www.armorblox.com Open in urlscan Pro
2a05:d014:275:cb02:66df:50b:6e56:a6bf Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxe...
Effective URL:
https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fW...
Submission Tags: falconsandbox
Submission: On September 06 via api (September 6th 2022, 10:22:14 pm UTC) from US — Scanned from DE

Summary HTTP 219 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 38 IPs in 5 countries across 33 domains to perform 219 HTTP transactions. The main IP is 2a05:d014:275:cb02:66df:50b:6e56:a6bf, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.armorblox.com.
TLS certificate: Issued by R3 on July 20th 2022. Valid for: 3 months.

This is the only time www.armorblox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
66	2a05:d014:275... 2a05:d014:275:cb02:66df:50b:6e56:a6bf	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2600:9000:205... 2600:9000:2057:3600:f:71f1:7280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	23.205.237.4 23.205.237.4	16625 (AKAMAI-AS) (AKAMAI-AS)
5	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
62	143.204.215.12 143.204.215.12	16509 (AMAZON-02) (AMAZON-02)
1	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1 2	52.210.69.134 52.210.69.134	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	104.16.94.80 104.16.94.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.109 65.9.66.109	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
8	96.16.137.162 96.16.137.162	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	184.73.246.234 184.73.246.234	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6812:1ecd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.86.4.74 99.86.4.74	16509 (AMAZON-02) (AMAZON-02)
3 4	18.213.137.21 18.213.137.21	14618 (AMAZON-AES) (AMAZON-AES)
1	44.205.92.219 44.205.92.219	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.59.153.178 52.59.153.178	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.201.66 18.195.201.66	16509 (AMAZON-02) (AMAZON-02)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
2	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
219	38

1 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

em.armorblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2a05:d014:275:cb02:66df:50b:6e56:a6bf (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

www.armorblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:2057:3600:f:71f1:7280:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.armorblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.237.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-237-4.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 143.204.215.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-12.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

metadata-static-files.sfo2.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.69.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-69-134.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

176-xmj-030.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.94.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-sj27.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-109.fra56.r.cloudfront.net

api.storyblok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 96.16.137.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-162.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.73.246.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-246-234.compute-1.amazonaws.com

analytics.humanautomation.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1ecd (United States)

ASN13335 (CLOUDFLARENET, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-74.fra6.r.cloudfront.net

epsilon-cloudfront.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.213.137.21 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-137-21.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.205.92.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-92-219.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.153.178 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-153-178.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.201.66 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-201-66.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	armorblox.com em.armorblox.com www.armorblox.com assets.armorblox.com	6 MB
62	driftt.com js.driftt.com — Cisco Umbrella Rank: 13023	725 KB
8	6sc.co j.6sc.co — Cisco Umbrella Rank: 16308 c.6sc.co — Cisco Umbrella Rank: 23029 b.6sc.co — Cisco Umbrella Rank: 8700	13 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 14460 bootstrap.api.drift.com — Cisco Umbrella Rank: 15450	455 B
6	clickagy.com 3 redirects tags.clickagy.com — Cisco Umbrella Rank: 17107 aorta.clickagy.com — Cisco Umbrella Rank: 2942 hemsync.clickagy.com — Cisco Umbrella Rank: 14751	16 KB
6	marketo.com app-sj27.marketo.com — Cisco Umbrella Rank: 583850	144 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	61 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 1044 p.typekit.net — Cisco Umbrella Rank: 1273	138 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 894 www.linkedin.com — Cisco Umbrella Rank: 847 px4.ads.linkedin.com — Cisco Umbrella Rank: 6869	4 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 13573	33 KB
3	humanautomation.ai analytics.humanautomation.ai — Cisco Umbrella Rank: 846519	24 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3469	675 B
3	google.com www.google.com — Cisco Umbrella Rank: 19	675 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 stats.g.doubleclick.net — Cisco Umbrella Rank: 188	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	315 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 775 d.agkn.com — Cisco Umbrella Rank: 929	1 KB
2	6sense.com epsilon-cloudfront.6sense.com	577 B
2	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 908	521 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	54 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	111 KB
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 9132	1 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 6777	6 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 885	98 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 826	227 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 725	707 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 12847	2 KB
1	storyblok.com api.storyblok.com — Cisco Umbrella Rank: 114029	23 KB
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 18852	204 B
1	mktoresp.com 176-xmj-030.mktoresp.com	318 B
1	digitaloceanspaces.com metadata-static-files.sfo2.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 83880	6 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	16 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1614	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	80 KB
219	33

	Domain	Requested by
66	www.armorblox.com	em.armorblox.com www.armorblox.com cdn.bizible.com
62	js.driftt.com	em.armorblox.com js.driftt.com
16	assets.armorblox.com	www.armorblox.com
6	b.6sc.co	www.armorblox.com
6	app-sj27.marketo.com	www.armorblox.com app-sj27.marketo.com
5	www.google-analytics.com	www.googletagmanager.com www.armorblox.com
4	metrics.api.drift.com	js.driftt.com
4	aorta.clickagy.com	3 redirects cdn.bizible.com
4	cdn.bizible.com	www.googletagmanager.com www.armorblox.com cdn.bizible.com
4	use.typekit.net	www.armorblox.com use.typekit.net
3	analytics.humanautomation.ai	em.armorblox.com analytics.humanautomation.ai
3	www.google.de	www.armorblox.com
3	www.google.com	www.armorblox.com
2	bootstrap.api.drift.com	js.driftt.com
2	www.facebook.com	www.armorblox.com
2	epsilon-cloudfront.6sense.com	cdn.bizible.com
2	insight.adsrvr.org	www.armorblox.com
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	connect.facebook.net	em.armorblox.com connect.facebook.net
2	googleads.g.doubleclick.net	www.googleadservices.com
2	px.ads.linkedin.com	2 redirects
2	segment.prod.bidr.io	1 redirects www.armorblox.com
2	munchkin.marketo.net	em.armorblox.com munchkin.marketo.net
1	id.rlcdn.com	www.armorblox.com
1	stags.bluekai.com	www.armorblox.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	hemsync.clickagy.com	cdn.bizible.com
1	tags.clickagy.com	ws.zoominfo.com
1	c.6sc.co	cdn.bizible.com
1	secure.adnxs.com	cdn.bizible.com
1	ws.zoominfo.com	em.armorblox.com
1	j.6sc.co	em.armorblox.com
1	stats.g.doubleclick.net	cdn.bizible.com
1	api.storyblok.com	cdn.bizible.com
1	cdn.bizibly.com	www.armorblox.com
1	176-xmj-030.mktoresp.com	munchkin.marketo.net
1	px4.ads.linkedin.com	www.armorblox.com
1	www.linkedin.com	1 redirects
1	metadata-static-files.sfo2.cdn.digitaloceanspaces.com	em.armorblox.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	www.googletagmanager.com	www.armorblox.com
1	em.armorblox.com
219	45

This site contains links to these domains. Also see Links.

Domain
get.armorblox.com
docs.microsoft.com
www.youtube.com
www.linkedin.com
www.facebook.com
www.twitter.com

Subject Issuer	Validity	Valid
em.armorblox.com Cloudflare Inc ECC CA-3	`2021-12-07` - `2022-12-06`	a year	crt.sh
armorblox.com R3	`2022-07-20` - `2022-10-18`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
assets.armorblox.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-30` - `2023-07-31`	a year	crt.sh
drift.com Amazon	`2022-08-24` - `2023-09-21`	a year	crt.sh
*.sfo2.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-05-03`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
app-sj27.marketo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.storyblok.com Amazon	`2022-08-18` - `2023-09-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-16` - `2022-09-14`	3 months	crt.sh
analytics.humanautomation.ai Amazon	`2022-02-25` - `2023-03-26`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-13` - `2023-08-13`	a year	crt.sh
*.6sense.com Amazon	`2022-07-07` - `2023-08-05`	a year	crt.sh
*.clickagy.com Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Frame ID: 08BF90E19CCECC6348B06A526086C417
Requests: 151 HTTP requests in this frame

Frame: https://app-sj27.marketo.com/index.php/form/XDFrame
Frame ID: E3F0BDCAEEAE95922510949EA9BF0649
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 536BE54289F0C793BFAD709CE02BE370
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: 45A24B1E2B846AFE36C6A579E2EBDEF2
Requests: 32 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
Frame ID: 673367CC2E742949DEC218F28F1AED3C
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blox Tales #11: Netflix Credential Phishing

Page URL History Show full URLs

https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr... Page URL
https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Page Statistics

219
Requests

98 %
HTTPS

40 %
IPv6

33
Domains

45
Subdomains

38
IPs

5
Countries

7224 kB
Transfer

16354 kB
Size

40
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://get.armorblox.com/email-risk-assessment
Title: Free risk assessment

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/exchange-online-protection-overview?view=o365-worldwide
Title: Office 365 Exchange Online Protection

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCe1HUDYd6ZR4kwINgVWdRkA/featured

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/armorbloxinc/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/armorblox/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/armorblox

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas= Page URL
https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1

Request Chain 69

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1662502928920&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1814324%26time%3D1662502928920%26url%3Dhttps%253A%252F%252Fwww.armorblox.com%252Fblog%252Fblox-tales-netflix-credential-phishing%252F%253Fmkt_tok%253DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1662502928920&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1662502928920&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&liSync=true&e_ipv6=AQIz8NRhG91u0wAAAYMU5YRZ12EwjE_-T6xEPlr421l75BX-usWxl3oSNBRgogaryjNSah1_

Request Chain 134

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:4ffc4455c6ad2e9a32e193476f53978a&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
https://d.agkn.com/pixel/10751/?che=1662502930150&ip=185.213.155.168&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D217003104266004477537 HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=217003104266004477537 HTTP 302
https://stags.bluekai.com/site/51557?id=c:4ffc4455c6ad2e9a32e193476f53978a&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1

Request Chain 135

https://aorta.clickagy.com/liveramp_redir HTTP 302
https://id.rlcdn.com/711861.gif

219 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas=
em.armorblox.com/ 567 B
1 KB 624ms
453ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-OqCu8VxxjVWv5S5KT0VEk1Hu5ti8hAxZJJNK3KzIhKs=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 746a9a01bb106934-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-OqCu8VxxjVWv5S5KT0VEk1Hu5ti8hAxZJJNK3KzIhKs=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Tue, 06 Sep 2022 22:22:08 GMT
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
x-request-id: 9454479bc2a28157

GET
H2 200 Primary Request / Show response
www.armorblox.com/blog/blox-tales-netflix-credential-phishing/ 87 KB
22 KB 505ms
346ms Document
text/html 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e6789c3f84cf8ba2b48b19823374f0d9baca681c29b2480eb62565ec0cd34e73

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://em.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 22:22:08 GMT
etag: "79e6de1b41e2e4817c434ec606e64e26-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCAEAZW2C4021VCG8JDNVVAQ
x-xss-protection: 1; mode=block

GET
H2 200 jvs4ixc.css
use.typekit.net/ 3 KB
956 B 69ms
11ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jvs4ixc.css

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fb54ec2c7611cd695804c36982789e9595d5bd6bdfee1571e7918485eb82c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 06 Sep 2022 22:22:08 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 724

GET
H2 200 webpack-runtime-c9e2067823e5179dd01f.js Show response
www.armorblox.com/ 5 KB
2 KB 118ms
111ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/webpack-runtime-c9e2067823e5179dd01f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

b0e74f11cbda175479b1a9303c7fd4b5e88b73f1e5ee3dd6a9d353e7b00d0402

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07KHY4C6ETBY5661HT6
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "2233f12fcdc667d5f314874f5c6bb025-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 framework-c35e70fad454c434ae6b.js Show response
www.armorblox.com/ 127 KB
39 KB 118ms
112ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/framework-c35e70fad454c434ae6b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

daa698c8bbff0f8896f590e544f06c470d03af0dc6d7ecdec4b98e5f6580df5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07K3BP9W1VVW62P14T1
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "a8a6863aa2bfc86f87e9f673e9b6f860-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 40272
x-xss-protection: 1; mode=block

GET
H2 200 app-2759e81c69034ed02618.js Show response
www.armorblox.com/ 60 KB
18 KB 125ms
119ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/app-2759e81c69034ed02618.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

cb17ab922f4d5724f0a90ff0115610a966674e21428fa20b089f496a21cdf71d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07MJ4C64BBK8QDDX4G9
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "03b92a58bce8cd2566ab17b51cdad94a-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 17962
x-xss-protection: 1; mode=block

GET
H2 200 styles-e9d24b1846c7d6eb9685.js Show response
www.armorblox.com/ 117 B
203 B 126ms
119ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/styles-e9d24b1846c7d6eb9685.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

dba17f1b29b3b3637d709f951023ea1655b08c6b4f40fd612c5e927ba72829fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07MEMJM82D20JTZ99GV
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 0
etag: "4e47c94435c6f8cd7757b3c4c1c8a2f0-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
accept-ranges: bytes
content-length: 117
x-xss-protection: 1; mode=block

GET
H2 200 252f366e-878adcd77ff7fad27068.js Show response
www.armorblox.com/ 877 B
965 B 133ms
127ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/252f366e-878adcd77ff7fad27068.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

89bedf9a0b818f5271c43462a30b5574c4dc36f2c79838902d03f005be824c0d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07NXKD1AN4GJ7KYKD7C
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 0
etag: "21d00b364ad7be16fc01c26b9ad7b804-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
accept-ranges: bytes
content-length: 877
x-xss-protection: 1; mode=block

GET
H2 200 78e521c3-38c3d291d904954b5308.js Show response
www.armorblox.com/ 621 B
707 B 126ms
120ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/78e521c3-38c3d291d904954b5308.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e4a3280211b5fd200c4d4d043763886820517771353f9fef82a88c52ab5855a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07NB5WSABPD4G0PS230
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 0
etag: "68a21c67246d61f0b61b7ce94fc6b5c6-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
accept-ranges: bytes
content-length: 621
x-xss-protection: 1; mode=block

GET
H2 200 1bfc9850-747a3e29b4cec7049a2c.js Show response
www.armorblox.com/ 2 KB
1 KB 246ms
240ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/1bfc9850-747a3e29b4cec7049a2c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

6a8f5d3db22e41774d495f5590e386c65e45ee9d6e3019ade87e5a5f9eadf5b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07NYZV88NRXN6B9W16V
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "a039afcfeab1db594d24bf2f01be8170-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1169
x-xss-protection: 1; mode=block

GET
H2 200 ae51ba48-e6ed8a47419732d3a4f8.js Show response
www.armorblox.com/ 607 B
694 B 223ms
218ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/ae51ba48-e6ed8a47419732d3a4f8.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

9ab17804e34a235e778a2fcad45aac8737900071ecc51aeb9b944942faddb8a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07N6DQWC96KS85P5JPC
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 0
etag: "fffd344963cd70e183859062aae6db03-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
accept-ranges: bytes
content-length: 607
x-xss-protection: 1; mode=block

GET
H2 200 3d360dac-197c1f96ffca55a9d033.js Show response
www.armorblox.com/ 345 KB
89 KB 126ms
121ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/3d360dac-197c1f96ffca55a9d033.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e416bac21f51ef7a9aa172a4c2f761846cb36fe6ae55b6439a6db80b3ff548ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07N0TT823HNVNNW08CB
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "31ad224a3d00395901ff5cfee45111b8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 91426
x-xss-protection: 1; mode=block

