.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 27 KB
9 KB 51ms
50ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.fca79052.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

00fd33e63ade8958eebf3cd4eabfb016a072021883eb73e15707c27c7467326e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 3169396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"778effaa1518bcdcddb080ef14f98e02"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FaSQOMF905756twg_WaxPLtYkgG28uFg
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w7XfPFdBMrDLbQq8DxDWD6KoJzdBzW592T3vXRhnI_SRNEVhpfb9gg==

GET
H2 200 31.3f86bbb6.chunk.css
js.driftt.com/core/assets/css/ Frame 3595 2 KB
1 KB 52ms
51ms Stylesheet
text/css 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/31.3f86bbb6.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

477de7f62c5e4f36a105fbf424445ffde0c8a7e2263cc8a2d657d221d8a5898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:03 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:08 GMT
server: nginx
etag: W/"2c4cc154316ee9ade3012f13a2c1b2f5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: D08ovFtBYED.yu6DiCG0PnrMH4qOS5.j
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TCa7kYfkvFLL2PTiFYvSAq41q93kq1U-xXrFBly02wbeFtpP0HfPqw==

GET
H2 200 31.cda78910.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 5 KB
2 KB 52ms
52ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/31.cda78910.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

a30bbe277414c9c710df300faa5b44d99e72377cd55476ad6562ac124d678536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 20:36:08 GMT
content-encoding: gzip
age: 216669
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 20:03:51 GMT
server: nginx
etag: W/"7690db8d3da5a36d4ec80ef6a706e05d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7bboTpbjQRpiHWT0LcDBWwb0QXYDCRty
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: A6MsRL_EAS7nmQ7F6e4BWoLnXgg_P41YCyjhqnkvUGt9Ka8vLaaM6Q==

GET
H2 200 36.56cefaf3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 6 KB
3 KB 50ms
50ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.56cefaf3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

e9f1723d153401796dcde6f2d1fbf9a6e2181ac7e94049fc88126fbff1abd38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:50:09 GMT
content-encoding: gzip
age: 5468228
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:45 GMT
server: nginx
etag: W/"199a90762d66f2a85b69771e3ad0d5d5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QapLgE7Hrz7BOH3CyhE2UBgsF1vU.UM6
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: orCiIgxbsuBFYst6YwquTq3QN2NvqbPU4220fs7Z1TS6Iao3Q5jI-g==

GET
H2 200 34.fe729046.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 107 KB
34 KB 50ms
50ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.fe729046.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

ff04dd81bb93731c0d1f8e7d384b370f26b93f4352980404fcdc4518e386bedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 07:29:10 GMT
content-encoding: gzip
age: 5879887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 18:47:31 GMT
server: nginx
etag: W/"b75bf38c8eee61f620998bf4e506f0a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sSsGb8qv3FA_x9pHEEYoEYgTo0k7yLWg
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mzX2MdiXS63UXZzF5re0gA_zhhcTGEzyhcC1A2nZBBWj1QJIlfkKwA==

GET
H2 200 27.fca79052.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 27 KB
9 KB 50ms
50ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.fca79052.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

00fd33e63ade8958eebf3cd4eabfb016a072021883eb73e15707c27c7467326e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 3169396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"778effaa1518bcdcddb080ef14f98e02"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FaSQOMF905756twg_WaxPLtYkgG28uFg
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uHy8ed4GuSsu9d74XMijLQ7y6biK-owJh8HKP3PZrTqCH-98h7vu8g==

GET
H2 200 31.3f86bbb6.chunk.css
js.driftt.com/core/assets/css/ Frame 1546 2 KB
1 KB 52ms
52ms Stylesheet
text/css 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/31.3f86bbb6.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

477de7f62c5e4f36a105fbf424445ffde0c8a7e2263cc8a2d657d221d8a5898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:03 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:08 GMT
server: nginx
etag: W/"2c4cc154316ee9ade3012f13a2c1b2f5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: D08ovFtBYED.yu6DiCG0PnrMH4qOS5.j
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kzdLC_xyGmxyV8vnMeBb3q-Bqp7ZM7UpkZvpFkRcDrelGF_iNQY1Xw==

GET
H2 200 31.cda78910.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 5 KB
2 KB 52ms
52ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/31.cda78910.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

a30bbe277414c9c710df300faa5b44d99e72377cd55476ad6562ac124d678536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 20:36:08 GMT
content-encoding: gzip
age: 216669
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 20:03:51 GMT
server: nginx
etag: W/"7690db8d3da5a36d4ec80ef6a706e05d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7bboTpbjQRpiHWT0LcDBWwb0QXYDCRty
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V-RCZtGJJl9oi4tdR4bELZ5imsflqXXIMq7OTPpyw6IBLb-53cetBA==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 17 KB
6 KB 54ms
49ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 02:34:41 GMT
content-encoding: gzip
age: 4947156
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 11 Feb 2021 15:02:23 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: meASu2JEFoyVpwOxkLJiMpQwEpCiiXJl
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M8FHnrzdonR__zN-Pyy3htJFM2iwhJ3YW3npxfSLDfV1rmEjc8FFmQ==

