www.recordedfuture.com Open in urlscan Pro
104.18.13.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.recordedfuture.com/e2t/tc/VVVHpF6N3qMRW6Y7n2268G12CVNrtzX4sGtZ8N80643c3lGn5V1-WJV7CgCSmW3161qm1RT-skW74HRjq448894W2...
Effective URL:
https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmw...
Submission: On June 11 via api (June 11th 2021, 12:50:17 am UTC) from SG

Summary HTTP 282 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 47 IPs in 3 countries across 35 domains to perform 282 HTTP transactions. The main IP is 104.18.13.124, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.recordedfuture.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 23rd 2021. Valid for: a year.

This is the only time www.recordedfuture.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:2c40::c7... 2606:2c40::c73c:6702	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
55	104.18.13.124 104.18.13.124	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:dfcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.59.220.193 185.59.220.193	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.199.111.153 185.199.111.153	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	104.111.233.140 104.111.233.140	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211a:fa00:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
76	143.204.98.70 143.204.98.70	16509 (AMAZON-02) (AMAZON-02)
18	62.113.194.12 62.113.194.12	47447 (TTM) (TTM)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	50.16.226.23 50.16.226.23	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	52.59.167.155 52.59.167.155	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
13	52.34.133.113 52.34.133.113	16509 (AMAZON-02) (AMAZON-02)
2	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
17	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.2.13 13.32.2.13	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
3	185.59.220.194 185.59.220.194	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	52.2.107.241 52.2.107.241	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
282	47

7 2606:2c40::c73c:6702 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 104.18.13.124 (United States)

ASN13335 (CLOUDFLARENET, US)

www.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:dfcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.59.220.193 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-193.datapacket.com

cdn.materialdesignicons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.111.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com

kenwheeler.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.111.233.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211a:fa00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

76 143.204.98.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-70.fra50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 62.113.194.12 (Schleiz, Germany)

ASN47447 (TTM, DE)
PTR: edge-481.b-cdn.net

load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.226.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-226-23.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.167.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-167-155.eu-central-1.compute.amazonaws.com

recordedfuture.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.34.133.113 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-133-113.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customer.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flow.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.2.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-13.vie50.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients6.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-194.datapacket.com

media.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.107.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-107-241.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
76	driftt.com js.driftt.com	775 KB
62	recordedfuture.com 1 redirects go.recordedfuture.com www.recordedfuture.com	2 MB
34	sumo.com load.sumo.com sumo.com media.sumo.com	641 KB
19	drift.com metrics.api.drift.com customer.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com flow.api.drift.com	6 KB
15	6sc.co j.6sc.co c.6sc.co b.6sc.co	19 KB
9	hubspot.com no-cache.hubspot.com cta-service-cms2.hubspot.com track.hubspot.com	183 KB
8	google-analytics.com ssl.google-analytics.com www.google-analytics.com	71 KB
7	googleapis.com fonts.googleapis.com	4 KB
4	gstatic.com fonts.gstatic.com	57 KB
4	google.com www.google.com clients6.google.com	322 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
4	facebook.com www.facebook.com graph.facebook.com api.facebook.com	1 KB
4	matomo.cloud cdn.matomo.cloud recordedfuture.matomo.cloud	121 KB
3	google.de www.google.de	278 B
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
3	twitter.com 1 redirects platform.twitter.com analytics.twitter.com	849 B
3	googletagmanager.com www.googletagmanager.com	124 KB
2	nr-data.net bam.nr-data.net	464 B
2	t.co t.co	282 B
2	ads-twitter.com static.ads-twitter.com	4 KB
2	facebook.net connect.facebook.net	98 KB
2	cloudflare.com cdnjs.cloudflare.com	5 KB
2	materialdesignicons.com cdn.materialdesignicons.com	212 KB
2	unpkg.com 1 redirects unpkg.com	5 KB
1	imgix.net driftt.imgix.net	6 KB
1	driftcdn.com embeds.driftcdn.com	11 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	ipify.org api.ipify.org	214 B
1	hs-banner.com js.hs-banner.com	15 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	licdn.com snap.licdn.com	2 KB
1	hs-scripts.com js.hs-scripts.com	862 B
1	github.io kenwheeler.github.io	1 KB
1	hscta.net js.hscta.net	4 KB
282	35