GET
H2 200 629e4ffc-1c5d96352745684bfb96.js Show response
www.armorblox.com/ 606 KB
296 KB 133ms
128ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/629e4ffc-1c5d96352745684bfb96.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e833fbc02878a06d85aa9e8378e939c676f085fbe2d7d385c85450538bfcbc92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07NHXM21NSZ56A69NKJ
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "c8bd496380c82e13d91c6a87324575f2-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 303021
x-xss-protection: 1; mode=block

GET
H2 200 31664189-21a22dc27022fc7662f7.js Show response
www.armorblox.com/ 2 KB
1 KB 329ms
324ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/31664189-21a22dc27022fc7662f7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

03f8a6e311621073ef87440db078abf904e8b830e51fa2a39188ce5915531e68

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07T378WC79DQACZ9PDX
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "951383096c4a29a407644a61a815a06f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1138
x-xss-protection: 1; mode=block

GET
H2 200 05bddfcc-cef3482026f07fef8c7f.js Show response
www.armorblox.com/ 217 B
304 B 135ms
129ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/05bddfcc-cef3482026f07fef8c7f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

b726950d58a01f4ff987fc29a610f871b1055f749185e626a4b1916f968f1bb5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07TTFY3VY26KX1ZTJ7M
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 0
etag: "b1c7638ce050c9deddafb22cf07edca9-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
accept-ranges: bytes
content-length: 217
x-xss-protection: 1; mode=block

GET
H2 200 a4c92b5b-570fdb38251a4efdf646.js Show response
www.armorblox.com/ 132 KB
31 KB 267ms
262ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/a4c92b5b-570fdb38251a4efdf646.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

5e206d921645cdd77ae1c4fb411bf3d04032d350cddadeb6888dd566ae1d5095

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07T60GR32VQ69PJE3S6
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "eb3f2f9c23f2fae56714fbab50feea47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 32085
x-xss-protection: 1; mode=block

GET
H2 200 d64684d8-61b9f5b8dac28b8c654b.js Show response
www.armorblox.com/ 505 B
592 B 347ms
342ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/d64684d8-61b9f5b8dac28b8c654b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

eaf1df68503e4437806bb51d28eefe54beeebdf13684a25f2d6a9a86ee96dc32

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07V81J7DC53HJ9Q03H2
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 0
etag: "ffb7342c734dd147905c2ee3e46ece4c-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
accept-ranges: bytes
content-length: 505
x-xss-protection: 1; mode=block

GET
H2 200 e8975190-80cdbb1cdf9a33e66010.js Show response
www.armorblox.com/ 168 KB
18 KB 160ms
155ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/e8975190-80cdbb1cdf9a33e66010.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a58dbc67f90f6006af9638b454c3cc2d65cc7125947095587ea7c4b372b11aeb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07T6DCSKH5TTY0Y9SNW
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "44a5ffba18976b48dd60af6be975146c-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18256
x-xss-protection: 1; mode=block

GET
H2 200 commons-14d81e1dbffecad90341.js Show response
www.armorblox.com/ 186 KB
61 KB 246ms
242ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/commons-14d81e1dbffecad90341.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

6d0decb208aacc8efe0fe00dc6abc7f7757cbc322c67b3502405372f7c76f454

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07T75GQ003PVYBPYWX9
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "2bf65f9dc2d9bfc16c61a5fb0810f039-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 cb2850d0e5c937a7e805dcf7085da3aca12fa612-8918755f8b8a53560ee4.js Show response
www.armorblox.com/ 1 MB
369 KB 251ms
247ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/cb2850d0e5c937a7e805dcf7085da3aca12fa612-8918755f8b8a53560ee4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

cd17c503ff52240716f40375536f8b03e2c8cb29ac5db8dabd6097ffd04821b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07V3PPEGRQPCMQF44V4
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "7d86f5b12eeedf04b7785e9584c28b54-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js Show response
www.armorblox.com/ 1 KB
674 B 168ms
164ms Script
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

9a955a830fe4c3916de9ff562a0b8b315e40a862dadd9e456b3266ebb1131497

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07TE1BF0ZM6TPTXDEPS
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "2d0811591db3318cce645b6711f1a16e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 584
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/blog/blox-tales-netflix-credential-phishing/ 29 KB
8 KB 323ms
319ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/blox-tales-netflix-credential-phishing/page-data.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

faf4b0ce76a2c2f770d1bbe0d58ec28708372f389199ae21171904aa123802fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07V58MYACV94EZTM82Q
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "36f8c8b4f831f346317631608b011912-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 1199463856.json
www.armorblox.com/page-data/sq/d/ 2 MB
393 KB 330ms
325ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/1199463856.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

da6baf66efe6b0bb10d5d61ce8ada7cb407b08176adbdbc83fc2c24603a335b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07V8KET9NA3P0898NEE
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "3c3214d77bf54faee71fcd4d72c434da-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 401629
x-xss-protection: 1; mode=block

GET
H2 200 1347410642.json
www.armorblox.com/page-data/sq/d/ 34 KB
6 KB 292ms
288ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/1347410642.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

5ae51715f171353bce36ceb68d3a42a1fd3b482f90f1bb8015e96249703a3d0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07VGBRWKGTA80VS1Y21
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "fcabbf05a46efe2962809341d5b88b37-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5954
x-xss-protection: 1; mode=block

GET
H2 200 1764408108.json
www.armorblox.com/page-data/sq/d/ 148 KB
36 KB 223ms
219ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/1764408108.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

b3d5b4be6e7a2889c7f7b173472375ce3b2da6033948af5a4484bb7530f06552

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07TVFYN763B6W64T10Z
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "c45e2dde85c36b6ef33ae9ed7634b313-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 36567
x-xss-protection: 1; mode=block

GET
H2 200 1832314599.json
www.armorblox.com/page-data/sq/d/ 149 KB
36 KB 234ms
230ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/1832314599.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

1d974f1e1e970e41c63cb0e33398d884db88acac2ba98ec8b9a8df204fd310fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07VSGWR4ENBABKM6DQ9
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "47e9bdd8f6d48a971190f3f8b959ab3c-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 36675
x-xss-protection: 1; mode=block

GET
H2 200 2204046486.json
www.armorblox.com/page-data/sq/d/ 43 B
130 B 245ms
242ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/2204046486.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

4dbd2d6a9d8933cdd26df1809257010c691bdedc772dd8287e26cdd8963ccbca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07THTT3FCHSSXEZMHBN
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 0
etag: "7a24ccbfda83f0e7500f61ee8c02de4a-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
accept-ranges: bytes
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 2493646278.json
www.armorblox.com/page-data/sq/d/ 422 B
509 B 272ms
269ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/2493646278.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

2bc74d8ac684c2c07dc2c4c8d3df18d6f350631954a49fb342eac5aa13dda267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07VNAMT9FQMK5NJ9VDH
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 0
etag: "abaa6108b4739bc00b6bc939a40bb9b7-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
accept-ranges: bytes
content-length: 422
x-xss-protection: 1; mode=block

GET
H2 200 2732447379.json
www.armorblox.com/page-data/sq/d/ 63 KB
17 KB 166ms
162ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/2732447379.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

dec242252fc47bcb570398d348fb210a95b8d6bb35212b95fe6025bdd4cc0753

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07VY5M6TF4C1GDCSS1P
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "99da3cbbebd511508ce72262976ccf74-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 17693
x-xss-protection: 1; mode=block

GET
H2 200 2932681485.json
www.armorblox.com/page-data/sq/d/ 70 B
167 B 137ms
134ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/2932681485.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

78df6e891c6153241987a2beb3ae39271274a094c36de4922cdc69a23b4811b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07VB6M829H97Q2Z1892
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 0
etag: "3cecab4f00ff69d710bf2664e4e24ff4-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
accept-ranges: bytes
content-length: 70
x-xss-protection: 1; mode=block

GET
H2 200 3040308473.json
www.armorblox.com/page-data/sq/d/ 2 MB
385 KB 224ms
221ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3040308473.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a3fe3e3fa4d472012211a457c748c8e0d9428b9515990f3b02e487e0355ae9f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07TS04KP3MB89C8QTFP
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "981a80799de52973310a835871087784-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 394098
x-xss-protection: 1; mode=block

GET
H2 200 3323934922.json
www.armorblox.com/page-data/sq/d/ 590 B
678 B 345ms
342ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3323934922.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a88cd5d2766532b8d722540581011ad2fe22441f7ec0db584d86dea3787f2fa9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07V1WXA7TJ5WXT9CC1D
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 0
etag: "3962cda75141ac7d71585dd135b5f385-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
accept-ranges: bytes
content-length: 590
x-xss-protection: 1; mode=block

GET
H2 200 3447689480.json
www.armorblox.com/page-data/sq/d/ 3 KB
654 B 236ms
233ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3447689480.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

44c9f5c2ef482cd0f04a211388a69a200e332f270d5dde8e34dcad6f7c537ac5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07VEY4TA4VR9W7CQK74
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "2dafc41d540b3b057e18c609e6243834-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 565
x-xss-protection: 1; mode=block

GET
H2 200 3475154746.json
www.armorblox.com/page-data/sq/d/ 40 KB
7 KB 272ms
270ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3475154746.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

1408a58e72cc108539e01e626e09a19297144341502dedebd8e18303b81d630a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07V9V47RA0AFC566C2M
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "dedb9fa2517ce825fcd75ee12ee88805-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 6921
x-xss-protection: 1; mode=block

GET
H2 200 3627728446.json
www.armorblox.com/page-data/sq/d/ 31 KB
5 KB 223ms
221ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3627728446.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

92077f7154fedc3384240177f2926bf3a2d035d45302cd8972f290ff657bca0e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07VYEM1VDR9BE6XQ7Y6
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "8987c52e261eb21b8369fc09927fb637-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5289
x-xss-protection: 1; mode=block

GET
H2 200 4183231755.json
www.armorblox.com/page-data/sq/d/ 2 MB
384 KB 233ms
231ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/4183231755.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

1ce5dc4d7098d860c1e272401aff9bcf207a0827f049037fe5b0a8f8e712a277

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07VCX0NY7BAW459CK44
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "296d91181dc58e463bafe4b73b100519-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 392858
x-xss-protection: 1; mode=block

GET
H2 200 app-data.json
www.armorblox.com/page-data/ 50 B
136 B 136ms
134ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/app-data.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

745b1d42a7824f889c4e4b453e2e76802c64753d29747d484b079c76f6868f6d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB07V3GCQGJTA68E90SAR
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 0
etag: "667f947378aec71ed9052d06341df726-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
accept-ranges: bytes
content-length: 50
x-xss-protection: 1; mode=block

GET
H2 200 netflix-credential-phishing-thumbnail.png
assets.armorblox.com/f/52352/960x540/e0bf661e4a/ 14 KB
14 KB 544ms
483ms Image
image/png 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/960x540/e0bf661e4a/netflix-credential-phishing-thumbnail.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae67e45cd6461f3b5066ec7092c7b75d782741091fe7d7a852f09090a41bb470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jul 2020 00:46:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "8dcae63f6b2ce11aab0826f4d2c7b5b1"
x-cache: Miss from cloudfront
x-amz-version-id: .vOlEhmLX3cqBdKZiYKFNJ7u.yfR8MJ1
cache-control: public; max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 14061
x-amz-cf-id: ferSR8YeDmKkGO427Q1FBVXEhUTqrW9Gd5LBcZw0O2pfcoLN_kfd7Q==
expires: Wed, 21 Jul 2021 00:46:35 GMT

GET
H2 200 netflix-credential-phishing-attack-flow.png
assets.armorblox.com/f/52352/1268x714/6b240e7a2c/ 614 KB
616 KB 550ms
489ms Image
image/png 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/1268x714/6b240e7a2c/netflix-credential-phishing-attack-flow.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08f2c07d0512cf4fded20fafb75e78d1ec3f9f40b739c1c04a72f18566c762a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jul 2020 17:10:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "7f881f9c345e5f6bda3d2df2cab07d98"
x-cache: Miss from cloudfront
x-amz-version-id: N3LBHMPyBQ45gXSgeMaivGJxGHx5MYyn
cache-control: public; max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 629164
x-amz-cf-id: C5wPmO1Gomt4KpZjF7WwpL-wFZrapQADkLfMtM_E1LCgl6qxy1Z7VQ==
expires: Wed, 21 Jul 2021 17:10:36 GMT

GET
H2 200 netflix-phishing-email-body-final.png
assets.armorblox.com/f/52352/545x482/5f2f64ad57/ 59 KB
59 KB 528ms
467ms Image
image/png 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/545x482/5f2f64ad57/netflix-phishing-email-body-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 792506c76d7f282c24ae785c306e1027e4238d09ffdd2c33df7a6cbb5fe4e43b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jul 2020 17:12:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "1062ea047b3530f590943c24444d9a43"
x-cache: Miss from cloudfront
x-amz-version-id: apuSvUMscZh5xlJJoQqsKLKFj7IuaFVe
cache-control: public; max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 60055
x-amz-cf-id: v-LjS_h5dS7_466Tn49EUSZJpVut8baO2wzeWsvNzTUNwgPP0Q-Z1A==
expires: Wed, 21 Jul 2021 17:12:46 GMT

GET
H2 200 netflix-captcha-final.png
assets.armorblox.com/f/52352/529x384/bd43a21fb5/ 16 KB
17 KB 489ms
429ms Image
image/png 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/529x384/bd43a21fb5/netflix-captcha-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bcc8bb2f2e6001f7731f1b972e939012587a465345af843c6ab9a9c461aeb8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jul 2020 00:30:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "f2bda5ffcf60436a21cf705eb9307035"
x-cache: Miss from cloudfront
x-amz-version-id: y1qdSGVHKj7dI8cCfD9rWrqpcV03It0h
cache-control: public; max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 16669
x-amz-cf-id: 7vdYowlbbB6XSXLa5NAuvNbHOV6Ox0JOmi5nuTosV87k6JBSb-IjXA==
expires: Wed, 21 Jul 2021 00:30:13 GMT

GET
H2 200 whf-netflix-final.png
assets.armorblox.com/f/52352/652x386/c54ef09c4a/ 271 KB
272 KB 509ms
448ms Image
image/png 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/652x386/c54ef09c4a/whf-netflix-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eefeea093168e2e7c715358344b72d9aaf8815d2deb320dcaa934e4d51eb147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: Rz_dbCl_tOV6lHxc91krFoUvDbgnHOV9
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
etag: "b38d57f5d5f89e267d65acf88c7b5756"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 277779
last-modified: Tue, 21 Jul 2020 00:31:53 GMT
server: AmazonS3
date: Tue, 06 Sep 2022 22:22:10 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 3Xe3RV6kv9o1rHjqpY1wzKI-8kwTrR6kmsZSrPcEH9G9i5kGgkMLJw==
expires: Wed, 21 Jul 2021 00:31:52 GMT