GET
H2 200 32.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame 3595 6 KB
1 KB 54ms
49ms Stylesheet
text/css 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:03 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:08 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: N9pz_uaOqz_LcCJXwq2fP8udkLRQP9sW
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sHE3VJNYo5lwMgUhpyK6oBcTaGbg0vZ02t1XPUV6_famSEJ51vd4jg==

GET
H2 200 32.576563f1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 2 KB
2 KB 52ms
49ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.576563f1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

6990cc2a218b1513211f41a22ca6966159774ab8724207389715a03eeb39076f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 20:36:08 GMT
content-encoding: gzip
age: 216669
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 20:03:51 GMT
server: nginx
etag: W/"9ad9bc7352d800be4e08503cd2672cb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PJ.lLcHJr0vuZldsJZV.idbMt_1SYrkI
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kSL3dFxX_4kXqDYJjYs9jhmYjdvwJPPYAjIMIVoy2ycCJUI20re8FQ==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 17 KB
6 KB 49ms
48ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 02:34:41 GMT
content-encoding: gzip
age: 4947156
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 11 Feb 2021 15:02:23 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: meASu2JEFoyVpwOxkLJiMpQwEpCiiXJl
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VpFVyRUHjOUPt8UWQ1fe_WtPsTb6O6TdrBbwAznQoI4LTBesYEIMQg==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 68 KB
20 KB 51ms
50ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:42:28 GMT
content-encoding: gzip
age: 5468689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:44 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kErXw93froxamEp2BnqkXpG57uNk3Qr1
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1qlYtnoPeOZrXMDLyhfTjx8VhkgI153FPv_dfUxranSiET6VabL16Q==

GET
H2 200 28.973133ca.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 41 KB
12 KB 51ms
50ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.973133ca.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

8b695f56517b6e927c365dfc1f09b6cedfafb869183074b0040399c4960a77c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 20:53:07 GMT
content-encoding: gzip
age: 3066849
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Mar 2021 20:23:41 GMT
server: nginx
etag: W/"ecf99724b02f7b23e01b9717ae480786"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TA00J8zYqpnkOZxchdfs_j6Px0w36iW5
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fUy57SCxqy5NAwI4RAAjyd2ozHYCpWlewUWpR2rHgl-wJokRjL3wvQ==

GET
H2 200 2.c8663009.chunk.css
js.driftt.com/core/assets/css/ Frame 1546 2 KB
1 KB 51ms
50ms Stylesheet
text/css 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.c8663009.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

62b33c7813e7ad094f92e3917fa81aff0546a584602763b43ce4bcd4ea7b46c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 17:41:47 GMT
content-encoding: gzip
age: 140730
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 08 Apr 2021 16:21:12 GMT
server: nginx
etag: W/"49bde0a5fadb142d912e44161f3d4f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PUOdZrRBCyY7g_ZKuhwv_ZCIA4BMEqEK
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: glAwB5Psum-VliyrWiT-pZW7MYKbmxdJqARL5wpW2jRkQ8ssmM1dMg==

GET
H2 200 2.76142f45.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 27 KB
10 KB 53ms
53ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.76142f45.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

bc35dc82205b91e84ff7eb9d74d8fc04412b4246d9edcbe7e8c4b43a954be541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:57:00 GMT
content-encoding: gzip
age: 924617
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 30 Mar 2021 15:09:56 GMT
server: nginx
etag: W/"e418db8de1c2a6e2f3ff10bd84e11107"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zbmshXq66aPkSIx6jZ4E08JKXtO0ykBo
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SM8HBQS5XWCffqdAP8mEp_oBcfFF7edHu43tTSw44a9TSM8RkcIkLQ==

GET
H2 200 26.02e62d23.chunk.css
js.driftt.com/core/assets/css/ Frame 1546 8 KB
2 KB 53ms
52ms Stylesheet
text/css 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/26.02e62d23.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

475dbccf84ca50f8d13df95ef5a85c58198fd65fefa481850453de7feb2d4bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 16:09:55 GMT
content-encoding: gzip
age: 1442242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 24 Mar 2021 15:54:56 GMT
server: nginx
etag: W/"4a7ea3158114815c3ce4a439e64bb20f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: grRYYHSSp1mU3ptY3c1ADwZbODEJ.GD2
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bfilowK-k_vcg47Uubdp_R6Ndn-er01JwSHMrsJgiT1Qh8Drdbd_Ww==

GET
H2 200 26.b28fcc1f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 68 KB
19 KB 53ms
53ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.b28fcc1f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