	Domain	Requested by
76	js.driftt.com	www.recordedfuture.com js.driftt.com
55	www.recordedfuture.com	go.recordedfuture.com www.recordedfuture.com
18	load.sumo.com	www.recordedfuture.com load.sumo.com
13	sumo.com	load.sumo.com
13	b.6sc.co	www.recordedfuture.com
7	fonts.googleapis.com	www.recordedfuture.com js.driftt.com
7	go.recordedfuture.com	1 redirects
6	targeting.api.drift.com	js.driftt.com
6	metrics.api.drift.com	js.driftt.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.recordedfuture.com
4	fonts.gstatic.com	fonts.googleapis.com
4	cta-service-cms2.hubspot.com	js.hscta.net
3	media.sumo.com	load.sumo.com
3	track.hubspot.com
3	www.google.de	www.recordedfuture.com
3	www.google.com	www.recordedfuture.com
3	www.googletagmanager.com	www.recordedfuture.com www.googletagmanager.com
2	flow.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	customer.api.drift.com	js.driftt.com
2	bam.nr-data.net	js-agent.newrelic.com
2	analytics.twitter.com	platform.twitter.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	t.co	www.recordedfuture.com
2	px.ads.linkedin.com	2 redirects
2	www.facebook.com	www.recordedfuture.com connect.facebook.net
2	recordedfuture.matomo.cloud	cdn.matomo.cloud
2	ssl.google-analytics.com	go.recordedfuture.com www.recordedfuture.com
2	static.ads-twitter.com	www.recordedfuture.com www.googletagmanager.com
2	cdn.matomo.cloud	www.recordedfuture.com
2	connect.facebook.net	www.recordedfuture.com connect.facebook.net
2	cdnjs.cloudflare.com	www.recordedfuture.com
2	cdn.materialdesignicons.com	www.recordedfuture.com cdn.materialdesignicons.com
2	unpkg.com	1 redirects www.recordedfuture.com
2	no-cache.hubspot.com	www.recordedfuture.com
1	driftt.imgix.net	js.driftt.com
1	api.facebook.com	load.sumo.com
1	graph.facebook.com	load.sumo.com
1	clients6.google.com	load.sumo.com
1	bootstrap.api.drift.com	js.driftt.com
1	embeds.driftcdn.com	js.driftt.com
1	js-agent.newrelic.com	www.recordedfuture.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	px4.ads.linkedin.com	www.recordedfuture.com
1	www.linkedin.com	1 redirects
1	api.ipify.org	www.googletagmanager.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	platform.twitter.com	1 redirects
1	c.6sc.co	j.6sc.co
1	snap.licdn.com	www.recordedfuture.com
1	j.6sc.co	www.recordedfuture.com
1	js.hs-scripts.com	www.recordedfuture.com
1	kenwheeler.github.io	www.recordedfuture.com
1	js.hscta.net	www.recordedfuture.com
282	56

This site contains links to these domains. Also see Links.

Domain
support.recordedfuture.com
app.recordedfuture.com
go.recordedfuture.com
aws.amazon.com
recfut.force.com
geminiadvisory.io
www.reuters.com
www.washingtonpost.com
theintelligencefund.com
id.recordedfuture.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
go.recordedfuture.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.recordedfuture.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-23` - `2022-02-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
cdn.materialdesignicons.com R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
cdn.matomo.cloud Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-04` - `2022-05-04`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.matomo.cloud R3	`2021-04-12` - `2021-07-11`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-21` - `2022-04-10`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
media.sumo.com R3	`2021-05-23` - `2021-08-21`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
Frame ID: F8D76AD50AFD12DBE9D2B80C95C82945
Requests: 191 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
Frame ID: 06BCD8D666F4C9508090D063165CEC55
Requests: 45 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat
Frame ID: A1D88B07B75CA730D66C63365C0B1058
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.recordedfuture.com/e2t/tc/VVVHpF6N3qMRW6Y7n2268G12CVNrtzX4sGtZ8N80643c3lGn5V1-WJV7CgCSmW3161qm1... Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VVVHpF6N3qMRW6Y7n2268G12CVNrtzX4sGtZ8N80643c3lGn5V... HTTP 307
https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