GET
H2 200 netflix-whois-record-final.png
assets.armorblox.com/f/52352/788x285/980a1d052e/ 118 KB
119 KB 526ms
466ms Image
image/png 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/788x285/980a1d052e/netflix-whois-record-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 672eff660abe4418afe333b3314d7145f844762d61b7b2b340f99c71775d7dfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jul 2020 00:32:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "d4f343a124ac5ae993e8e8de4400be16"
x-cache: Miss from cloudfront
x-amz-version-id: 9uc3a_H6HiOlHiMt25FkuqoCV2I.EItW
cache-control: public; max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 121252
x-amz-cf-id: RXT5er4Z3jLxuY3w4ckugWLIwMAe8GjTUsDQRhgfH20VIqW8nGxmJA==
expires: Wed, 21 Jul 2021 00:32:48 GMT

GET
H2 200 netflix-login-page-final.png
assets.armorblox.com/f/52352/897x571/c0ad2de7a6/ 754 KB
756 KB 469ms
468ms Image
image/png 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/897x571/c0ad2de7a6/netflix-login-page-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc6475a76eaa61e6c169cfb7bc233e617fb7322904a194355fcbd7e34e61f41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jul 2020 00:34:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "7dca10e7ab25a2af58236bb2dfa07ed5"
x-cache: Miss from cloudfront
x-amz-version-id: pdYFfaE5C0swNock1MTONhOZDqg0nPoF
cache-control: public; max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 772088
x-amz-cf-id: fgxUGN7Ewku5UlXKHMj9lCN-EZOBHyPOEZ0oIluXViTP-py2cG-alw==
expires: Wed, 21 Jul 2021 00:34:11 GMT

GET
H2 200 netflix-billing-address-final.png
assets.armorblox.com/f/52352/712x571/1cc07c523f/ 597 KB
598 KB 452ms
452ms Image
image/png 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/712x571/1cc07c523f/netflix-billing-address-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c103627751ca38778b802e130cfa523aa0fb47552fada36f9cafca65dc8bf7e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jul 2020 00:35:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "ce9df454bfb392c214af5eea697c23e3"
x-cache: Miss from cloudfront
x-amz-version-id: MBHkMX85oXVIAIbCtsBCqexfhObTnqga
cache-control: public; max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 611556
x-amz-cf-id: A09ymJpBaYNkLEw0pfAT-VQJkgieelc_FC-fb2Ag-me3QWMUV8G_Lg==
expires: Wed, 21 Jul 2021 00:35:05 GMT

GET
H2 200 netflix-payment-page-final.png
assets.armorblox.com/f/52352/724x571/572b19b667/ 629 KB
630 KB 463ms
463ms Image
image/png 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/724x571/572b19b667/netflix-payment-page-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a808a0d38265362afe28171f6ea9eafcd29fe350d2fe54418ca4b9f593707d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jul 2020 00:35:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "b03879bb786edf619e3d2e29669ce9bd"
x-cache: Miss from cloudfront
x-amz-version-id: n_VELHOt79bd3wBynyxWjDdRZKcrdDuD
cache-control: public; max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 643885
x-amz-cf-id: d76rkXlpi2EuXFupFfvBjmlhpzJa1zhhLN_YIa7cTm807DqP90kpoA==
expires: Wed, 21 Jul 2021 00:35:36 GMT

GET
H2 200 netflix-email-header-final.png
assets.armorblox.com/f/52352/1254x304/fec1a461f7/ 66 KB
66 KB 426ms
426ms Image
image/png 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/1254x304/fec1a461f7/netflix-email-header-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e079894f0fbf15f3eaa5d999e208a2604f5ea85e7e3790013b1e990e01dcf0dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jul 2020 00:37:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "9888c591dc6602beefc051dc460d1f52"
x-cache: Miss from cloudfront
x-amz-version-id: jbRGS7ZU.D8H2ZJ3rjQDOgFnCbGCgpqU
cache-control: public; max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 67299
x-amz-cf-id: p5SuXdodCoM1F1nJ6OcAfWPl5MKr8aTz6jxYayaWo5S97kNEfSp4eA==
expires: Wed, 21 Jul 2021 00:37:31 GMT

GET
H2 200 youtube.svg
assets.armorblox.com/f/52352/x/7453252d4c/ 704 B
1 KB 418ms
418ms Image
image/svg+xml 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/x/7453252d4c/youtube.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b6f9abbe03119dc36e88acddcb8e50d8522352723c5fd5f1e6c0c3426b4ff5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: lbRkzmHrb2xeGv_ziOr8RkpI_LZPvXwB
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
etag: "657583ff2e768183a5fb64fb0b9e7d2f"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 704
last-modified: Thu, 24 Jun 2021 18:08:06 GMT
server: AmazonS3
date: Tue, 06 Sep 2022 22:22:10 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ialjb8sdWWQCPtA_skDbnvJj91jl7ft9ZiGdEPnH8z2f0V_DBApcwA==
expires: Fri, 24 Jun 2022 18:08:05 GMT

GET
H2 200 linkedin.svg
assets.armorblox.com/f/52352/x/155bd1c707/ 812 B
1 KB 399ms
398ms Image
image/svg+xml 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/x/155bd1c707/linkedin.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b75d669453c5377eebafda19b9ae0b4583853a06a5ba817fad8174adacf7fe69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: XsESDOX82cYk.RLqQtoILFecu6jiFmP.
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
etag: "21ef1437b68ac009fef5345d7e32ab29"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 812
last-modified: Thu, 24 Jun 2021 18:07:38 GMT
server: AmazonS3
date: Tue, 06 Sep 2022 22:22:10 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: EXjreKkh5Ir-e1MdmI6zrs89dnJhArs_JKrJ6DsNMzniyJFvJs9-cw==
expires: Fri, 24 Jun 2022 18:07:37 GMT

GET
H2 200 facebook.svg
assets.armorblox.com/f/52352/x/64fd04f4ec/ 534 B
1006 B 418ms
417ms Image
image/svg+xml 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/x/64fd04f4ec/facebook.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 132e0a9dd6275c5353db596f5fec132a5120ff9ad39ab3d27eb4e7ad2b7f9a26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: qiC.VGaumdHq7VFjbEBar5PwE9WXg5jm
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
etag: "49954fbdf18ba81327981eab1758dc55"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 534
last-modified: Tue, 29 Jun 2021 00:30:31 GMT
server: AmazonS3
date: Tue, 06 Sep 2022 22:22:10 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Xurcksl6XRHdDBhTWUr_4DYMDHhsgb2Uz5Al3QSuNCb2-aEj0ACAug==
expires: Wed, 29 Jun 2022 00:30:30 GMT

GET
H2 200 twitter.svg
assets.armorblox.com/f/52352/x/e0446ad765/ 963 B
1 KB 417ms
416ms Image
image/svg+xml 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/x/e0446ad765/twitter.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7001ada63b35c370c5c207ef8c85d0ae5bd79c826599f1d2bc36de67a6531ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: NfDoMuB.euKHPI_VkVpl9j.6PBlb08gC
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
etag: "a289a62d76fd458b5967482c532773c9"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 963
last-modified: Thu, 24 Jun 2021 17:59:33 GMT
server: AmazonS3
date: Tue, 06 Sep 2022 22:22:10 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: urNCZhi8rrXZEFCHIQtwAuwjzYWax9sJv0ZVUVbho-rhLbOc10amVQ==
expires: Fri, 24 Jun 2022 17:59:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
80 KB 145ms
60ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c8f7baebc0c5e938fb7db6f78d117f087fddbcb2953ef9d58fa13b92110bd53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81385
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 21:08:49 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Sep 2022 22:22:08 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04f9098825e7c5644552ed96fd1e01bba9bd0c074784d085108ffcc889c06f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 341 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5571f1943dcc57dfed00e9e8c9bcd1588d1b9eccceb9c9472219167cdad0e933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47d0606aac29b8e5df0845350e3fec479cc51387efb7fef9b3c7bb181b8c7a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 57ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=jvs4ixc&ht=tk&f=17001.17005.22622.22658&a=85898256&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 06 Sep 2022 22:22:08 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/3ec29d/00000000000000007735a1b1/30/ 46 KB
47 KB 40ms
6ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3ec29d/00000000000000007735a1b1/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 276ce26603da0a4bf9d16f692e149734aa6a26eb4e56885938cd8c5582c6d423

Request headers

Referer: https://use.typekit.net/jvs4ixc.css
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:08 GMT
server: nginx
etag: "3a10c5262b240475e5bca5e7da48ec50b8a32efc"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47364

GET
H2 200 l
use.typekit.net/af/5d2da8/00000000000000007735a1ac/30/ 48 KB
48 KB 36ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d2da8/00000000000000007735a1ac/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3cb45867ace25baa1d6bcd56d05739fa8733cbadd9959fb33c2c038037a8742d

Request headers

Referer: https://use.typekit.net/jvs4ixc.css
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:08 GMT
server: nginx
etag: "c8259a14b519552d38e884fd3c99e38df688eca8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48668

GET
H2 200 l
use.typekit.net/af/d9e6fa/00000000000000007735a1c3/30/ 43 KB
43 KB 32ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d9e6fa/00000000000000007735a1c3/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d3629679a7b8c5d0d6af84a5aca6ef0e8fb7f966b39c6a64cd584dbeef2ca5ce

Request headers

Referer: https://use.typekit.net/jvs4ixc.css
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:08 GMT
server: nginx
etag: "deedb6e32ad5c2c4c06c04c78a4e7af1ce7e86a4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43648

GET
H2 200 logo_color.svg
assets.armorblox.com/f/52352/775x159/8fa6246e47/ 5 KB
2 KB 393ms
392ms Image
image/svg+xml 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/775x159/8fa6246e47/logo_color.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0b8a9530fe420d782e19330e0f0efa1063be86f3ddb516908afcd3ae653ac5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: mz7FuZyYU2Vi0U2XIKm7_i5TkImigldk
content-encoding: gzip
last-modified: Tue, 22 Jan 2019 17:30:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"bd9097047e005ccf1fd3c513042585c6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public; max-age=31536000
date: Tue, 06 Sep 2022 22:22:10 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-id: -kMtusB3I988gIIrqQ2w5TYjefP_yN83K5Rm-NKS-aSY79lCX_9-yw==
expires: Wed, 22 Jan 2020 17:30:47 GMT

GET
H2 200 abhishek-photo.jpg
assets.armorblox.com/f/52352/720x960/f3b816ebbc/ 79 KB
80 KB 444ms
444ms Image
image/jpeg 2600:9000:2057:3600:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/720x960/f3b816ebbc/abhishek-photo.jpg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3600:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc1365163acf680a1f6034ea4ffb60b748a7a71ebee3d911989771b4962486d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Wed, 05 Feb 2020 00:27:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "0525b55370c4b740b0923fbab23957db"
x-cache: Miss from cloudfront
x-amz-version-id: Qe8uGuGaixjXrZwpkfil0TFqIk07FO1j
cache-control: public; max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 81210
x-amz-cf-id: 41f1GO0tiZTko9wTvfHEiJTKm0WR-0mrTXSatP9hd7WZ6fwb3e-99w==
expires: Thu, 04 Feb 2021 00:26:59 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 37ms
8ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:08 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=41224
accept-ranges: bytes
content-length: 3063

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 103 KB
41 KB 144ms
52ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-P34TZX3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61f370d8b0f37f7515730401a7f1043447899225ce45ff4e55f878696511f186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41152
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 21:08:49 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Sep 2022 22:22:08 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 135ms
44ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Sep 2022 22:22:08 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 31ms
8ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fe62ffc3dd7627c8b0d34b70fe45c7b14dd38c89c66cca13b2e4c71360e42e91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 22:22:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 21:55:11 GMT
Server: AkamaiNetStorage
ETag: "652cf747f68f64e15276c347eb3aef37:1661464511.126488"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 740

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 56ms
6ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:08 GMT
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 22:12:11 GMT
server: ECS (frb/67D4)
age: 4031
etag: "e9e19fb9cfb8d81:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32316

GET
H2 200 ikk2zzg7t3aw.js Show response
js.driftt.com/include/1662503100000/ 211 KB
60 KB 172ms
132ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1662503100000/ikk2zzg7t3aw.js

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

58fb907b1dae335e344d5701d74c333a4a4792f9c7a83789e02f02089d199168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 31 Aug 2022 18:23:54 GMT
server: nginx
etag: W/"bc71b7869279b01fc51fdc51af940b5e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U0sriocF4WN07Hm2ZGmHfXq6eJt2Gqm6
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E8gl9lpikFsp8FpVjSnzkQChuO-jwthose19vh5u9iAAmpzD-n6Ltw==

GET
H2 200 lp.js Show response
metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/ 6 KB
6 KB 79ms
30ms Script
application/x-javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:08 GMT
last-modified: Fri, 10 Dec 2021 19:19:18 GMT
x-amz-request-id: tx0000000000000865f9422-0063167a8b-3ade62ea-sfo2a
etag: "b407e44b8c40c183ae2c50df3bbcf151"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1662502928.dop125.am5.t,1662502928.cds313.am5.hn,1662502928.cds122.am5.c
content-type: application/x-javascript
cache-control: max-age=519419
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 5673

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1

43 B
793 B

32ms
32ms

Image
image/gif

52.210.69.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1

Requested by

Protocol

HTTP/1.1

Server

52.210.69.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-69-134.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 06 Sep 2022 22:22:09 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1
Date: Tue, 06 Sep 2022 22:22:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 15ms
15ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 22:22:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4677
Expires: Thu, 15 Dec 2022 22:22:08 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1662502928920&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGB...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1814324%26time%3D1662502928920%26url%3Dhttps%253A%252F%252Fwww.armorblox.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1662502928920&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGB...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1662502928920&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAG...