45c6471f9b8d9a882dc0997d5f2582e6be47dce98d963383521ab6b480b46a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 17:33:03 GMT
content-encoding: gzip
age: 314054
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Apr 2021 17:14:14 GMT
server: nginx
etag: W/"a965df5333777d7d38412493ddeb27f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Et3fWJqlSsaH1UfzviBYLJKUWDVmkgJr
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Sm5mehY5Yx2gCrM0hxsumq-T4uI1RisGXbGucJtEPYsVkHLl0qM7Ew==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 68 KB
20 KB 49ms
49ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:42:28 GMT
content-encoding: gzip
age: 5468689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:44 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kErXw93froxamEp2BnqkXpG57uNk3Qr1
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eRfQ3MOnodLNH1WVcfTRc-86X1vl33p-Z4b5e4_QBBR046CalG58Og==

GET
H2 200 6.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 3595 7 KB
2 KB 49ms
49ms Stylesheet
text/css 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/6.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:03 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:08 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4W7j47FaGFn6zfjP8WI3XQH_pHab5cA8
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bgBO7R7sBLTzSryB4TkwD7Xln0mNRHUbTpvIzAXhaP99gByIGHhH6Q==

GET
H2 200 6.8a170c54.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 38 KB
13 KB 50ms
49ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/6.8a170c54.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

49768b3da5cf97cb82a6f3db73097011454b7cce09529bff08c9decb23b80254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:03 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:10 GMT
server: nginx
etag: W/"ef7ecb5ffb6e97b627cffdd96eb98848"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LUrYItfzRfdEwKDAEgZAQj1eonofAAo7
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 66hWmu5iigamKig74fA2N7CU2Fq_5NZ8yVZJcBRRcD1ZMhiAkYs4yQ==

GET
H2 200 5.39718cbd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 50 KB
14 KB 51ms
49ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.39718cbd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

b05c21426d9a2999f3f7b48d494bc6dba7b4fba240d3eae1047c99116c075232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:03 GMT
content-encoding: gzip
age: 1338734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:10 GMT
server: nginx
etag: W/"22b4f20089aad6d0ac685e754c01e20c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: I8vDvAQu.ULzgfdeCA0aGGvdnMiGhc1j
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: e9BQkxYqApwZlagMrIjc3Yu4UT7N3ruF1KS1nBqSE59vesgDRGl_tg==

GET
H2 200 2.c8663009.chunk.css
js.driftt.com/core/assets/css/ Frame 3595 2 KB
1 KB 49ms
48ms Stylesheet
text/css 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.c8663009.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

62b33c7813e7ad094f92e3917fa81aff0546a584602763b43ce4bcd4ea7b46c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 17:41:47 GMT
content-encoding: gzip
age: 140730
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 08 Apr 2021 16:21:12 GMT
server: nginx
etag: W/"49bde0a5fadb142d912e44161f3d4f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PUOdZrRBCyY7g_ZKuhwv_ZCIA4BMEqEK
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TY78NfJejEex3E98-u44xWQLnLW3KHF7zsAm_mwY27KRlU1McRq_6g==

GET
H2 200 2.76142f45.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 27 KB
10 KB 50ms
49ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.76142f45.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

bc35dc82205b91e84ff7eb9d74d8fc04412b4246d9edcbe7e8c4b43a954be541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:57:00 GMT
content-encoding: gzip
age: 924617
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 30 Mar 2021 15:09:56 GMT
server: nginx
etag: W/"e418db8de1c2a6e2f3ff10bd84e11107"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zbmshXq66aPkSIx6jZ4E08JKXtO0ykBo
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Rj1sOKAx-3IOZzcmMo0P3hQKHtwW1PkqcBetXIpgH0flhDVYwJHrlw==

GET
H2 200 7.e10c6f40.chunk.css
js.driftt.com/core/assets/css/ Frame 3595 14 KB
3 KB 56ms
48ms Stylesheet
text/css 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.e10c6f40.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

4ab346b1d21f307629c9836a9f640965a400ab887fa4963417b6f301255267be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 13:58:42 GMT
content-encoding: gzip
age: 240515
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 13:02:15 GMT
server: nginx
etag: W/"b3b5cd1d956e79a0f86d75a757a6c5f9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RiBkwgpYu336J2HKpCThKsrWlCT.X0Et
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DRrPXBx5ZWMny3E2EqdEXSQAcXGIx1wJJkDH8JjIzlVdVFQbkh3p2A==

GET
H2 200 7.b54558ae.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 15 KB
6 KB 57ms
50ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.b54558ae.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

84032290c735b0bebec42122484159b74abec3a11258b172e88c243addfe69b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 20:36:09 GMT
content-encoding: gzip
age: 216668
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 20:03:52 GMT
server: nginx
etag: W/"27ccfb2f6c1025b38227f347aa717434"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bKBTokhg7k4rdr1e41OPzMky9DcaCY4c
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b8BfMO8Xwicd9-PZFAqTqTtPxgAMy_exDkdZQGQMlQ213QhLQtr3iw==

GET
H2 200 3.1a6b5c62.chunk.css
js.driftt.com/core/assets/css/ Frame 3595 37 KB
7 KB 57ms
49ms Stylesheet
text/css 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.1a6b5c62.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

c78289995801c3d4ec2f1f7b456df9fe89414c385e344b4426b32ec3fcd842ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 17:41:47 GMT
content-encoding: gzip
age: 140730
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 08 Apr 2021 16:21:12 GMT
server: nginx
etag: W/"a8936d88d904902cfc29879a1a0814a0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LKmcchAnRGwPaoDsbsgDZQknXhMiv9RJ
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RBf1iWQhXKm22uqSvxHwdJ5Pv1V2BCboFKptbQRZnC0GsOejMp-YvA==