282
Requests

100 %
HTTPS

59 %
IPv6

35
Domains

56
Subdomains

47
IPs

3
Countries

4941 kB
Transfer

13776 kB
Size

22
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: http://support.recordedfuture.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://app.recordedfuture.com/live/login/
Title: Sign In

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/demo
Title: Get a Demo

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/marketplace/seller-profile?id=0e798044-1f43-48fa-8621-cf2207e7e204
Title: Learn More

Search URL Search Domain Scan URL

URL: https://recfut.force.com/partnerportal
Title: Partner Portal Log In

Search URL Search Domain Scan URL

URL: https://geminiadvisory.io/who-is-darkside/
Title: click here

Search URL Search Domain Scan URL

URL: https://geminiadvisory.io/ransomware-the-new-cost-of-business/
Title: public report

Search URL Search Domain Scan URL

URL: https://www.reuters.com/business/energy/ransom-group-linked-colonial-pipeline-hack-is-new-experienced-2021-05-09/
Title: Colonial Pipeline ransomware attack

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/business/2021/05/13/gas-stations-await-relief-panic-buyers-while-colonial-pipeline-restores-service/
Title: beginning to restart

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/cs/c/?cta_guid=bfb042c4-2edc-4f3e-b748-d104f601ac33&signature=AAH58kFewJ-o_c2zojDxwovhzAezE4LBwA&placement_guid=9210833d-34a7-4597-ade0-03e16dcbc24c&click=6b6280b9-428a-4d7f-ba95-490fa5cd41fc&hsutk=b7289097c5e628e0b34b92bfcd48013f&canon=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F&portal_id=252628&redirect_url=APefjpEcGxzFiR6EqPX46UOdU4QEDmY2-Y3xQpsEixXCVDcPEaIMKAqGF7fbdPnSBb7fK0jQKeq0n2e76wdy0uRgAtlL0jlfLeWTZ4fsUdgBl6BqfEn1gqpNHFQvQlRPNDyCA-YZM0dT9PXP_yTqztpLHvAfm-qvVXfY9l8hoiN4VIkiml4xo9qyFmaUgHrIUDzhsHZdUVxXT1P05ukTKNyEWVKUrxnLo-ot8DtOGpBp0PJ5Y4QZNFndYMshkgIzK4KdFjHJ1n1yp4XZAM03ZBr0IpMfFMgxYA&__hstc=57501621.b7289097c5e628e0b34b92bfcd48013f.1623372599792.1623372599792.1623372599792.1&__hssc=57501621.1.1623372599793&__hsfp=2736934676
Title:

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/cs/c/?cta_guid=2e21fef8-db34-4568-83d3-81489939d16f&signature=AAH58kEO7Mkc-CQsSJYexZMSkT3j1hLmbA&placement_guid=a7fb8b5c-b14d-4030-a76d-26dbc96ab43b&click=c5e3d4d5-ed4e-4024-92dd-7f0da049a208&hsutk=b7289097c5e628e0b34b92bfcd48013f&canon=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F&portal_id=252628&redirect_url=APefjpGSj4b2G57Gn6tK4qW-nBJT3S3yQrAZq8rySfw_MPdR-SDYC6jFrB57lyjqmsXYCum6OSy7sCdwkEvYtb7zhwQdewUmTMPpk6YOweff-Ou1bRKQZRyqBta2iPLjmJoWRtJyqQMbUM2xyzrPXyiUdI-6L_mmCBoe5NJiOb1e3yqSObSNOO0ue-_gXhRWRiG8WrH7MOyCtQhV-M3GKCPtL05wiL4g45OQjKohBUXHeQ9Gz9Co0Vq1mvmHN9NQgG5FsaZWg_QO5joQmxW3MR5pDyelsD4H2w&__hstc=57501621.b7289097c5e628e0b34b92bfcd48013f.1623372599792.1623372599792.1623372599792.1&__hssc=57501621.1.1623372599793&__hsfp=2736934676
Title:

Search URL Search Domain Scan URL

URL: https://theintelligencefund.com/
Title: The Intelligence Fund

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/cyber-daily
Title: Cyber Daily

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/book-3
Title: Handbook

Search URL Search Domain Scan URL

URL: https://id.recordedfuture.com/login?request_id=eyJpZCI6IjI3OTY0N2RhLWRmNDctNDJmNC1hM2FjLTM5MTM3NTQ1MmQ1NiIsImNsaWVudF9pZCI6InBvcnRhbCIsInJlc3BvbnNlX3R5cGUiOlsiY29kZSJdLCJzdGF0ZSI6IjZ3MUszdFlwNEhaNSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vYXBwLnJlY29yZGVkZnV0dXJlLmNvbS9yZi9hcGkvdjEvbG9naW5fY2FsbGJhY2siLCJzY29wZSI6WyJlbWFpbCIsIm9wZW5pZCJdfQ==
Title: Sign In

Search URL Search Domain Scan URL

URL: https://support.recordedfuture.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RecordedFuture
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/RecordedFuture
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/recordedfuture/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/recorded-future/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/RecordedFuture
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.recordedfuture.com/e2t/tc/VVVHpF6N3qMRW6Y7n2268G12CVNrtzX4sGtZ8N80643c3lGn5V1-WJV7CgCSmW3161qm1RT-skW74HRjq448894W2yTscv8TSX0gW7jQv9Q5Wtzg3W7tpW4-15pd2GW8-L_jQ426d99W6y45X-3Fc0f7W4kG_Xr7qHV8gW6thBM_8YmD14W58Yx018r9Lb-W8MjRST7jFTk9W1Tq52W21R9WWW3bXZ178lXYQCW1p71MG3hWjD1W2hTHX27Vc4ZLW1NH_6s6slQx_VKqqxv64bkDPW1Ns4Pp84-gdMW4hTr0p8j4yMtW64sKZC220VLGW2mP11p4CkmmKW6R53Ng7J8QJlW8-qPWN1c4JDcW7VPDbD5fw1wY3dRg1 Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VVVHpF6N3qMRW6Y7n2268G12CVNrtzX4sGtZ8N80643c3lGn5V1-WJV7CgCSmW3161qm1RT-skW74HRjq448894W2yTscv8TSX0gW7jQv9Q5Wtzg3W7tpW4-15pd2GW8-L_jQ426d99W6y45X-3Fc0f7W4kG_Xr7qHV8gW6thBM_8YmD14W58Yx018r9Lb-W8MjRST7jFTk9W1Tq52W21R9WWW3bXZ178lXYQCW1p71MG3hWjD1W2hTHX27Vc4ZLW1NH_6s6slQx_VKqqxv64bkDPW1Ns4Pp84-gdMW4hTr0p8j4yMtW64sKZC220VLGW2mP11p4CkmmKW6R53Ng7J8QJlW8-qPWN1c4JDcW7VPDbD5fw1wY3dRg1?_ud=137934bd-0985-4c50-9657-53c3fcee0d95&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://unpkg.com/aos@2.3.1/dist/aos.js?ver=3.6.4 HTTP 302
https://unpkg.com/aos@2.3.1/dist/aos.js