0
265 B

198ms
168ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1662502928920&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&liSync=true&e_ipv6=AQIz8NRhG91u0wAAAYMU5YRZ12EwjE_-T6xEPlr421l75BX-usWxl3oSNBRgogaryjNSah1_
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 854D4E1DBD3B4848969BE714871D09EC Ref B: FRAEDGE1510 Ref C: 2022-09-06T22:22:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXoCaCPr4Ls/nUuKn+2bw==
x-li-fabric: prod-ltx1

Redirect headers

date: Tue, 06 Sep 2022 22:22:08 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B8BBAC2FC4774710BC03A48AFFF57210 Ref B: FRAEDGE1506 Ref C: 2022-09-06T22:22:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1662502928920&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&liSync=true&e_ipv6=AQIz8NRhG91u0wAAAYMU5YRZ12EwjE_-T6xEPlr421l75BX-usWxl3oSNBRgogaryjNSah1_
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXoCaCM2V2a1c6deq6G9Q==

POST
H/1.1 200
OK visitWebPage
176-xmj-030.mktoresp.com/webevents/ 2 B
318 B 843ms
169ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://176-xmj-030.mktoresp.com/webevents/visitWebPage?_mchNc=1662502928938&_mchCn=&_mchId=176-XMJ-030&_mchTk=_mch-armorblox.com-1662502928937-88305&mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&_mchHo=www.armorblox.com&_mchPo=&_mchRu=%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fem.armorblox.com%2F&_mchQp=mkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 22:22:09 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 02aad75a-69c7-4491-b54d-7487a82ec8b3

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
328 B 8ms
7ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Fem.armorblox.com%2F&_biz_h=-1906410348&_biz_u=ddc7c1df9b80478bf9f19f68f457a7ae&_biz_s=5b7a98&_biz_l=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&_biz_t=1662502929003&_biz_i=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&_biz_n=0&rnd=580967&cdn_o=a&_biz_z=1662502929004
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
last-modified: Wed, 31 Aug 2022 14:12:01 GMT
server: ECS (frb/6760)
age: 547808
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
204 B 32ms
7ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=ddc7c1df9b80478bf9f19f68f457a7ae&_biz_s=5b7a98&_biz_l=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&_biz_t=1662502929005&_biz_i=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&rnd=720105&cdn_o=a&_biz_z=1662502929005
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
last-modified: Thu, 01 Sep 2022 23:58:26 GMT
server: ECS (frb/67C2)
age: 426223
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
526 B 116ms
116ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=ddc7c1df9b80478bf9f19f68f457a7ae&_biz_h=-1906410348&cdn_o=a&jsVer=4.22.08.11
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 2c889357a4fb8053f39e4bb64bceead692b515108466b99160120735d40946a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:08 GMT
content-encoding: gzip
server: ECS (frb/6711)
etag: 9A1CB786
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 218

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/ 3 KB
2 KB 175ms
90ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/?random=1662502929058&cv=9&fst=1662502929058&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&auid=177903264.1662502929&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

531b92c4a3853318bd939dfcbf763e0d9441e52a54b821f7b6040b4fb4a1c7f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1197
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4809
date: Tue, 06 Sep 2022 21:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 06 Sep 2022 23:02:00 GMT

GET
H2 200 u
cdn.bizible.com/m/ 43 B
121 B 7ms
7ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/u?mapType=mkto&mapValue=id%3A176-XMJ-030%26token%3A_mch-armorblox.com-1662502928937-88305&_biz_u=ddc7c1df9b80478bf9f19f68f457a7ae&_biz_s=5b7a98&_biz_l=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&_biz_t=1662502929006&_biz_i=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&_biz_n=1&rnd=863335&cdn_o=a&_biz_z=1662502929342
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
last-modified: Fri, 02 Sep 2022 00:00:25 GMT
server: ECS (frb/6776)
age: 426104
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 forms2.min.js Show response
app-sj27.marketo.com/js/forms2/js/ 208 KB
69 KB 283ms
27ms Script
application/x-javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/cb2850d0e5c937a7e805dcf7085da3aca12fa612-8918755f8b8a53560ee4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2022 04:27:49 GMT
server: cloudflare
age: 6666
etag: "1000584-33e56-5e7317402cd22"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 746a9a0e1c365c38-FRA
expires: Wed, 07 Sep 2022 02:22:09 GMT

GET
H2 200 stories Show response
api.storyblok.com/v1/cdn/ 67 KB
23 KB 38ms
10ms XHR
application/json 65.9.66.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.storyblok.com/v1/cdn/stories?token=Qd69ZOZO6sHj2uVQzEsu3gtt&by_uuids=c30cefe9-d11f-4511-9958-5e9a0879a791,623ef6b2-4f7f-4901-9a02-55f797403c9e,f673115e-dd13-4409-9ba6-bc1025704c0b,bb1bb925-f90d-4afd-9e42-ba46883b8ece,c65903fa-9042-472f-b942-6d8fd4c4c0e9,711ed5f7-c3b1-4e20-b751-184bc4811c8a

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-109.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

42a8f795eb7183f35ebfa83536ce0c6bac400c532157b6cd0551ab3952ade5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 02:18:27 GMT
total: 6
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 72222
x-cache: Hit from cloudfront
per-page: 25
content-encoding: gzip
vary: Accept-Encoding,Origin
x-xss-protection: 1; mode=block
x-request-id: db224da3-c87a-4361-92db-e1f602fba7af
x-runtime: 0.034247
access-control-allow-origin: https://www.armorblox.com
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"42a8f795eb7183f35ebfa83536ce0c6b"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=utf-8
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
access-control-expose-headers: Api-Version, Token, Total, Per-Page
cache-control: max-age=0, public, s-maxage=604800
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
link
x-amz-cf-id: 6toHlinmaep5wN3a_VbeIrfqO4YxrIpx8cjR4yjyHejuspGgen6F0w==

GET
H2 200 page-data.json
www.armorblox.com/page-data/blog/authors/abhishek-iyer/ 0
5 KB 117ms
116ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/authors/abhishek-iyer/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YNVYDWVYKSJKGAGCRX
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "4fc50f0f95e1948ef94205fe1b58c459-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/ 0
9 KB 230ms
229ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YNN2GSS5JYKJEZTY30
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "b37273e67e26037224c33cd386468613-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/industries/financial-services-email-security/ 0
11 KB 231ms
231ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/financial-services-email-security/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YNT41HQW1CCSEJRXR8
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "5a04213456ebd4004399694ac16f141b-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/data-loss-prevention/ 0
11 KB 216ms
215ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/data-loss-prevention/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YNH7GH1VBH90ZE92TG
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "c3e474c1a1e4c4176592f17693b9f7ad-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/industries/education-industry-email-security/ 0
11 KB 230ms
228ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/education-industry-email-security/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YPPT9QYH4T9Z7CCD19
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "e385c26b86a55da29547102c77396d06-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/email-account-compromise/ 0
11 KB 256ms
254ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/email-account-compromise/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YPSCHZM3Z8Z8Q3XSCG
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "29f80f8046afcb580dd5bc6326017691-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/google/ 0
9 KB 202ms
201ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/google/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YPBXRDCN4G6N4KN2J3
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "d801eb99fce69a068767fce0bdef3807-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/blog/ 0
5 KB 10ms
9ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YPHXRDSHSKS57GYVN6
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 5990
etag: "1fb4f31d4f336d4405441d13a63c333d-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 20:42:19 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5384
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/executive-impersonation/ 0
12 KB 235ms
234ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/executive-impersonation/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YQ297H5YXEB4KADXTD
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "e5f694dcdeb844dbeca44128b1edad0f-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/ 0
11 KB 247ms
246ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YQRX0NM845YDWMYEN8
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "7dcbc75b09100c0712b269f30b27a91c-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/business-email-compromise/ 0
11 KB 249ms
248ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/business-email-compromise/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YV1YCBHNR2ZTPDAY3F
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "74181ad0b35bdddf641b3182664ac8ef-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/microsoft/ 0
10 KB 207ms
206ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/microsoft/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YVRZ5E3PM3YR8ES1ZG
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "a572850c1984766f797ccba0b13ea8ad-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/customers/ 0
10 KB 119ms
119ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/customers/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YW78RM04JGATNP02Y2
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "55ff219d9dd1880cd1f229613b5bec06-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/industries/healthcare-email-security/ 0
11 KB 286ms
286ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/healthcare-email-security/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YW7HD6FVTX9NJ88QHX
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "a1cb1e0fe45b108612569d954fb48b19-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/index/ 0
10 KB 171ms
171ms Other
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/index/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0YV8GJY2Z9ND6T6SWYD
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "37d3ecfc0b9bfb92816d8aed9386b095-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9915
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-103936869-1&cid=1536746525.1662502929&jid=840094096&gjid=1925732274&_gid=1842630909.1662502929&_u=YGBAiEABRAAAAE~&z=1743954510

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 06 Sep 2022 22:22:09 GMT
content-type: text/plain
access-control-allow-origin: https://www.armorblox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=426283102&t=pageview&_s=1&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&dr=https%3A%2F%2Fem.armorblox.com%2F&ul=en-us&de=UTF-8&dt=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABR~&jid=840094096&gjid=1925732274&cid=1536746525.1662502929&tid=UA-103936869-1&_gid=1842630909.1662502929&gtm=2wg8v05DM95KB&z=1153584008

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:25:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3379
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/726574466/ 42 B
548 B 139ms
52ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/726574466/?random=1662502929058&cv=9&fst=1662501600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&async=1&fmt=3&is_vtc=1&random=2736347579&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/726574466/ 42 B
548 B 139ms
51ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/726574466/?random=1662502929058&cv=9&fst=1662501600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&async=1&fmt=3&is_vtc=1&random=2736347579&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/blog/ 19 KB
5 KB 13ms
13ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

c47885d909730a86362cf3a01eeeedaaf143ab5795d038ffe7c8f5c2481a2eb1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB0Z888389XMACSS72G2N
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 5990
etag: "1fb4f31d4f336d4405441d13a63c333d-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 20:42:19 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5384
x-xss-protection: 1; mode=block

GET
H2 200 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 45ms
12ms Script
application/javascript 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

eba72b1c1e3e44d5dabff914f59eb15876ae97cef296ddee4afe4821a54f2633

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Mar 2022 00:01:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "623bb4eb-7b41"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 9853
expires: Tue, 06 Sep 2022 22:22:09 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/ 3 KB
1 KB 211ms
130ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/?random=1662502929393&cv=9&fst=1662502929393&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&auid=177903264.1662502929&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fea6499767f3478ff2effc74c96178f6a602bda3f86257b2fd49772ab32b77bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1196
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 29ms
12ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26737
x-xss-protection: 0
pragma: public
x-fb-debug: Uac7+66FiPaWSo0cO2upKwuXKyl1NVfD1931YfdnZ0IbYbfkrCyZu8o3MirK5zkHGSXoLDWP+xTIQwSfc8aANA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ha-analytics.js Show response
analytics.humanautomation.ai/ 61 KB
20 KB 490ms
211ms Script
application/javascript 184.73.246.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.humanautomation.ai/ha-analytics.js
Requested by: Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.246.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-246-234.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: d3383dd19ed9aad4099c7b406339e82c23385d4d015eba91ec048bbdb8051f25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 02:05:24 GMT
server: nginx/1.20.0
etag: "f3dd-5e5d97b5e6100-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 20312

GET
H2 200 ha-analytics-form-tracking.min.js Show response
analytics.humanautomation.ai/ 10 KB
3 KB 385ms
107ms Script
application/javascript 184.73.246.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.humanautomation.ai/ha-analytics-form-tracking.min.js?v=1662502929395
Requested by: Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.246.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-246-234.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 376c16c0f5598f8c744c19291f060232fd0bfa3cd685e7bdbedb5bd1d5779c56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 02:05:24 GMT
server: nginx/1.20.0
etag: "2993-5e5d97b5e6100-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3273

GET
H2 200 4MreV1Ai7H5ui5ARpnnT Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 178ms
148ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/4MreV1Ai7H5ui5ARpnnT

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

09b1ebea3f3c5a5dbbb80550b44130fede081550ad8551bcc5565c96189951f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 746a9a0ced2d6925-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
via: 1.1 google

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 173ms
61ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb0d3c853b1ace6ba4878f1e6583a6db4f4b2760001381e52aeda1dc18a61fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 06 Sep 2022 22:22:09 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=426283102&t=pageview&_s=1&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&dr=https%3A%2F%2Fem.armorblox.com%2F&ul=en-us&de=UTF-8&dt=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABRAAAAE~&jid=&gjid=&cid=1536746525.1662502929&tid=UA-103936869-1&_gid=1842630909.1662502929&gtm=2wg8v05DM95KB&z=754038680

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:25:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3379
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 97ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=pzpbnk3&ct=0:cg0zq4c&fmt=3
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
260 B 40ms
39ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=pzpbnk3&ct=0:g19hf38&fmt=3
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js
www.armorblox.com/ 0
754 B 9ms
8ms Other
application/javascript 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB100P4HQDVG4XEVC0G5T
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 1
etag: "2d0811591db3318cce645b6711f1a16e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:08 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 584
x-xss-protection: 1; mode=block

GET
H3 200 212326003800453 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 145ms
135ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/212326003800453?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab5b53f9f458bac6646c9e4066f24da04cbffcf63c247ef370f2674c545598bc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: c0bafjDI6AhFa1CZRj36BmtHpHmPvBIV1sF00N5Rv/YMvbRvMzzVB3lwkcachGttR5fmaI7DGw8qlhLMf6SoSw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 142ms
53ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-103936869-1&cid=1536746525.1662502929&jid=840094096&_u=YGBAiEABRAAAAE~&z=1405940365

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 143ms
55ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-103936869-1&cid=1536746525.1662502929&jid=840094096&_u=YGBAiEABRAAAAE~&z=1405940365

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
707 B 26ms
6ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 22:22:09 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d8283688-e10e-4956-8391-3545f6045000
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.armorblox.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
204 B 16ms
6ms XHR
text/html 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-137-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.armorblox.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 312ms
304ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&session=1f60ca3a-07d3-49cd-8959-24da6ee75cbb&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2006%20Sep%202022%2022%3A22%3A09%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&pageViewId=4e208f41-9b97-4dac-8605-3a99209eaf97&an_uid=0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/blog/authors/abhishek-iyer/ 18 KB
5 KB 8ms
7ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/authors/abhishek-iyer/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

41be1e5d726d33f48ddde6e069e3591296761299805c28778670ffdb911be3bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB12BBJMEPBY6JKCQQDXM
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "4fc50f0f95e1948ef94205fe1b58c459-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4965
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/customers/ 41 KB
10 KB 7ms
7ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/customers/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e9157bb9aec01610d3ad09a20de06d6757eaa9b5de052957cc5738778ff27c8e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB12GP5X92M0N75CDPAM4
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "55ff219d9dd1880cd1f229613b5bec06-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10336
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/index/ 41 KB
10 KB 18ms
18ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/index/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

baea9398b8d979a13e8ab5f7f9cf0947138ff7ca6f33b85fe6d4be4d24164243

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB1444PDZN9A8N6NK4HWP
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "37d3ecfc0b9bfb92816d8aed9386b095-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9915
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/google/ 36 KB
9 KB 8ms
7ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/google/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

8a856136ed58b366d191b7ce610961d832cfa6425dc907063aa3ead0813be7ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB152SMMSG4Q7BJ1Y3DGF
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "d801eb99fce69a068767fce0bdef3807-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9366
x-xss-protection: 1; mode=block

GET
H2 200 data.js Show response
tags.clickagy.com/ 38 KB
14 KB 48ms
19ms Script
application/javascript 2606:4700::6812:1ecd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by: Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/4MreV1Ai7H5ui5ARpnnT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f036563446cf05e238dc8eba66197fd0e3acd75f906eb7417760b847a71699c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
age: 77757
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
last-modified: Fri, 22 Jul 2022 16:26:09 GMT
server: cloudflare
etag: W/"6a28c0e399c6dfbaad6af28ce1c365da"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 1Nhx_Y67e6VXTMzzl68Z79su8AQ8v6Fp
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
cf-ray: 746a9a0e0a0b6961-FRA
x-amz-cf-id: RgdFxQAo8QyGtnM1GG4l5qhPLWQs30Yq0F_ZDaWoQhZA3Y13O4Y3yw==

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/data-loss-prevention/ 41 KB
11 KB 8ms
7ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/data-loss-prevention/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

6b2c465f4a692eb9a1d02b3d5145972f4b47d52984606049331adc0813e48387

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB15Q2SV240VRA56SX5HP
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "c3e474c1a1e4c4176592f17693b9f7ad-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11417
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/industries/education-industry-email-security/ 41 KB
11 KB 8ms
8ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/education-industry-email-security/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

0128ea44bc576958fb5fae7170ba6ff223ade2bc2526a4e650edd99fba94f92c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB15Y2FEF47PCFQFGFK2M
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "e385c26b86a55da29547102c77396d06-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11189
x-xss-protection: 1; mode=block

GET
H2 200 details Show response
epsilon-cloudfront.6sense.com/v3/company/ 431 B
577 B 34ms
14ms XHR
application/json 99.86.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon-cloudfront.6sense.com/v3/company/details
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-74.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 507670a9c3b08c1e6a5ee1657bac6d0deb7862accb1ff090c2050b70104192c3