GET
H2 200 3.756d886c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 73 KB
22 KB 58ms
50ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.756d886c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

e4c4c36d32676fdcda91de06b26d7dc8d66b03e198c0391a80ac8bd8df2b3431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 13:58:22 GMT
content-encoding: gzip
age: 154135
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 08 Apr 2021 13:25:10 GMT
server: nginx
etag: W/"84b44a8a951c8d195db0c1f790007680"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qtMjnuNCWIkCdCk0ykLs0f7X9FLvn.yM
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FTyt0If7KZ4cG6afyQ4BrAejtWJ4LJMeHiNOhpCwypuctrJPejZIvw==

GET
H2 200 4.ca6c5e68.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 18 KB
8 KB 58ms
51ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.ca6c5e68.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

93b821d22cb2ce70cd11d8303fb7b2bd1ae0823baec282a8ae08e21550632594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 20:36:09 GMT
content-encoding: gzip
age: 216668
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 20:03:51 GMT
server: nginx
etag: W/"f448d88dcc7c7dd65397549847dc2a20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .soYkTZ.HYIl4G.z3AZqKCwiiqyDBfQX
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 19ovLlA4npE-wdz1QhUz87tkTspjtBCsUQk4UU0NSug4Yk1d30tEmA==

GET
H2 200 22.b3874862.chunk.css
js.driftt.com/core/assets/css/ Frame 3595 17 KB
4 KB 54ms
50ms Stylesheet
text/css 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/22.b3874862.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

435bb425f7b99cbf0879f5c79bf7c85fe186831f9b7cd59ce912f80796e30e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 17:41:47 GMT
content-encoding: gzip
age: 140730
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 08 Apr 2021 16:21:12 GMT
server: nginx
etag: W/"7ae226526a32a08c881ba42cbd4dfe33"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: yTnXaxY_bT6p46ad6rXrxMgLR_n9LMU9
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: akSv4DH_Xz5_b0vCnX6ZoZPiYjdQv2QSlbL_bCBrLZmV7xyt3IyzBQ==

GET
H2 200 22.fc7ad613.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 26 KB
9 KB 55ms
51ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fc7ad613.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

00af24c0de7d1e5ffb36bf61a96abea287506d21771ddaa7de1c1ec723a55009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 20:36:09 GMT
content-encoding: gzip
age: 216668
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 20:03:51 GMT
server: nginx
etag: W/"6638f04006b3c647c1ed0ae543d2f7d7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LDMKWLt7aZGvyN60UUhnkwMUHNbw6nfY
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lz03ryYxCK45UZzlH8gaYGczcw02w6bYoEriVu0gGJwoQR-IyzzJvQ==

GET
H2 200 n3tifahsaxzc.json Show response
embeds.driftcdn.com/embeds/ Frame 1546 16 KB
6 KB 540ms
438ms XHR
application/json 52.222.179.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/n3tifahsaxzc.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-11.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c59b6b334d766ce34f1080f280e426fce7b0c31e98b95594cc2947bb7997ed75

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 08:47:18 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 15:47:36 GMT
server: AmazonS3
etag: W/"4d24bd0734ab738ff02d9491ed2370c5"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 8546619508b421ce9fe06c7b912968a9.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: kL3W_GbWNPTM86XLJfTjcy3wRwmSZf0lEXHYQ97_fk2MURss5m1UFw==

POST
H/1.1 200
OK v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 1546 25 B
697 B 148ms
148ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Apr 2021 08:47:17 GMT
server: istio-envoy
requestid: 7c9c37c0d7d42018
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H/1.1 200
OK v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 549ms
135ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

HTTP/1.1

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Apr 2021 08:47:17 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftb533e614d51b59f976ceff4e2d1
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 43.0bd3f7fc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1546 17 KB
6 KB 49ms
48ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.0bd3f7fc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

f79a8aa00d3bd94f428463ac9c44896172d23e0f0f6d6fe4f05f1c9b593e702c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=n3tifahsaxzc&forceShow=false&skipCampaigns=false&sessionId=b77459e3-84bf-4ea8-ab3d-a33ff417bf42&sessionStarted=1618044436&campaignRefreshToken=e7829717-cda7-4cf4-8154-473566749b21&hideController=false&pageLoadStartTime=1618044431881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 00:41:34 GMT
content-encoding: gzip
age: 5299543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:45 GMT
server: nginx
etag: W/"533cfc95735c653dd37e8e6b8d17383d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ERTUxDMtR8wGkYOicn7jsyBINk5Gat3C
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Mino4D2OOVCWSB7VGQxYWCpvHOv6so4Srh1X0t-8HvbSDrBjBmFG6Q==