Request Chain 86

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 98

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1623372598678&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D26800%26time%3D1623372598678%26url%3Dhttps%253A%252F%252Fwww.recordedfuture.com%252Fdarkside-colonial-pipeline-breach%252F%253Futm_medium%253Demail%2526_hsmi%253D133017140%2526_hsenc%253Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%2526utm_content%253D133017140%2526utm_source%253Dhs_email%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1623372598678&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1623372598678&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&liSync=true&e_ipv6=AQIruQzSPnyQzgAAAXn4jBAx1x7OsmFWzGSdqwbOztVJ4M7NbOS1wXkWYxb-esrJgOdh1hJd

282 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVVHpF6N3qMRW6Y7n2268G12CVNrtzX4sGtZ8N80643c3lGn5V1-WJV7CgCSmW3161qm1RT-skW74HRjq448894W2yTscv8TSX0gW7jQv9Q5Wtzg3W7tpW4-15pd2GW8-L_jQ426d99W6y45X-3Fc0f7W4kG_Xr7qHV8gW6thBM_8YmD14W58Yx018r9Lb-W8MjRS... Show response
go.recordedfuture.com/e2t/tc/ 9 KB
3 KB 49ms
49ms Document
text/html 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/e2t/tc/VVVHpF6N3qMRW6Y7n2268G12CVNrtzX4sGtZ8N80643c3lGn5V1-WJV7CgCSmW3161qm1RT-skW74HRjq448894W2yTscv8TSX0gW7jQv9Q5Wtzg3W7tpW4-15pd2GW8-L_jQ426d99W6y45X-3Fc0f7W4kG_Xr7qHV8gW6thBM_8YmD14W58Yx018r9Lb-W8MjRST7jFTk9W1Tq52W21R9WWW3bXZ178lXYQCW1p71MG3hWjD1W2hTHX27Vc4ZLW1NH_6s6slQx_VKqqxv64bkDPW1Ns4Pp84-gdMW4hTr0p8j4yMtW64sKZC220VLGW2mP11p4CkmmKW6R53Ng7J8QJlW8-qPWN1c4JDcW7VPDbD5fw1wY3dRg1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc94aab8ba80b2ab11788ebbc5b1eb02496186b89a63dba4a8289f50c53b05fb

Request headers

:method: GET
:authority: go.recordedfuture.com
:scheme: https
:path: /e2t/tc/VVVHpF6N3qMRW6Y7n2268G12CVNrtzX4sGtZ8N80643c3lGn5V1-WJV7CgCSmW3161qm1RT-skW74HRjq448894W2yTscv8TSX0gW7jQv9Q5Wtzg3W7tpW4-15pd2GW8-L_jQ426d99W6y45X-3Fc0f7W4kG_Xr7qHV8gW6thBM_8YmD14W58Yx018r9Lb-W8MjRST7jFTk9W1Tq52W21R9WWW3bXZ178lXYQCW1p71MG3hWjD1W2hTHX27Vc4ZLW1NH_6s6slQx_VKqqxv64bkDPW1Ns4Pp84-gdMW4hTr0p8j4yMtW64sKZC220VLGW2mP11p4CkmmKW6R53Ng7J8QJlW8-qPWN1c4JDcW7VPDbD5fw1wY3dRg1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:56 GMT
content-type: text/html;charset=utf-8
cf-ray: 65d6d7a89c1c0601-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0a9a251d6300000601b42e7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 03752e80-a283-4257-af84-b724a08cc4cb
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Zl%2FuzM1KwytJYsVG0r%2F3YIJdbmBXPo6NezPoqsBD5eHdB9A4guuK1Jd0BPgVFsxS9qhAwj9kk24bGbsrau3XwSHnTI%2BsQl41uDtTGjMfojGIJKTQMGw35CgpA95AJNmMZlNhqmj4r4P1ZJ80OHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=bd12574566559d48bc010022903950f27598b9b9-1623372596; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.recordedfuture.com/darkside-colonial-pipeline-breach/
Redirect Chain

https://go.recordedfuture.com/events/public/v1/track/tc/VVVHpF6N3qMRW6Y7n2268G12CVNrtzX4sGtZ8N80643c3lGn5V1-WJV7CgCSmW3161qm1RT-skW74HRjq448894W2yTscv8TSX0gW7jQv9Q5Wtzg3W7tpW4-15pd2GW8-L_jQ426d99W6...
https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n...