Request headers

Authorization: Token feeee1c1b8e5fdaa6744704973e2bdfb76df296b
Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.armorblox.com
access-control-allow-credentials: true
content-length: 235
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-id: Q6qxlAJAvsLOQddZTW8zaPQv40WETAYI8q0zyPOltLu48eVIZR4Asw==

OPTIONS
H2 200 details
epsilon-cloudfront.6sense.com/v3/company/ Frame 0
0 49ms
16ms Preflight 99.86.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon-cloudfront.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-74.fra6.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.armorblox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.armorblox.com
access-control-max-age: 1800
date: Tue, 06 Sep 2022 22:22:09 GMT
server: nginx
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-id: SO3LyHSqmzf_IzLV8h5ovU-e0s1Px0pZEYubO3UfbyMgeVvnBlFajQ==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/executive-impersonation/ 42 KB
12 KB 8ms
7ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/executive-impersonation/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

999d9ca331f16ca884f732f9c6d9727a63bc4bb17346af46707f80c852652de7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB165235TT086NN5TTXP3
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "e5f694dcdeb844dbeca44128b1edad0f-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11930
x-xss-protection: 1; mode=block

GET
H3 200 /
www.google.com/pagead/1p-user-list/726574466/ 42 B
64 B 58ms
54ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/726574466/?random=1662502929393&cv=9&fst=1662501600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&async=1&fmt=3&is_vtc=1&random=819542681&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/726574466/ 42 B
64 B 58ms
55ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/726574466/?random=1662502929393&cv=9&fst=1662501600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&async=1&fmt=3&is_vtc=1&random=819542681&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 22:22:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/c16db54a/www-widgetapi.vflset/ 161 KB
52 KB 117ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c16db54a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef9784347baaf9329877b3e77ac494af29d42a9df0944d53cb677bbb2daeb89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 19:34:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53414
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Sep 2023 19:34:41 GMT

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/ 38 KB
11 KB 9ms
8ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

69cfe560c661ae2490a09bf649281719192c44e84d50b981636eb02dfb6bb3f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB16GAMX21SNYS7VB0DE2
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "7dcbc75b09100c0712b269f30b27a91c-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10767
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/business-email-compromise/ 41 KB
11 KB 8ms
7ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/business-email-compromise/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

c23519201b5019c6af7edebbecea4347a99cbb0d682449ac24aba9cd2f3cab11

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB16H24TCAD5KZSDG1K99
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "74181ad0b35bdddf641b3182664ac8ef-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11596
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/email-account-compromise/ 40 KB
11 KB 10ms
7ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/email-account-compromise/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

0ee5091c35376aa345da655824705ec9d889d371c6233f12730faf5606681dfc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB16T60A8NXFDA7YCQEHA
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "29f80f8046afcb580dd5bc6326017691-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11366
x-xss-protection: 1; mode=block

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
508 B 468ms
100ms XHR
application/json 18.213.137.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.137.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-137-21.compute-1.amazonaws.com
Software: Aorta/20220823.10fb48f9 /
Resource Hash: 104b3b7789907824616f621adfa53b3bff76345ba4eca8710597afa864ee97aa

Request headers

Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
content-encoding: gzip
server: Aorta/20220823.10fb48f9
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.armorblox.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 577038a3de72
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
328 B 471ms
103ms XHR
text/plain 44.205.92.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.92.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-92-219.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.armorblox.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

GET
H2

200

51557
stags.bluekai.com/site/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:4ffc4455c6ad2e9a32e193476f53978a&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
https://d.agkn.com/pixel/10751/?che=1662502930150&ip=185.213.155.168&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D217003104266004477537
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=217003104266004477537
https://stags.bluekai.com/site/51557?id=c:4ffc4455c6ad2e9a32e193476f53978a&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1

62 B
227 B

185ms
149ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/51557?id=c:4ffc4455c6ad2e9a32e193476f53978a&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

Redirect headers

date: Tue, 06 Sep 2022 22:22:10 GMT
server: Aorta/20220823.10fb48f9
location: https://stags.bluekai.com/site/51557?id=c:4ffc4455c6ad2e9a32e193476f53978a&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 6027391adab7
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2

451

711861.gif
id.rlcdn.com/
Redirect Chain

https://aorta.clickagy.com/liveramp_redir
https://id.rlcdn.com/711861.gif

0
98 B

116ms
41ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711861.gif
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Tue, 06 Sep 2022 22:22:10 GMT
server: Aorta/20220823.10fb48f9
location: https://id.rlcdn.com/711861.gif
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 557a387dcbbd
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/industries/healthcare-email-security/ 39 KB
11 KB 8ms
8ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/healthcare-email-security/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

d6e1f1518d6e544f11c88d50c1afa409cc1975741ef6e62aba3404b02e8ea36e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB17RHJXBCSZK94DCHNZ0
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "a1cb1e0fe45b108612569d954fb48b19-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10792
x-xss-protection: 1; mode=block

GET
H2 200 getForm Show response
app-sj27.marketo.com/index.php/form/ 3 KB
1 KB 72ms
72ms Script
application/javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-sj27.marketo.com/index.php/form/getForm?munchkinId=176-XMJ-030&form=1082&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&callback=jQuery112409100310708694341_1662502929668&_=1662502929669
Requested by: Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eba79f3ade6bfeaad4dce07a5fd9a936f4f9910d20504262856e4ff3fab9e9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a9a0e8cca5c38-FRA
cached: true
content-type: application/javascript; charset=utf-8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
394 B 249ms
248ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6sense-temp-analytics&svisitor=null&session=1f60ca3a-07d3-49cd-8959-24da6ee75cbb&event=epsilon-cloudfront&q=%7B%22name%22%3A%22https%3A%2F%2Fepsilon-cloudfront.6sense.com%2Fv3%2Fcompany%2Fdetails%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A1502.8000011444092%2C%22duration%22%3A83.89999961853027%2C%22initiatorType%22%3A%22xmlhttprequest%22%2C%22nextHopProtocol%22%3A%22%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1502.8000011444092%2C%22domainLookupStart%22%3A0%2C%22domainLookupEnd%22%3A0%2C%22connectStart%22%3A0%2C%22connectEnd%22%3A0%2C%22secureConnectionStart%22%3A0%2C%22requestStart%22%3A0%2C%22responseStart%22%3A0%2C%22responseEnd%22%3A1586.7000007629395%2C%22transferSize%22%3A0%2C%22encodedBodySize%22%3A0%2C%22decodedBodySize%22%3A0%2C%22serverTiming%22%3A%5B%5D%7D&isIframe=false&m=%7B%22endpoint%22%3A%22epsilon-cloudfront.6sense.com%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&pageViewId=&d=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/industries/financial-services-email-security/ 39 KB
11 KB 10ms
10ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/financial-services-email-security/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

57b4f7d353f02bf2f061070ff0bc22669826f5befe1f18588e2b378a52c2bc53

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB197TD20K5FEPYDCFMBW
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "5a04213456ebd4004399694ac16f141b-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10807
x-xss-protection: 1; mode=block

GET
H2 200 forms2.css
app-sj27.marketo.com/js/forms2/css/ 13 KB
3 KB 30ms
29ms Stylesheet
text/css 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4686
vary: Accept-Encoding
content-length: 2623
last-modified: Tue, 16 Aug 2022 18:54:37 GMT
server: cloudflare
etag: "1000343-3437-5e66047a81540"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 746a9a0f0d865c38-FRA
expires: Wed, 07 Sep 2022 02:22:09 GMT

GET
H2 200 forms2-theme-simple.css
app-sj27.marketo.com/js/forms2/css/ 826 B
378 B 29ms
28ms Stylesheet
text/css 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 801
vary: Accept-Encoding
content-length: 242
last-modified: Tue, 16 Aug 2022 18:54:37 GMT
server: cloudflare
etag: "1000341-33a-5e66047a81540"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 746a9a0f0d875c38-FRA
expires: Wed, 07 Sep 2022 02:22:09 GMT

GET
H2 200 XDFrame Show response
app-sj27.marketo.com/index.php/form/ Frame E3F0 2 KB
893 B 182ms
182ms Document
text/html 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/index.php/form/XDFrame

Requested by

Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78a0c246d0f89264c120505dc030b7aeb15c8290b4025c27054b7103af03f1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 746a9a107f395c38-FRA
content-encoding: gzip
content-length: 652
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 22:22:10 GMT
server: cloudflare
strict-transport-security: max-age=63113904
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 110ms
14ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=212326003800453&ev=PageView&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&rl=https%3A%2F%2Fem.armorblox.com%2F&if=false&ts=1662502929903&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662502929902.1068352600&it=1662502929443&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 06 Sep 2022 22:22:10 GMT

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/microsoft/ 40 KB
10 KB 10ms
8ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/microsoft/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

4ba81582f70da9691ebe6c16cc8cfcbb261d6288349e6529afc1acf93cf8b5a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB1JF2Z92E475169BT6PV
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "a572850c1984766f797ccba0b13ea8ad-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9758
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/ 38 KB
9 KB 14ms
13ms XHR
application/json 2a05:d014:275:cb02:66df:50b:6e56:a6bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02:66df:50b:6e56:a6bf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

419d5ecfd20d6ad6858522bc4272eba8ec12100c41c7fb4c16af21a2b12b9770

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nf-request-id: 01GCAEB1JFGA1BGDRGP4X86PDG
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "b37273e67e26037224c33cd386468613-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Sep 2022 22:22:09 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9452
x-xss-protection: 1; mode=block

GET
H2 200 forms2.min.js Show response
app-sj27.marketo.com/js/forms2/js/ Frame E3F0 208 KB
69 KB 26ms
26ms Script
application/x-javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/index.php/form/XDFrame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app-sj27.marketo.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2022 04:27:49 GMT
server: cloudflare
age: 6667
etag: "1000584-33e56-5e7317402cd22"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 746a9a11a8815c38-FRA
expires: Wed, 07 Sep 2022 02:22:10 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 536B 0
18 B 19ms
8ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.armorblox.com
Referer: https://www.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.armorblox.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 22:22:10 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 205ms
205ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&session=1f60ca3a-07d3-49cd-8959-24da6ee75cbb&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2006%20Sep%202022%2022%3A22%3A10%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2006%20Sep%202022%2022%3A22%3A09%20GMT%22%2C%22timeSpent%22%3A%221006%22%2C%22totalTimeSpent%22%3A%221006%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&pageViewId=4e208f41-9b97-4dac-8605-3a99209eaf97&an_uid=0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 45A2 2 KB
1 KB 299ms
299ms Document
text/html 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1662503100000/ikk2zzg7t3aw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

031d80ef7e88e01ae16a5e2e59ce168bc31fec81be6aa8ac388d7213d37c3da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 22:22:10 GMT
etag: W/"fee11af2184d7af2cbe07132a525513a"
last-modified: Wed, 31 Aug 2022 18:23:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
x-amz-cf-id: hT467STqs5uSDH__FLPF7hiKCPMkbGiigyTsCKb1xAWS1ZrOXv2f2g==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: Y5Qc9YCv9HnUtWRsyFhahbsVqQ0FTNR4
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 6733 2 KB
1 KB 117ms
117ms Document
text/html 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1662503100000/ikk2zzg7t3aw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

031d80ef7e88e01ae16a5e2e59ce168bc31fec81be6aa8ac388d7213d37c3da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 22:22:10 GMT
etag: W/"fee11af2184d7af2cbe07132a525513a"
last-modified: Wed, 31 Aug 2022 18:23:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
x-amz-cf-id: 7P3AvRAz6UedvmrWxPcfgp2ulciyvLsnX14hJouIDheBKQeVy7l8Xw==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: Y5Qc9YCv9HnUtWRsyFhahbsVqQ0FTNR4
x-cache: RefreshHit from cloudfront

POST
H2 204 ha-analytics.php
analytics.humanautomation.ai/ 0
140 B 410ms
410ms Ping
text/plain 184.73.246.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.humanautomation.ai/ha-analytics.php?action_name=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&idsite=317&rec=1&r=848867&h=22&m=22&s=10&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&urlref=https%3A%2F%2Fem.armorblox.com%2F&_id=ab78b39b8741d451&_idn=0&_refts=1662502931&_ref=https%3A%2F%2Fem.armorblox.com%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=nzvOCD&pf_net=159&pf_srv=347&pf_tfr=9&pf_dm1=181&pf_dm2=1876
Requested by: Host: analytics.humanautomation.ai
URL: https://analytics.humanautomation.ai/ha-analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.246.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-246-234.compute-1.amazonaws.com
Software: nginx/1.20.0 / PHP/7.4.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.armorblox.com
date: Tue, 06 Sep 2022 22:22:11 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
x-powered-by: PHP/7.4.30

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=426283102&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&dr=https%3A%2F%2Fem.armorblox.com%2F&ul=en-us&de=UTF-8&dt=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6sense&ea=6sense%20enrich&el=6sense&_u=aGDAiEABRAAAAE~&jid=&gjid=&cid=1536746525.1662502929&tid=UA-103936869-1&_gid=1842630909.1662502929&gtm=2wg8v05DM95KB&cd10=%5Bobject%20Object%5D&cd12=Sweden&cd18=&cd19=&cd20=&z=278486460

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:25:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3380
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime~main.bef95df7.js Show response
js.driftt.com/core/assets/js/ Frame 6733 6 KB
3 KB 9ms
8ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

32626949417e1e5f0a910740e6d8dce52bc42f2808aa774007c13d70947b0b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 18:23:26 GMT
content-encoding: gzip
age: 532724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 31 Aug 2022 18:10:12 GMT
server: nginx
etag: W/"e086f8acd2530042828444b37a1d77f9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5Bb2GA_q6cpdGdsbvIylHuOc7jJBWoOg
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cfrkLmko0-9P-c0KCracTtgek_wdih8zJzuryZbaFg9TjOwWtBjdWw==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 35 KB
13 KB 9ms
9ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 7698141
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o_X8R1P1fvK427UyC0vULkwr0ej1uNDqfueC6t4eUxjHCaXaA9-A0g==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 7 KB
3 KB 10ms
9ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:04 GMT
content-encoding: gzip
age: 5612826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:58 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hiapbHKSV4DShQCB29I8q9ZEQ_orBvh8
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TYSsKnaVwiCcLeNngFGR5oJAmIhYW9Y9NJrT831YHdGrp15YNvf5Dg==