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 1546 3 KB
2 KB 587ms
319ms XHR
application/json 3.224.7.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.7.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-7-114.compute-1.amazonaws.com

Software

Resource Hash

7d73bb874dc57ce9e2b65f0f514a7b783cc4246fe70346b237743b1c152e542d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 10 Apr 2021 08:47:18 GMT
content-encoding: gzip
requestid: 2385b62ff2af4a3c
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1487
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 n3tifahsaxzc
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 406ms
135ms Preflight
text/plain 100.24.186.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/n3tifahsaxzc

Protocol

Server

100.24.186.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-186-63.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Apr 2021 08:47:18 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: HEAD,GET,OPTIONS
requestid: driftf3fce7544ee8b8170d992b9d753

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 406ms
133ms Preflight
text/plain 52.0.189.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

52.0.189.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-189-149.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Apr 2021 08:47:18 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift678ee5a4bcb97159ad6eb5911ff

GET
H2 200 n3tifahsaxzc Show response
targeting.api.drift.com/hours/availability/combined/ Frame 1546 41 B
485 B 160ms
159ms XHR
application/json 100.24.186.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/n3tifahsaxzc

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.24.186.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-186-63.compute-1.amazonaws.com

Software

Resource Hash

a9885038c50d2ae4af29f5089c02051b3c87caccc4d8e42b4fe56208c16478ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5MjYzMTk0NDg3IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTE3NDA2NiIsImV4cCI6MTY0OTU4MDQzOCwiaWF0IjoxNjE4MDQ0NDM4fQ.s_j8ueBb5jLacQ09KTHkO1o1o6jLuTMulwo6SbtBdexBw1P6lMd0R68E1UGJEINC6n2-HMU41YuuwCKWsRk3zg

Response headers

date: Sat, 10 Apr 2021 08:47:19 GMT
requestid: 6e156a57328027df
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 41
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 1546 4 KB
711 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.76142f45.chunk.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Apr 2021 08:08:01 GMT
server: ESF
date: Sat, 10 Apr 2021 08:47:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Apr 2021 08:47:18 GMT

POST
H2 200 track Show response
event.api.drift.com/ Frame 1546 647 B
1 KB 135ms
134ms XHR
application/json 52.0.189.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.189.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-189-149.compute-1.amazonaws.com

Software

Resource Hash

40cfa5321676ed075304f3dc3549eecc3c8ceece70111b190f1eeac432291bf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5MjYzMTk0NDg3IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTE3NDA2NiIsImV4cCI6MTY0OTU4MDQzOCwiaWF0IjoxNjE4MDQ0NDM4fQ.s_j8ueBb5jLacQ09KTHkO1o1o6jLuTMulwo6SbtBdexBw1P6lMd0R68E1UGJEINC6n2-HMU41YuuwCKWsRk3zg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Apr 2021 08:47:19 GMT
requestid: 98bd4830b4de335d
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 647

GET
H2 200 43.0bd3f7fc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3595 17 KB
6 KB 49ms
48ms Script
application/javascript 54.192.210.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.0bd3f7fc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.60e4a1d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-116.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

f79a8aa00d3bd94f428463ac9c44896172d23e0f0f6d6fe4f05f1c9b593e702c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 00:41:34 GMT
content-encoding: gzip
age: 5299544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:45 GMT
server: nginx
etag: W/"533cfc95735c653dd37e8e6b8d17383d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ERTUxDMtR8wGkYOicn7jsyBINk5Gat3C
via: 1.1 f1d5d7779515e0233ce392877610b704.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: HAM50-C2
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7V_UQwhLRhqmeil1KjdIjsTlQKXC53CP3xKAAB0uLU2mDaSA9v4J9A==

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 3595 4 KB
665 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.76142f45.chunk.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Apr 2021 08:01:01 GMT
server: ESF
date: Sat, 10 Apr 2021 08:47:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Apr 2021 08:47:18 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 3595 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 81821
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:03:37 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 3595 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 81821
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:03:37 GMT

POST
H/1.1 200
OK bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 1546 25 B
697 B 145ms
145ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5MjYzMTk0NDg3IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTE3NDA2NiIsImV4cCI6MTY0OTU4MDQzOCwiaWF0IjoxNjE4MDQ0NDM4fQ.s_j8ueBb5jLacQ09KTHkO1o1o6jLuTMulwo6SbtBdexBw1P6lMd0R68E1UGJEINC6n2-HMU41YuuwCKWsRk3zg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Apr 2021 08:47:20 GMT
server: istio-envoy
requestid: edb8f8fbc4d959fc
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H/1.1 200
OK bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 135ms
135ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

HTTP/1.1

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Apr 2021 08:47:19 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift4f016d4470dacdabf6aae369f39
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H/1.1 200
OK bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 1546 25 B
695 B 136ms
135ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5MjYzMTk0NDg3IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTE3NDA2NiIsImV4cCI6MTY0OTU4MDQzOCwiaWF0IjoxNjE4MDQ0NDM4fQ.s_j8ueBb5jLacQ09KTHkO1o1o6jLuTMulwo6SbtBdexBw1P6lMd0R68E1UGJEINC6n2-HMU41YuuwCKWsRk3zg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Apr 2021 08:47:23 GMT
server: istio-envoy
requestid: fd4fa2cf42d135e
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H/1.1 200
OK bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 135ms
134ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