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 47 KB
14 KB 11ms
8ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:17:00 GMT
content-encoding: gzip
age: 5601910
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jctMzIJIR8pxylIIOPc..ieVIdEvFzh3
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aGTRG7l-0-s10yRQZGnSX7d_Syq-WeChyaVIFiOviqPM7pSSbehSgA==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 44 KB
13 KB 14ms
10ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:05 GMT
content-encoding: gzip
age: 5612825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rhriNS8WygjGEv2GTbSa16tsLJlBsIO5
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GKb8l7AGSbuJ9NYDSRUEztfNOFYVho5sidChUbbLeRVEpp1ok0xD_w==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 25 KB
8 KB 14ms
10ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 05:13:08 GMT
content-encoding: gzip
age: 4122542
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 16:44:36 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oKmg4FrWOfQibH6GiwTJD5mzxlfV.GJ_
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fM6PzNctTR9D07Uwyo2JjI1buXEk88Znbfjch0F-ATc1-a1Iksm8VQ==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 16 KB
5 KB 15ms
11ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:05:58 GMT
content-encoding: gzip
age: 5433372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pxNOQ93Ry3SgjvjCpTdQZ2Sx3uMbDhCG
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qb9k6JhRNjw8xzaZlZc16R5l53xRHuy6hKG8SZeb4ghkB8cin2cHBA==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 74 KB
23 KB 15ms
11ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 7698141
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z5s1SfqDN1sPp2h3MV4Cq4exaGngCo_6NmcskSZrohUhqDh180Dy4g==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 59 KB
19 KB 16ms
12ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:05 GMT
content-encoding: gzip
age: 5612825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WcCqQoAG3H9hj_QsryoONfIqJXy6i_Vu
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gq5w0q_p2uJ0MbJwsAgmyMWaizOLAiHSgLrShNsbeNDrpDBNzCyHqA==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 91 KB
28 KB 16ms
13ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 20:28:27 GMT
content-encoding: gzip
age: 2944423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 20:13:17 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p9hPb_BoaQT.rfo1ve74yYgdVe7_JTph
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sV_ompEdQLddMaawldCGNlIH84sXPoS1Q3v7tB2y-RMTxUJVTvWMjw==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 23 KB
7 KB 17ms
14ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:06 GMT
content-encoding: gzip
age: 5612824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:55 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7WrloWWSc22pVf.7ICrUs7406unnhgom
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RxJgV2Ssa_z9GvXQu1rLM0fangETBc4H6FJ15yFSlwg_S5FqUqnRXQ==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 62 KB
20 KB 18ms
15ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 03:22:54 GMT
content-encoding: gzip
age: 4129156
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 16:44:35 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Czs8PHX517U6kDfcy5c9LsKW5uxut099
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2hmjKT5OW_EN5DU-UzHZBeU6MM0yhrXnIqkyAqVBzk0LT883bzZ9qw==

GET
H2 200 45.772158c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 105 KB
34 KB 18ms
16ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 06:43:42 GMT
content-encoding: gzip
age: 7400308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 10 Jun 2022 19:03:31 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: aEgB7rZxvs_rhrc47mnGdmzprDAsXGNL
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Vkp60Pp2WNHxcS8DzT8cX_uJPxKOm_ToeAxakc7pz80d5NyQpUSHyw==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 12 KB
4 KB 20ms
17ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 00:36:46 GMT
content-encoding: gzip
age: 2843124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Aug 2022 20:35:47 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: uo_6OKHcHDCBfHJOyNP63YTxUQ5cnt_W
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uUaRQZHuOSWQddLVhupK8Rxo7bscSf3PjeXfOqZ9BFuIAb4OG15aVQ==

GET
H2 200 28.ed383893.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 12 KB
5 KB 20ms
18ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 08:05:31 GMT
content-encoding: gzip
age: 4889799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 11 Jul 2022 14:16:17 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AvxSunSgeBTQzaCE.4f6vvhlOyihsj6Q
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SesT3p6mWceaiYBfHnr_87CgIyUH89v40WEtUfp_FdZAIwtNJMua6g==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 17 KB
7 KB 20ms
18ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 00:55:28 GMT
content-encoding: gzip
age: 4051602
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 16:44:35 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f.0PmvFwFO6wHvpJ0r6JG1gTthOACCRK
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d4hF0NL_XUASt15ZyKZRpQBInBwhEhJ5PW5wc0k04_bO_Jo1vQ_sfQ==

GET
H2 200 9.f50eb0b3.chunk.css
js.driftt.com/core/assets/css/ Frame 6733 13 KB
3 KB 11ms
8ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.f50eb0b3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d65de87105aa9fe774e1fb4322529cd2ad2718e7387afb70e51b870cbf23b571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:22 GMT
content-encoding: gzip
age: 982908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:13 GMT
server: nginx
etag: W/"e6efd75f849f72222df348ff402e8026"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cfUNfNdGGDHKWON2NXR5AFmNvq8uIDRB
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dAaUswtgAsM56e9xPQCVn8owMykc4IilXTn-NE7DGIC5uYs5q_J56w==

GET
H2 200 9.535a3a94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 70 KB
22 KB 21ms
19ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.535a3a94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

59a73ec19a6bedd8415c972674adc1f24a9b785ebbe28b6b49b571c02ba227f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:22 GMT
content-encoding: gzip
age: 982908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:17 GMT
server: nginx
etag: W/"073dafbb4b9bd1b881e6475386b712ee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oCovUdRwAlg.GGR_hVxwJrKIYj.O.YqJ
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: I8PExwap7kOWhZS68NHLlnvcVGLQWa0lQxEWJzTUadcqKwmrBXECDw==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 6733 24 B
666 B 11ms
9ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
age: 7698141
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nUV8o6Ysz4C5WtEzB16iX5cvrO9YBAUypUpUwhvPssj-708KEvfrDg==

GET
H2 200 17.6ccd0f69.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 77 KB
20 KB 21ms
20ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6ccd0f69.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ab6f19b1c8929b99d3725f9d7688325dfaa743613fd72cd4dc67ef0ceb50d34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:22 GMT
content-encoding: gzip
age: 982908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
server: nginx
etag: W/"a581fbb27874f93f15c3fe3784f2391a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A6__olwCDz1FD.1X9WiQXDg59ZPZqaUK
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CnCBCK7X7Iw25-nILoFROsQGIw0czTFBcvMPu-AKvrCBruRJaGymSA==

GET
H2 200 24.6872e542.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 48 KB
13 KB 22ms
21ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.6872e542.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f78f03c76e2d4bc33181242fa874eb1864fd893a0220c67c3c921173ccebaa5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:22 GMT
content-encoding: gzip
age: 982908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
server: nginx
etag: W/"d5fca8bbc4fcf7b492843bcb9a12189b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: myoo_FG2jXaPzinerG5A.TSm8zp.AVWF
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Wa5poJMPs7p00KzQ-RJVlD8rYHWU5BP4nwqKHmOnzrPmFDWJxu_iUg==

GET
H2 200 15.470f07ed.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 40 KB
13 KB 24ms
23ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.470f07ed.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b18d121835cf2154f365b4d22c28ee2158878fa79c3f550b603994b75947cd1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 18:23:26 GMT
content-encoding: gzip
age: 532724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 31 Aug 2022 18:10:09 GMT
server: nginx
etag: W/"7928b8a053044dac0930a819c7f6cac0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FkcIx6pwGge5IA4Bglyp6FQ8lfWD.1Bl
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Zi_dlEGg5ywt7GLtuueKvuy1ao-XQ6uGe1BvelCbxDyX3MWSGsdwdQ==

GET
H2 200 34.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 6733 3 KB
1 KB 8ms
8ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 23:19:59 GMT
content-encoding: gzip
age: 5698931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:54 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _3ypchvV2Y1htZw1RZMu3A33yhTTURn1
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z450CifkIgJE9QMoYRdThunEJzht69HdQ_Sd2ArG_CLLDGOnCDZXpQ==

GET
H2 200 34.3cbd9261.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 3 KB
2 KB 9ms
9ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.3cbd9261.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7186667a162c9e21b7932996c559c2a4451b1460ce4330f81abcd487c094f906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:23 GMT
content-encoding: gzip
age: 982907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
server: nginx
etag: W/"748f87dc8e48bdf52edce2868c5c428c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9WcUo8FUpPIrUIsoQRc2Y_xjFIjq3R62
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: O4JWKOcawjCkDSTq0uhZWu3qG9MZ-xESJBZq7kWFY7NrLGTkH7PUzg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 9 KB
3 KB 9ms
7ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 23:25:32 GMT
content-encoding: gzip
age: 6562598
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FXhpBdntUhclEQbRyN38j73SJPN5DG6s
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _77LgQkT42e7rpLOm3WQjw9CnRboIIKnmFUt_tQsXt7IrCgf86wUJQ==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 6733 7 KB
2 KB 9ms
8ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:07 GMT
content-encoding: gzip
age: 5612823
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:54 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tCdSVILzeupU.nQrAVkA0bwYUW3c2XL3
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _cKweREhFFwPPOu34bYGsQUaSYMwd5kklnebIDnyvdCfF1iOr8H2hw==

GET
H2 200 3.00aa1009.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 54 KB
16 KB 11ms
9ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.00aa1009.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b8eef39219651c2e824894e8f8d35742e86021c1a556136fb6ffc5e1169bccbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 19:21:46 GMT
content-encoding: gzip
age: 4676424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 13 Jul 2022 19:05:10 GMT
server: nginx
etag: W/"b6e857285e106c4d697971a13a9e5f01"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 999X6Dy8tQUXzeDhHGPsLNw5NdqaiqrR
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uxN0-saY9Cb0ORzZu3rKLtOF2qPlbxEBXmU_bAuurr8giZGDt0c8xQ==

GET
H2 200 1.9ac936f5.chunk.css
js.driftt.com/core/assets/css/ Frame 6733 43 KB
7 KB 10ms
8ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.9ac936f5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

05fd3f7ca9e58167b3322b6b18b6558c169422c0b04710d9d05c12181d51fca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:23 GMT
content-encoding: gzip
age: 982907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:12 GMT
server: nginx
etag: W/"aceba6596ea46648313cf55bd1ddcfc5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g2F7HrSZWtngTjVVBgLaUYEhzo51aYKk
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S9Jeo_Kg2Zf1HyvKgxBT27dgUvqP3P6rjAFnBwJc69D29FtXykzbxQ==

GET
H2 200 1.2539d882.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 73 KB
25 KB 11ms
10ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.2539d882.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8683eb483faa2ba096b88b51024bee89996afc3d535851c25c0f3048c6ce1fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:23 GMT
content-encoding: gzip
age: 982907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:14 GMT
server: nginx
etag: W/"b2b42f2c656523eb815001ce11edca28"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fIE_oAo1FKBhU1h.XRllzJ0k6ca8W79P
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bQwQ4Vz2ZTPK2Nwpg1LQ9Byvq72S2pCJ0XSa1AZY1uJUW1fERAlyCw==

GET
H2 200 31.1f8907d7.chunk.css
js.driftt.com/core/assets/css/ Frame 6733 13 KB
3 KB 10ms
10ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/31.1f8907d7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d448922e5f8ed3b2a45beeecd2c8667699df8627efa96d61777212459cb75c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:23 GMT
content-encoding: gzip
age: 982907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:13 GMT
server: nginx
etag: W/"cea19cf62d3d6bd9d3f16433e69c8464"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y_GckAHSFRel3MT0hH2mIHQBZxv6gp4Z
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gwGOpFLjSckp-_W7ewp1t8g7EvE0T1C4yl6c4PPLalrKuQUYLnQFQw==

GET
H2 200 31.a2b3c0b5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6733 12 KB
5 KB 12ms
11ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/31.a2b3c0b5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8534026f857e6cae6d883e0b91a3c4153990d691cc0298b47fee02adc5e58779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1662502928614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:23 GMT
content-encoding: gzip
age: 982907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
server: nginx
etag: W/"7d8bb443a5de3257f895de8bf92ff127"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: E6NeJTbwpOMQ0eNbyU6FVfN0HWCLyHlQ
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: A5y3uKs_1K66CZjMUYxvufXcjZS6L4UEFA71XAmLDv42-AAVlSfbCA==

GET
H2 200 runtime~main.bef95df7.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 6 KB
3 KB 9ms
9ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

32626949417e1e5f0a910740e6d8dce52bc42f2808aa774007c13d70947b0b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 18:23:26 GMT
content-encoding: gzip
age: 532724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 31 Aug 2022 18:10:12 GMT
server: nginx
etag: W/"e086f8acd2530042828444b37a1d77f9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5Bb2GA_q6cpdGdsbvIylHuOc7jJBWoOg
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J2bg7QeDw9AN309F3kfoGzj9X0yIn-Si0XRMkegahZLlW5w73MJuWA==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 35 KB
13 KB 10ms
9ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 7698141
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tLCcctr1GXmeIqE_zTO-hCknDCcR7-nQAA6BfRAGISQiR65GReTy8w==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 7 KB
3 KB 10ms
10ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:04 GMT
content-encoding: gzip
age: 5612826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:58 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hiapbHKSV4DShQCB29I8q9ZEQ_orBvh8
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lyp6_nlo0CDZS_e2fPWX9b4F0AjQ02GGHiC9NeirnHgcuNdVFyDREw==

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 47 KB
14 KB 9ms
7ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:17:00 GMT
content-encoding: gzip
age: 5601911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jctMzIJIR8pxylIIOPc..ieVIdEvFzh3
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: weIaYUDnueKcA4dVKgHB-E9Mtfie10SYUZPdXgejY2z51CIJaUu9eg==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 44 KB
13 KB 10ms
8ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:05 GMT
content-encoding: gzip
age: 5612826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rhriNS8WygjGEv2GTbSa16tsLJlBsIO5
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: duEDBS7kyI1qqWiJqTpyGoJ2-L58jvcOYz5fpg6PTXuF4g2BxKXRgQ==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 25 KB
8 KB 11ms
9ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 05:13:08 GMT
content-encoding: gzip
age: 4122543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 16:44:36 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oKmg4FrWOfQibH6GiwTJD5mzxlfV.GJ_
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sFunm19oAFTsfHPox_z3jNw1vlbEWxaQms34s6WRE3f7IFlIBGiU1Q==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 16 KB
5 KB 12ms
10ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:05:58 GMT
content-encoding: gzip
age: 5433373
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pxNOQ93Ry3SgjvjCpTdQZ2Sx3uMbDhCG
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FCS5_HmpMy__O_TNZFDOFVCFh5jkoS6cQmDUGDKB86uGT5IhAzd35A==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 74 KB
23 KB 12ms
11ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 7698142
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3Rhh1mXvyV3VbIVzzuoaAwUOsA4w3sHfKo0vQYPZJeTUFF5tbEJRTw==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 59 KB
19 KB 14ms
12ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:05 GMT
content-encoding: gzip
age: 5612826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WcCqQoAG3H9hj_QsryoONfIqJXy6i_Vu
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -nij46RMkCmYe3T6KuwNbwvNzDeDROButqJB99uCt76-OaxtVw4YYA==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 91 KB
28 KB 16ms
13ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 20:28:27 GMT
content-encoding: gzip
age: 2944424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 20:13:17 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p9hPb_BoaQT.rfo1ve74yYgdVe7_JTph
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Yith15GXkF8RT6XsvhzzuFYkZljT1qot2fRi57xOtuXOFnLbzEYY2A==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 23 KB
7 KB 17ms
15ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:06 GMT
content-encoding: gzip
age: 5612825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:55 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7WrloWWSc22pVf.7ICrUs7406unnhgom
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nWoHRoUJNtai2BNofGjvwvspTCCQlE7JGxQTA38xVSeEN8B8VijumQ==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 62 KB
20 KB 18ms
15ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 03:22:54 GMT
content-encoding: gzip
age: 4129157
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 16:44:35 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Czs8PHX517U6kDfcy5c9LsKW5uxut099
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _wf6_m1G5Y5Tl5pXFW9KNBQuAnS1-I6idNDc3wbQ5QazQPzE0qHVjQ==