HTTP/1.1

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Apr 2021 08:47:22 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift2117dca434681f979de9a70e43a
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.appriver.com/	1970-01-20 02:13:00	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sat+Apr+10+2021+10%3A47%3A16+GMT%2B0200+(Central+European+Summer+Time)&version=6.1.0&landingPath=https%3A%2F%2Fappriver.com%2Fresources%2Fblog%2Fjanuary-2020%2Fpowerpoint-malware-references-drake-lyrics-drop-lokibot-azorult%25E2%2580%25A6&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C0_281408%3A0%2C0_281409%3A0%2C0_281412%3A0%2C0_281413%3A0%2C0_281410%3A0%2C0_281411%3A0%2C0_281414%3A0
appriver.com/	1970-01-19 17:27:26	Name: drift_campaign_refresh Value: e7829717-cda7-4cf4-8154-473566749b21
.appriver.com/	1970-01-19 17:27:24	Name: _gat_gtag_UA_247764_29 Value: 1
.appriver.com/	1970-01-19 17:28:50	Name: _gid Value: GA1.2.564705638.1618044436
.appriver.com/	1970-01-20 10:58:36	Name: _ga Value: GA1.2.731396957.1618044436

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://appriver.com/themes/custom/zixappriver/js/main.js?v=1.x(Line 76) Message: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appriver.com
bootstrap.api.drift.com
cdn.polyfill.io
code.jquery.com
embeds.driftcdn.com
event.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
js.driftt.com
metrics.api.drift.com
munchkin.marketo.net
optanon.blob.core.windows.net
p.typekit.net
stats.g.doubleclick.net
targeting.api.drift.com
use.typekit.net
www.bugherd.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
100.24.186.63
104.111.234.67
151.101.114.109
199.30.234.249
2001:4de0:ac18::1:a:3b
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c1b::9d
2a02:26f0:6c00::210:ba2a
2a02:26f0:7100:295::19fd
3.224.7.114
3.94.218.138
52.0.189.149
52.203.96.188
52.222.179.11
52.239.137.4
54.192.210.116
00af24c0de7d1e5ffb36bf61a96abea287506d21771ddaa7de1c1ec723a55009
00fd33e63ade8958eebf3cd4eabfb016a072021883eb73e15707c27c7467326e
018bc192232b968b662399f1cb800c44ee22b64285a6334366c667f7ebfea058
01b900fe24ac693e90b1b84b3997ff06bda6c701030b4a30024abb5a67fb2ac1
03be51173737fdb5d979dfd9736dbf9bca895c9c9b30f4d4b64e7e54975948ff
0ac01ab832b811cdc2dfddaf28ba2f1ee3ef3bb6486cbaeb424226fde71ee625
0b61e01fa0fa02eba3c6a074427ddf2a6cf98c01727b2796309b2b5b005fac70
0e61bbf1fcf3573627de44aa6799cce3ed481ae1962ad7d98f9a996db96f8c8f
10504939833401b539099f2fe040c8346889db8387ada82330f1fc377bc2fc64
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
132298c08776faea963092e83b7c30712bde095c62530bd3a613322987c4663e
144c2b996574a2f16003848858de86dc5ad3486fb4fe14a5d5a79d134086e763
1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87
14ffae1f46d118d9c065d96f02ee4fa16061dbf1a7620957d9564b51289a4317
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1bab3880f653cc4d004c2012e94eed50909ba0a6cfd8540d5a5ffce7caf56c03
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
27ade4448213a70309ff4c8e6157e4a386d24af7c89abecb8df2cfd88fc65701
299064cf3027c5efab4ab6df345de1302dfa562db83eca51965371938480f56c
29a630cf5111901233f94887450c9fe9189ea23f6ba08c0e7c60629b3b85049e
2e6726a445d070701980a6ba5e452381f6a9cf2fb9265ae574b861c3f6c21612
2f5cdaaa7889492b45c17f3fd0d79f8a7f72fccb1bb40ad956b37bf11d8c0175
322caa9e5fdb996a5afa9ef6283b3f0646c72c2add2f2540a82ac24e7c7d917a
330f669838be77a98c44d2f6549f8535ce664ae1593dbdb36d42f3f36e98c9d5
3388130914aa9782e9d5a20234f4dcd5055bd86a9a9ed579ab84a597107c3593
338a0aa671d44549b3059a89647224c19557e207430e7378abbfbfdb7a1c8a23
3dc4c8976917e48d271dc01b9cea9b0fd1b52811fb4a85ba5d807735b0312f5a