GET
H2 200 45.772158c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 105 KB
34 KB 19ms
17ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 06:43:42 GMT
content-encoding: gzip
age: 7400309
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 10 Jun 2022 19:03:31 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: aEgB7rZxvs_rhrc47mnGdmzprDAsXGNL
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _413CHN3lsJwsTCviQo7Gqx846h8cV_brueKEsnkOgshEtcADFXVjw==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 12 KB
4 KB 20ms
18ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 00:36:46 GMT
content-encoding: gzip
age: 2843125
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Aug 2022 20:35:47 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: uo_6OKHcHDCBfHJOyNP63YTxUQ5cnt_W
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9TxNz9EjXNAYj-cYAc6UhzizkA06MXQe-xgkB6TRCARLKSwAxuSgzQ==

GET
H2 200 28.ed383893.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 12 KB
5 KB 21ms
19ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 08:05:31 GMT
content-encoding: gzip
age: 4889800
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 11 Jul 2022 14:16:17 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AvxSunSgeBTQzaCE.4f6vvhlOyihsj6Q
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NobP-aW0I5eATzvXWz7s6ArafPYJyao0oebBwIvcz-RBiwE99fIRDQ==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 17 KB
7 KB 21ms
20ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 00:55:28 GMT
content-encoding: gzip
age: 4051603
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 16:44:35 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f.0PmvFwFO6wHvpJ0r6JG1gTthOACCRK
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ykPQ5iD8hL-leqfe2whkg1rIZ4Qx3tZ3G4ZA-HLKT7G9MsLcTkncLA==

GET
H2 200 9.f50eb0b3.chunk.css
js.driftt.com/core/assets/css/ Frame 45A2 13 KB
3 KB 22ms
20ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.f50eb0b3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d65de87105aa9fe774e1fb4322529cd2ad2718e7387afb70e51b870cbf23b571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:22 GMT
content-encoding: gzip
age: 982909
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:13 GMT
server: nginx
etag: W/"e6efd75f849f72222df348ff402e8026"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cfUNfNdGGDHKWON2NXR5AFmNvq8uIDRB
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d_3WveVFYGpCROZ5_O7x2HjybUDt993aGDyY9s9Ds71LD12wwOqydA==

GET
H2 200 9.535a3a94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 70 KB
22 KB 23ms
22ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.535a3a94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

59a73ec19a6bedd8415c972674adc1f24a9b785ebbe28b6b49b571c02ba227f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:22 GMT
content-encoding: gzip
age: 982909
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:17 GMT
server: nginx
etag: W/"073dafbb4b9bd1b881e6475386b712ee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oCovUdRwAlg.GGR_hVxwJrKIYj.O.YqJ
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: juXkkHccLzcX4LmfgVAcVGPbiva6wAjI5t2Ww5fO1uBRjapu0zFZWg==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 45A2 24 B
667 B 22ms
21ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
age: 7698142
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C1Rygc-ybzTGoYn4CFOUXTpkbUJOPXUFY0Kj2T2QmqJnYSEEHM28xg==

GET
H2 200 17.6ccd0f69.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 77 KB
20 KB 24ms
23ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6ccd0f69.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ab6f19b1c8929b99d3725f9d7688325dfaa743613fd72cd4dc67ef0ceb50d34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:22 GMT
content-encoding: gzip
age: 982909
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
server: nginx
etag: W/"a581fbb27874f93f15c3fe3784f2391a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A6__olwCDz1FD.1X9WiQXDg59ZPZqaUK
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YZjnuIR5jlGBSlJrYFT2GwH3DXBHdiVRPYfxZp3_f7ftn_XqOP3xwQ==

GET
H2 200 24.6872e542.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 48 KB
13 KB 25ms
24ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.6872e542.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f78f03c76e2d4bc33181242fa874eb1864fd893a0220c67c3c921173ccebaa5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:22 GMT
content-encoding: gzip
age: 982909
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
server: nginx
etag: W/"d5fca8bbc4fcf7b492843bcb9a12189b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: myoo_FG2jXaPzinerG5A.TSm8zp.AVWF
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Tc7aPu3xZgPO-2Z5BlyNe-hJAaqyUSqwKJZqI_FRWK-GIQHQYjEd7w==

GET
H2 200 15.470f07ed.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 40 KB
13 KB 25ms
25ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.470f07ed.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b18d121835cf2154f365b4d22c28ee2158878fa79c3f550b603994b75947cd1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 18:23:26 GMT
content-encoding: gzip
age: 532725
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 31 Aug 2022 18:10:09 GMT
server: nginx
etag: W/"7928b8a053044dac0930a819c7f6cac0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FkcIx6pwGge5IA4Bglyp6FQ8lfWD.1Bl
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mmh3z_4lGdYlG7z_YIor07FxCSUxpU5L72pj_D-KrQ0c4Yee5q7Ypw==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 9 KB
3 KB 9ms
8ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 23:25:32 GMT
content-encoding: gzip
age: 6562599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FXhpBdntUhclEQbRyN38j73SJPN5DG6s
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oMj0_icz-3DmdKTNvOM9ei5ZKWm6TBONNkcEmdIW5Ra7CdSZamD7Vw==

GET
H2 200 26.2d4cdbd1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 34 KB
10 KB 13ms
11ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.2d4cdbd1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 18:23:27 GMT
content-encoding: gzip
age: 532724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 31 Aug 2022 18:10:09 GMT
server: nginx
etag: W/"c55d27c90bd5affbf7c7047151ac3b6a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: siv4sYmLp3BEOV5kWKjSS9V7tHMZAkGl
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v5jRBE223WWgRYuMUWnbHXNCmW29y3kV8qv4ZbWWITfohL2r4I48fQ==

GET
H2 200 27.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame 45A2 8 KB
2 KB 11ms
10ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.9bf46b67.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 18:08:02 GMT
content-encoding: gzip
age: 2175249
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 17:25:54 GMT
server: nginx
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OwtYu1UfCDk9O65HArj6B6mV7fLBXaFN
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YQDCMApmfCJaA9iawQuKZ1Q2hVrJo3FVk98NqT_Z-eVP0DxdEOEQHQ==

GET
H2 200 27.59c53bf0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 13 KB
5 KB 14ms
13ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.59c53bf0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8bafd70b875a4328d6ac081d194f9662da21024454676cf166858d14116df322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 18:23:27 GMT
content-encoding: gzip
age: 532724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 31 Aug 2022 18:10:09 GMT
server: nginx
etag: W/"8a9a57d9c18d146019a9a91f3fa26db1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GqYhAS8BbCVDI5aFKkQ5l2M8CdcQR368
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6EKM22CkDQT7a4BKUpMSrcD2dZort5Sa644RTYq9p9HPwL5c5BsrnQ==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 45A2 365 B
1009 B 11ms
11ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:07 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
age: 5612824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Fri, 01 Jul 2022 20:20:53 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _GKDVm7cwHRbprAEZ8WoHMzXEQGGTOt2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GoTRollLK6nh1OFxZlJe1VvU2T0W-fnzskLfTue6KpBxJrcdFbFYqw==

GET
H2 200 19.c6476f9e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 45A2 88 KB
25 KB 14ms
14ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c6476f9e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bef95df7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

14a3921ddf5cdc373e9bbd88590bd4ed17cf65a4d5fb14169486227f6bd3e41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=433ed9e5-83fd-457d-a9e3-d7272d5797b2&sessionStarted=1662502930.665&campaignRefreshToken=ff786f92-6704-4d27-bc31-0c8c9dfe094c&hideController=false&pageLoadStartTime=1662502928614&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:20:22 GMT
content-encoding: gzip
age: 982909
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
server: nginx
etag: W/"577a5b4c4d4e15fe510f6e9d62882f27"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iwfAR0XWOD35qtGdWcZt_c4r2xii5fG_
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FgKcRyCYpi4hX29xcYgRKoCnzhF6TQ62Wk0DzWXJDdNwZOD_XV2aiw==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 45A2 25 B
122 B 185ms
184ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Sep 2022 22:22:11 GMT
server: istio-envoy
requestid: 52876cf7947f586
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 80
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 335ms
108ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 06 Sep 2022 22:22:11 GMT
requestid: drift32dd47148ccbaf986ef8659ac9d
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 45A2 147 B
245 B 105ms
105ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

fecc6547c58a32e5cb5cb4f7c675420c1bfaf7a1058e1da5736084578fda80b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Sep 2022 22:22:11 GMT
server: istio-envoy
requestid: 34457d92ca13b02e
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 330ms
105ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 06 Sep 2022 22:22:11 GMT
requestid: drift60b04564e7fbc76285a607561c3
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 187ms
186ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&session=1f60ca3a-07d3-49cd-8959-24da6ee75cbb&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2006%20Sep%202022%2022%3A22%3A11%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2006%20Sep%202022%2022%3A22%3A10%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222008%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&pageViewId=4e208f41-9b97-4dac-8605-3a99209eaf97&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:11 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 209ms
209ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&session=1f60ca3a-07d3-49cd-8959-24da6ee75cbb&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2006%20Sep%202022%2022%3A22%3A12%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2006%20Sep%202022%2022%3A22%3A11%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223009%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&pageViewId=4e208f41-9b97-4dac-8605-3a99209eaf97&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:12 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 183ms
182ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&session=1f60ca3a-07d3-49cd-8959-24da6ee75cbb&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2006%20Sep%202022%2022%3A22%3A13%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2006%20Sep%202022%2022%3A22%3A12%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224010%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGBYv_0F18AcCBJvF9ck6yh3fWP57laxm7hDvn_sun2KGYZHrDdKt9-dBWYz840rmZciEZrinet2KKAp3doi-eaL1nsNMWa3nQHxInfrOsHkLksmTT8mBg&pageViewId=4e208f41-9b97-4dac-8605-3a99209eaf97&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 22:22:13 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 45A2 25 B
88 B 116ms
116ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Sep 2022 22:22:13 GMT
server: istio-envoy
requestid: b140924665b3ee39
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 105ms
104ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 06 Sep 2022 22:22:13 GMT
requestid: drift098264c4bca9d57c29766aa9d7c
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.em.armorblox.com/	1970-01-20 05:48:24	Name: __cf_bm Value: Vl3LAhdFVJREM_cb_VKd2_S0KTkaxM4nnk7rjhdoH4g-1662502928-0-ARV09CHn3QvSrzYpmUwuU8GK96rpSFaG3ji9OJV601Uyn0poap8VXBnE/Pfm7d6EH+pFHqXa1u4zsTWCkiroLiY=
.armorblox.com/	1970-01-20 07:57:58	Name: _gcl_au Value: 1.1.177903264.1662502929
.armorblox.com/	1970-01-20 15:24:22	Name: _mkto_trk Value: id:176-XMJ-030&token:_mch-armorblox.com-1662502928937-88305
.armorblox.com/	1970-01-20 14:33:58	Name: _biz_uid Value: ddc7c1df9b80478bf9f19f68f457a7ae
.armorblox.com/	1970-01-20 05:48:24	Name: _biz_sid Value: 5b7a98
.armorblox.com/	1970-01-20 14:33:58	Name: _biz_nA Value: 2
.bizible.com/	1970-01-20 14:33:58	Name: _BUID Value: ddc7c1df9b80478bf9f19f68f457a7ae
.bizibly.com/	1970-01-20 14:33:58	Name: _BUID Value: 2f7b9c835b3b65726ad7812423078858
.bidr.io/	1970-01-20 15:16:56	Name: bito Value: AAMR1k7GL5AAAA_53ipYvA
.bidr.io/	1970-01-20 15:16:56	Name: bitoIsSecure Value: ok
.linkedin.com/	1970-01-20 06:31:34	Name: UserMatchHistory Value: AQKcrTNYWpHdAQAAAYMU5YKHsLNUd_eGR6Kn3STtiRW9tgOMQ0IZl6MvwnmhJnwEc8ZEm3kPbnW2xA
.linkedin.com/	1970-01-20 06:31:34	Name: AnalyticsSyncHistory Value: AQI57RAa4Rj7SAAAAYMU5YKHOMYrQvykvDRmeths17P3F5Et6krn1tMf7F3Nsum0w_g4J75iE2bAFBocLgD3WQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:33:58	Name: bcookie Value: "v=2&9d844f62-705d-4f87-83e8-b7d2969667b2"
.linkedin.com/	1970-01-20 05:49:49	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2377:u=1:x=1:i=1662502929:t=1662589329:v=2:sig=AQFUZusY7bGJSTIcUD4SatX-zPxjwShq"
.armorblox.com/	1970-01-20 15:24:22	Name: _ga Value: GA1.2.1536746525.1662502929
.armorblox.com/	1970-01-20 05:49:49	Name: _gid Value: GA1.2.1842630909.1662502929
.armorblox.com/	1970-01-20 05:48:22	Name: _dc_gtm_UA-103936869-1 Value: 1
.armorblox.com/	1970-01-20 14:33:58	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.armorblox.com/	1970-01-20 14:33:58	Name: _biz_pendingA Value: %5B%5D
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:33:58	Name: bscookie Value: "v=1&2022090622220951b34c39-d528-45a6-8fb8-7da6e473f103AQFKEro-Ir81s4KWyhYCJCWXOlf4xIW3"
.linkedin.com/	1970-01-20 10:07:34	Name: li_gc Value: MTswOzE2NjI1MDI5Mjk7MjswMjEZRanh54tnv431JB9eab+Zc/WnHbyR4p7UP38BLwDgDQ==
www.armorblox.com/	1970-01-20 05:58:27	Name: _an_uid Value: 0
www.armorblox.com/	1970-01-20 15:24:22	Name: _gd_visitor Value: be0f1244-217b-4e5f-8dc3-347fa17c8b6e
www.armorblox.com/	1970-01-20 05:48:37	Name: _gd_session Value: 1f60ca3a-07d3-49cd-8959-24da6ee75cbb
.ws.zoominfo.com/	1970-01-20 14:33:58	Name: visitorId Value: addc2be6cf2a1eeb052052813c1c8d759200e85749dcd80cbe2a9f24bab03994
.zoominfo.com/	1970-01-20 05:48:24	Name: __cf_bm Value: ibp4IiqJO9JCVgkJFjjkvbwhDKeSnoz8KRyslwzFkQY-1662502929-0-Ae3gyPLrURfFtikNgPlpuUlCjTAeTAYVdhNjPkoNbUX3la6EpuzCCfU4O+sNljmWMtrsTu8ZSRvDFq1iEnI4nhs=
.doubleclick.net/	1970-01-20 15:09:58	Name: IDE Value: AHWqTUk8OQOqeIwBYu9c0sy2c49Ac36NQBZcqGhrBxOxlYjMVZr8hVA1Lz8_lJeg
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: XiEktnDpeTk
.youtube.com/	1970-01-20 10:07:34	Name: VISITOR_INFO1_LIVE Value: uZFLvILxmjg
.app-sj27.marketo.com/	1970-01-20 05:48:24	Name: __cf_bm Value: .ob.Uuu6gKhE5_ArXZnWYoc49eaG_2yBZLKc.eRA6xM-1662502929-0-AUSlGZ0LbkIz6Ac9gCQQw3sJE4RnbtmpOZ7w1LZLwtda1QO0C0H4NbwNjTTlEEJaPLZsSN1iScDdY54ttrcqJuI=
.6sc.co/	1970-01-20 15:24:22	Name: 6suuid Value: cbd5ce17a73e000011c8176339030000cd6b5c00
.armorblox.com/	1970-01-20 07:57:58	Name: _fbp Value: fb.1.1662502929902.1068352600
.agkn.com/	1970-01-20 14:33:58	Name: ab Value: 0001%3AXy9ktf%2BnJtRC36LTfwEkvmkfZgEAz0%2B7
.agkn.com/	1970-01-20 14:33:58	Name: u Value: C\|0AAAAAAAAKqqEkgAAAAAA
www.armorblox.com/	1970-01-20 05:48:24	Name: drift_campaign_refresh Value: ff786f92-6704-4d27-bc31-0c8c9dfe094c
www.armorblox.com/	1970-01-20 15:14:18	Name: _pk_id.317.04e9 Value: ab78b39b8741d451.1662502931.
www.armorblox.com/	1970-01-20 10:11:10	Name: _pk_ref.317.04e9 Value: %5B%22%22%2C%22%22%2C1662502931%2C%22https%3A%2F%2Fem.armorblox.com%2F%22%5D
www.armorblox.com/	1970-01-20 05:48:24	Name: _pk_ses.317.04e9 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGBYv_0F4VxKLYT_lbXNIDOMiNgPFTB7DXp-V3FIu9LeOwsHrVgm48_jpqr1ZkKWlLo50c3hO7dmcxeUas= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network	error	URL: https://id.rlcdn.com/711861.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-OqCu8VxxjVWv5S5KT0VEk1Hu5ti8hAxZJJNK3KzIhKs=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

176-xmj-030.mktoresp.com
aa.agkn.com
analytics.humanautomation.ai
aorta.clickagy.com
api.storyblok.com
app-sj27.marketo.com
assets.armorblox.com
b.6sc.co
bootstrap.api.drift.com
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
connect.facebook.net
d.agkn.com
em.armorblox.com
epsilon-cloudfront.6sense.com
googleads.g.doubleclick.net
hemsync.clickagy.com
id.rlcdn.com
insight.adsrvr.org
j.6sc.co
js.driftt.com
metadata-static-files.sfo2.cdn.digitaloceanspaces.com
metrics.api.drift.com
munchkin.marketo.net
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
secure.adnxs.com
segment.prod.bidr.io
snap.licdn.com
stags.bluekai.com
stats.g.doubleclick.net
tags.clickagy.com
use.typekit.net
ws.zoominfo.com
www.armorblox.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
104.16.94.80
104.17.74.206
13.107.42.14
142.250.185.66
143.204.215.12
152.195.15.58
18.195.201.66
18.213.137.21
184.73.246.234
192.28.147.68
205.185.216.10
23.205.237.4
2600:9000:2057:3600:f:71f1:7280:93a1
2606:4700::6810:650c
2606:4700::6812:1ecd
2620:1ec:21::14
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:14a0
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d014:275:cb02:66df:50b:6e56:a6bf
3.94.218.138
35.244.174.68
35.71.131.137
37.252.173.22
44.205.92.219
50.16.7.188
52.210.69.134
52.59.153.178
65.9.66.109
69.192.160.219
96.16.137.162
99.86.4.74
0128ea44bc576958fb5fae7170ba6ff223ade2bc2526a4e650edd99fba94f92c
031d80ef7e88e01ae16a5e2e59ce168bc31fec81be6aa8ac388d7213d37c3da5
03f8a6e311621073ef87440db078abf904e8b830e51fa2a39188ce5915531e68
04f9098825e7c5644552ed96fd1e01bba9bd0c074784d085108ffcc889c06f56
05fd3f7ca9e58167b3322b6b18b6558c169422c0b04710d9d05c12181d51fca2
08f2c07d0512cf4fded20fafb75e78d1ec3f9f40b739c1c04a72f18566c762a1
09b1ebea3f3c5a5dbbb80550b44130fede081550ad8551bcc5565c96189951f8
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ee5091c35376aa345da655824705ec9d889d371c6233f12730faf5606681dfc
104b3b7789907824616f621adfa53b3bff76345ba4eca8710597afa864ee97aa
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
132e0a9dd6275c5353db596f5fec132a5120ff9ad39ab3d27eb4e7ad2b7f9a26
1408a58e72cc108539e01e626e09a19297144341502dedebd8e18303b81d630a
14a3921ddf5cdc373e9bbd88590bd4ed17cf65a4d5fb14169486227f6bd3e41c
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ce5dc4d7098d860c1e272401aff9bcf207a0827f049037fe5b0a8f8e712a277
1d974f1e1e970e41c63cb0e33398d884db88acac2ba98ec8b9a8df204fd310fc
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
276ce26603da0a4bf9d16f692e149734aa6a26eb4e56885938cd8c5582c6d423
2bc74d8ac684c2c07dc2c4c8d3df18d6f350631954a49fb342eac5aa13dda267
2c889357a4fb8053f39e4bb64bceead692b515108466b99160120735d40946a4
2c8f7baebc0c5e938fb7db6f78d117f087fddbcb2953ef9d58fa13b92110bd53
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32626949417e1e5f0a910740e6d8dce52bc42f2808aa774007c13d70947b0b0c
376c16c0f5598f8c744c19291f060232fd0bfa3cd685e7bdbedb5bd1d5779c56
3a808a0d38265362afe28171f6ea9eafcd29fe350d2fe54418ca4b9f593707d0
3cb45867ace25baa1d6bcd56d05739fa8733cbadd9959fb33c2c038037a8742d
4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce
419d5ecfd20d6ad6858522bc4272eba8ec12100c41c7fb4c16af21a2b12b9770
41be1e5d726d33f48ddde6e069e3591296761299805c28778670ffdb911be3bc
42a8f795eb7183f35ebfa83536ce0c6bac400c532157b6cd0551ab3952ade5b9
44c9f5c2ef482cd0f04a211388a69a200e332f270d5dde8e34dcad6f7c537ac5
46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7
47d0606aac29b8e5df0845350e3fec479cc51387efb7fef9b3c7bb181b8c7a1c
4ba81582f70da9691ebe6c16cc8cfcbb261d6288349e6529afc1acf93cf8b5a0
4dbd2d6a9d8933cdd26df1809257010c691bdedc772dd8287e26cdd8963ccbca
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
507670a9c3b08c1e6a5ee1657bac6d0deb7862accb1ff090c2050b70104192c3
531b92c4a3853318bd939dfcbf763e0d9441e52a54b821f7b6040b4fb4a1c7f0
5571f1943dcc57dfed00e9e8c9bcd1588d1b9eccceb9c9472219167cdad0e933
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57b4f7d353f02bf2f061070ff0bc22669826f5befe1f18588e2b378a52c2bc53
58fb907b1dae335e344d5701d74c333a4a4792f9c7a83789e02f02089d199168
59a73ec19a6bedd8415c972674adc1f24a9b785ebbe28b6b49b571c02ba227f7
5ae51715f171353bce36ceb68d3a42a1fd3b482f90f1bb8015e96249703a3d0b
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5b6f9abbe03119dc36e88acddcb8e50d8522352723c5fd5f1e6c0c3426b4ff5e
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e206d921645cdd77ae1c4fb411bf3d04032d350cddadeb6888dd566ae1d5095
61f370d8b0f37f7515730401a7f1043447899225ce45ff4e55f878696511f186
672eff660abe4418afe333b3314d7145f844762d61b7b2b340f99c71775d7dfd
69cfe560c661ae2490a09bf649281719192c44e84d50b981636eb02dfb6bb3f1
6a8f5d3db22e41774d495f5590e386c65e45ee9d6e3019ade87e5a5f9eadf5b0
6b2c465f4a692eb9a1d02b3d5145972f4b47d52984606049331adc0813e48387
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
6d0decb208aacc8efe0fe00dc6abc7f7757cbc322c67b3502405372f7c76f454
7001ada63b35c370c5c207ef8c85d0ae5bd79c826599f1d2bc36de67a6531ea9
7186667a162c9e21b7932996c559c2a4451b1460ce4330f81abcd487c094f906
71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211
745b1d42a7824f889c4e4b453e2e76802c64753d29747d484b079c76f6868f6d
78a0c246d0f89264c120505dc030b7aeb15c8290b4025c27054b7103af03f1a3
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
78df6e891c6153241987a2beb3ae39271274a094c36de4922cdc69a23b4811b2
792506c76d7f282c24ae785c306e1027e4238d09ffdd2c33df7a6cbb5fe4e43b
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8534026f857e6cae6d883e0b91a3c4153990d691cc0298b47fee02adc5e58779
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8683eb483faa2ba096b88b51024bee89996afc3d535851c25c0f3048c6ce1fc3
8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d
89bedf9a0b818f5271c43462a30b5574c4dc36f2c79838902d03f005be824c0d
8a856136ed58b366d191b7ce610961d832cfa6425dc907063aa3ead0813be7ab
8bafd70b875a4328d6ac081d194f9662da21024454676cf166858d14116df322
8bcc8bb2f2e6001f7731f1b972e939012587a465345af843c6ab9a9c461aeb8b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eefeea093168e2e7c715358344b72d9aaf8815d2deb320dcaa934e4d51eb147
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
92077f7154fedc3384240177f2926bf3a2d035d45302cd8972f290ff657bca0e
999d9ca331f16ca884f732f9c6d9727a63bc4bb17346af46707f80c852652de7
9a955a830fe4c3916de9ff562a0b8b315e40a862dadd9e456b3266ebb1131497
9ab17804e34a235e778a2fcad45aac8737900071ecc51aeb9b944942faddb8a7
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
9f036563446cf05e238dc8eba66197fd0e3acd75f906eb7417760b847a71699c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3fe3e3fa4d472012211a457c748c8e0d9428b9515990f3b02e487e0355ae9f5
a58dbc67f90f6006af9638b454c3cc2d65cc7125947095587ea7c4b372b11aeb
a88cd5d2766532b8d722540581011ad2fe22441f7ec0db584d86dea3787f2fa9
ab5b53f9f458bac6646c9e4066f24da04cbffcf63c247ef370f2674c545598bc
ab6f19b1c8929b99d3725f9d7688325dfaa743613fd72cd4dc67ef0ceb50d34b
ae67e45cd6461f3b5066ec7092c7b75d782741091fe7d7a852f09090a41bb470
af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0e74f11cbda175479b1a9303c7fd4b5e88b73f1e5ee3dd6a9d353e7b00d0402
b18d121835cf2154f365b4d22c28ee2158878fa79c3f550b603994b75947cd1d
b3d5b4be6e7a2889c7f7b173472375ce3b2da6033948af5a4484bb7530f06552
b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b726950d58a01f4ff987fc29a610f871b1055f749185e626a4b1916f968f1bb5
b75d669453c5377eebafda19b9ae0b4583853a06a5ba817fad8174adacf7fe69
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b8eef39219651c2e824894e8f8d35742e86021c1a556136fb6ffc5e1169bccbd
baea9398b8d979a13e8ab5f7f9cf0947138ff7ca6f33b85fe6d4be4d24164243
bc1365163acf680a1f6034ea4ffb60b748a7a71ebee3d911989771b4962486d3
c103627751ca38778b802e130cfa523aa0fb47552fada36f9cafca65dc8bf7e8
c23519201b5019c6af7edebbecea4347a99cbb0d682449ac24aba9cd2f3cab11
c47885d909730a86362cf3a01eeeedaaf143ab5795d038ffe7c8f5c2481a2eb1
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
cb17ab922f4d5724f0a90ff0115610a966674e21428fa20b089f496a21cdf71d
cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de
cd17c503ff52240716f40375536f8b03e2c8cb29ac5db8dabd6097ffd04821b4
d0b8a9530fe420d782e19330e0f0efa1063be86f3ddb516908afcd3ae653ac5f
d3383dd19ed9aad4099c7b406339e82c23385d4d015eba91ec048bbdb8051f25
d3629679a7b8c5d0d6af84a5aca6ef0e8fb7f966b39c6a64cd584dbeef2ca5ce
d448922e5f8ed3b2a45beeecd2c8667699df8627efa96d61777212459cb75c61
d65de87105aa9fe774e1fb4322529cd2ad2718e7387afb70e51b870cbf23b571
d6e1f1518d6e544f11c88d50c1afa409cc1975741ef6e62aba3404b02e8ea36e
da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c
da6baf66efe6b0bb10d5d61ce8ada7cb407b08176adbdbc83fc2c24603a335b1
daa698c8bbff0f8896f590e544f06c470d03af0dc6d7ecdec4b98e5f6580df5f
dba17f1b29b3b3637d709f951023ea1655b08c6b4f40fd612c5e927ba72829fa
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6
dec242252fc47bcb570398d348fb210a95b8d6bb35212b95fe6025bdd4cc0753
e079894f0fbf15f3eaa5d999e208a2604f5ea85e7e3790013b1e990e01dcf0dd
e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e416bac21f51ef7a9aa172a4c2f761846cb36fe6ae55b6439a6db80b3ff548ad
e4a3280211b5fd200c4d4d043763886820517771353f9fef82a88c52ab5855a7
e6789c3f84cf8ba2b48b19823374f0d9baca681c29b2480eb62565ec0cd34e73
e833fbc02878a06d85aa9e8378e939c676f085fbe2d7d385c85450538bfcbc92
e9157bb9aec01610d3ad09a20de06d6757eaa9b5de052957cc5738778ff27c8e
eaf1df68503e4437806bb51d28eefe54beeebdf13684a25f2d6a9a86ee96dc32
eba72b1c1e3e44d5dabff914f59eb15876ae97cef296ddee4afe4821a54f2633
eba79f3ade6bfeaad4dce07a5fd9a936f4f9910d20504262856e4ff3fab9e9c8
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
edc6475a76eaa61e6c169cfb7bc233e617fb7322904a194355fcbd7e34e61f41
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9784347baaf9329877b3e77ac494af29d42a9df0944d53cb677bbb2daeb89d
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f78f03c76e2d4bc33181242fa874eb1864fd893a0220c67c3c921173ccebaa5f
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
faf4b0ce76a2c2f770d1bbe0d58ec28708372f389199ae21171904aa123802fa
fb0d3c853b1ace6ba4878f1e6583a6db4f4b2760001381e52aeda1dc18a61fe2
fb54ec2c7611cd695804c36982789e9595d5bd6bdfee1571e7918485eb82c4f2
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe62ffc3dd7627c8b0d34b70fe45c7b14dd38c89c66cca13b2e4c71360e42e91
fea6499767f3478ff2effc74c96178f6a602bda3f86257b2fd49772ab32b77bb
fecc6547c58a32e5cb5cb4f7c675420c1bfaf7a1058e1da5736084578fda80b2

www.armorblox.com Open in urlscan Pro 2a05:d014:275:cb02:66df:50b:6e56:a6bf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

219 Requests

98 %HTTPS

40 %IPv6

33 Domains

45 Subdomains

38 IPs

5 Countries

7224 kBTransfer

16354 kBSize

40 Cookies

6 Outgoing links

Page URL History

Redirected requests

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.armorblox.com Open in urlscan Pro
2a05:d014:275:cb02:66df:50b:6e56:a6bf Public Scan

Screenshot
Live screenshot

Full Image

219
Requests

98 %
HTTPS

40 %
IPv6

33
Domains

45
Subdomains

38
IPs

5
Countries

7224 kB
Transfer

16354 kB
Size

40
Cookies

219 HTTP transactions
3 data transactions