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
3fc05d56619f9c8c9bb02bbac38dffbd0616ba1b462b1ed9a342a86644fdd887
40cfa5321676ed075304f3dc3549eecc3c8ceece70111b190f1eeac432291bf1
41683e0bdfed00e74de14d86441e289271ca70b2a94c721653b9a49dc32fb24e
41dc2d9b16f7d31dfbc105ac685bdef7ac934113d70842048735ecb98d93f40e
435bb425f7b99cbf0879f5c79bf7c85fe186831f9b7cd59ce912f80796e30e89
43661692d21cddb1129b99f9138bfe095a1494a236c4d8b58d0c764f57815d3b
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
45c6471f9b8d9a882dc0997d5f2582e6be47dce98d963383521ab6b480b46a31
475dbccf84ca50f8d13df95ef5a85c58198fd65fefa481850453de7feb2d4bb2
477de7f62c5e4f36a105fbf424445ffde0c8a7e2263cc8a2d657d221d8a5898d
49768b3da5cf97cb82a6f3db73097011454b7cce09529bff08c9decb23b80254
4a4fa2a793d87c88f1509f370dbc40b6deec2188b6a918f92365f873b7bc566d
4ab346b1d21f307629c9836a9f640965a400ab887fa4963417b6f301255267be
4d9de30f44d155113b05e267edeb3f534339c20b02135b37b954e2be32f1f061
4e1216a3c268146f3c0f7de270620acee8acaf2ab775759d01c2793519351545
50765708bd9430e89e962b38ef89dc39c6cb8ca35856c7e82c3a0a74998e39f7
5251ec9a6d7f9cc54b205363d70eb38bf67517f8e02b3ae04e85c9cf5f908228
55232dd39e62d18f8a17fa1d3d2f48616c0c1a702a053a62e9289bacc00191d6
5a548f4f0fe598ab0e32909884865c4b244d8e8f1caf01a2678a7aa2f032dccf
5b159e6ef41dbba1dffa56e2a922733a81656a00324bcf82b9b0e48cd6af325a
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5f8f69ec521f7998af455985a8ede6d8dcf3527b43795fe3d26f1f1b57a5a554
62b33c7813e7ad094f92e3917fa81aff0546a584602763b43ce4bcd4ea7b46c8
659c08a5799af9f14a52f5ee7544388c7a4ccf80d01c48dc3f7edd5513aa2dad
65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276
694010e3722a2e8575aef0c6684b60ceed96995a9558d56fbdf7ee7339cc0438
6990cc2a218b1513211f41a22ca6966159774ab8724207389715a03eeb39076f
69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598
6f0160c0d198d260e42d1394b516e5495ee57c204e41cd2147e4026110843d54
732ac3d1e0be45497ec275b2d9b3f926661e243a4d80da8240abfeaa5eee21bd
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
750e66789618a2e5a917b34aa2e29abd2713041f80259ce54ef1b4f0fdffcbdb
7b01b36d9b978726eeb935eb9cf4ca4b7ac06e7191264f079068f6b0f3a51e90
7d73bb874dc57ce9e2b65f0f514a7b783cc4246fe70346b237743b1c152e542d
7e0f43d721b07d29d6310e31aa037a28371e3d85d5ad27592ab1daab3a589e54
80dd92890eb3b5cf2998f3141668bf956843764f1027e038df2dc80ce145bd8b
817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485
8188bad0f77aaf0e06c5d199b36c85263048a4ac6361bed201939fdab3dd196f
84032290c735b0bebec42122484159b74abec3a11258b172e88c243addfe69b8
848e395b67c5a776114425ac9ea4cc4f809cdca2caf2685fd2f6a94eba4c7238
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b695f56517b6e927c365dfc1f09b6cedfafb869183074b0040399c4960a77c8
8bf26ae9373c49b3cc06b9efabfb0e4df1fcd615b97a655ae0ecd93ea85cc2d2
8e2c11562c4db62fcaa730cee623e84c9a205115de4bb13785cc434c152831da
9018c4c78b2c89ae030f975ba18c806a4b825d8b470e0f51cfc1327ae09723a7
92931ceb6a0ad1c9b3e8fc6f335b9dfd6f0c7c8ee36f089bb10241c142a78faa
93854156369ac26c93cb9cb6d7b78cb087e4c0727c27c18086ec516212c65822
93b821d22cb2ce70cd11d8303fb7b2bd1ae0823baec282a8ae08e21550632594
94612244705355e1924213a1f6e001e0d06656dca057d82ee3b7f1ba0e5e18f2
97fe5992208187911c3daff7fe8556ee254ca0a340ab9af0e3ba04ce7e40e2e3
990fda61c1303a87f6317b47fef824552d611209f0537bd4faaa9648d3de1363
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9db6b287d26113420992948384e1452ac263c8fbe1e0ce55d177b4fc5e05e301
a0645960ade152760a6cefc0b03736a9565c09a46c94b2dd39e54da585bde30d
a08a772c49fef577fd5e0a37663d6d010473be40763496bedb29cf77176bc7b8
a30bbe277414c9c710df300faa5b44d99e72377cd55476ad6562ac124d678536
a720a090101e698013011a9d951fa992ca6d948356759db34ed04f4695d6896c
a9885038c50d2ae4af29f5089c02051b3c87caccc4d8e42b4fe56208c16478ce
ab027534ceb362f1414e210763531bbe768a19c9533a117c0d0f5f41878511d4
ab3f245ea1ff84ac1a4ee97d2bf88b1e56ec56f5dad70c1b73a105f2101c45a4
af8a20e6bd6c6de708d7aeffdd3afab1a47a00f91b53618d246cdb73410f147c
b05c21426d9a2999f3f7b48d494bc6dba7b4fba240d3eae1047c99116c075232
b16f119714d9dbe39af89d26b0545d10cfc34751216fded19ff68b2c5078a48b
b289dad9bc85f77885699d2e459240f314ecefb32d6f0dd5ae13afcabb03ca74
b46e0f428fdce40677abe43f33575023b1b2d87cc3285138bb06b253313a7665
baa1f0b24ae1516253650d1a3458b627463fcc70a01c86a15bafaa1a4c7c7045
bc35dc82205b91e84ff7eb9d74d8fc04412b4246d9edcbe7e8c4b43a954be541
c1b07ba41970108f5bf4ceb68230b11abe4028beedd8134b7e9c9a9e0010eb98
c4a8599757555a03484a229716b862a12de6a1c097f6264f2a0be56ebad2e2e4
c5730d19f43f160faa47af29f7e1dc2bafc393be75aa71d21dc93c775a1833c0
c59b6b334d766ce34f1080f280e426fce7b0c31e98b95594cc2947bb7997ed75
c78289995801c3d4ec2f1f7b456df9fe89414c385e344b4426b32ec3fcd842ab
c799ec87fb8a6e52bd93a883abdc71eef0dec77d2365ce4c2f46178a3e0909fd
ca1b758f7a51e35fd5b191618de7c923f075d6faecbbd82ea2f6c0b0907765f9
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
ccf3c4413cd84668a268612e463fdfd1ce9231a319a8c64d9b6240c8e3b2966c
d106f9ce97021e6ce9a05e593a70ec7e4956667eab83726c9eb1b473b709fb8e
d26516bbdbb417efc0b2f9d1af071b402e6057353e8a8ac6b972298a6d1dc545
d411775260d8563a58272ca5581260d0594ff8377e4820e885eac1ffcba4d858
d99dd4d581c7006eabeebac8e77dbeae96fbc430cfa28bfffa222f4348d17127
da6360a75aac69be7076b4a5a4a2d0bfbd3bc4a674bba2e7a9cb698035719159
dc0fb547c3465ce7d3f9c8c532278d9466fcfe4b1477bb346c031f2f5da2fd88
dcdb22c649de0d33d65a202d01640250834ba056731b1379abf74e0235497667
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
ddb2daebb6efd8ffcf0340d8c52dcfbe2e716235c98ddc6ec92e8353f49397a9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfedea6b2e0237cfc559e282854a9ec1afe30dfb45e492447b134d6be359f275
e4c4c36d32676fdcda91de06b26d7dc8d66b03e198c0391a80ac8bd8df2b3431
e7c9610ec0d923171ec822d71c9b605456b690320a72f4546af38aedf87737a7
e8a680ead09d80d74ea14470a6308e2dcec48b7308baa6a914417a2af5b687a3
e9f1723d153401796dcde6f2d1fbf9a6e2181ac7e94049fc88126fbff1abd38d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31746cbb75773acc9358471805e24d2f80184a9686f2e4dfbf57530c3a583c0
f5ac9ecf677f9a456c8faf304f9cd9a6deb61b2f7cad70bac84c63428bc7dbe3
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f79a8aa00d3bd94f428463ac9c44896172d23e0f0f6d6fe4f05f1c9b593e702c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f86e08b2390d477db93fb1f6549ef75530790c121d24a531a6acb0c0b811fceb
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
fc408eac229b6c8af6e076c9cc316208606bdf78e2b981d2215c1c050dbead5e
fc9e879da81f1bfe42bfefa7bd82064132ba23b00992a870eb9021d725cdbe6c
ff04dd81bb93731c0d1f8e7d384b370f26b93f4352980404fcdc4518e386bedd
ff310fb7f3399a67a4be790b014dfddb3b8e5178b2ca9fd93ee9a14543181e9f
ff825cd45eac63178665c8f0634486bd29a2c62a6069310334a1a02cde87bf63

appriver.com Open in urlscan Pro 199.30.234.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

162 Requests

100 %HTTPS

48 %IPv6

17 Domains

21 Subdomains

22 IPs

5 Countries

1316 kBTransfer

3772 kBSize

5 Cookies

10 Outgoing links

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

appriver.com Open in urlscan Pro
199.30.234.249 Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

100 %
HTTPS

48 %
IPv6

17
Domains

21
Subdomains

22
IPs

5
Countries

1316 kB
Transfer

3772 kB
Size

5
Cookies

162 HTTP transactions
6 data transactions