84 KB
23 KB

1416ms
1383ms

Document
text/html

104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VVVHpF6N3qMRW6Y7n2268G12CVNrtzX4sGtZ8N80643c3lGn5V1-WJV7CgCSmW3161qm1RT-skW74HRjq448894W2yTscv8TSX0gW7jQv9Q5Wtzg3W7tpW4-15pd2GW8-L_jQ426d99W6y45X-3Fc0f7W4kG_Xr7qHV8gW6thBM_8YmD14W58Yx018r9Lb-W8MjRST7jFTk9W1Tq52W21R9WWW3bXZ178lXYQCW1p71MG3hWjD1W2hTHX27Vc4ZLW1NH_6s6slQx_VKqqxv64bkDPW1Ns4Pp84-gdMW4hTr0p8j4yMtW64sKZC220VLGW2mP11p4CkmmKW6R53Ng7J8QJlW8-qPWN1c4JDcW7VPDbD5fw1wY3dRg1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3a2c328bc1506fac5490cddaa6b82384c493088b140636e1452181d301a675b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.recordedfuture.com
:scheme: https
:path: /darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.recordedfuture.com/e2t/tc/VVVHpF6N3qMRW6Y7n2268G12CVNrtzX4sGtZ8N80643c3lGn5V1-WJV7CgCSmW3161qm1RT-skW74HRjq448894W2yTscv8TSX0gW7jQv9Q5Wtzg3W7tpW4-15pd2GW8-L_jQ426d99W6y45X-3Fc0f7W4kG_Xr7qHV8gW6thBM_8YmD14W58Yx018r9Lb-W8MjRST7jFTk9W1Tq52W21R9WWW3bXZ178lXYQCW1p71MG3hWjD1W2hTHX27Vc4ZLW1NH_6s6slQx_VKqqxv64bkDPW1Ns4Pp84-gdMW4hTr0p8j4yMtW64sKZC220VLGW2mP11p4CkmmKW6R53Ng7J8QJlW8-qPWN1c4JDcW7VPDbD5fw1wY3dRg1

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=60
cf-edge-cache: cache,platform=wordpress
content-security-policy: frame-ancestors 'none'
link: <https://www.recordedfuture.com/?p=56305>; rel=shortlink
referrer-policy: strict-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-cloud-trace-context: 46c665fe5d98c8f4c041cc4f3cedf46f/2552859083532471201;o=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pantheon-styx-hostname: styx-fe2-b-7469d8df64-7f54g
x-styx-req-id: f17600fd-ca4e-11eb-b4d9-9a0fa9cd2454
x-xss-protection: 1; mode=block
x-served-by: cache-mdw17321-MDW, cache-bwi5033-BWI
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1623372597.200549,VS0,VE829
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
cf-request-id: 0a9a251e5d00000221889fe000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65d6d7aa2d140221-ZRH
content-encoding: gzip

Redirect headers

date: Fri, 11 Jun 2021 00:49:56 GMT
location: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
cf-ray: 65d6d7a8fca50601-FRA
link: <https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0a9a251d9d0000060172176000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 2b74042e-4f0b-4a7b-9aad-d8e7c741755b
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bbQaOc8vfzwXfc4rWlz%2F27Iv%2Bn1KHi89%2F5SFTzkWb0RlqBSELcc0wdG%2Fz7Kfsox%2B%2FTFjk07XR%2FmuBEELueuaM8g1mbcFnfhubQSP9PpwZ68ITvK4kh84slHXSlrmCl3ZK1jBg4WIoD82awcq%2BYI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 materialize.css
www.recordedfuture.com/wp-content/themes/recorded-future-2019/css/ 146 KB
29 KB 18ms
17ms Stylesheet
text/css 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/css/materialize.css

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c142f741438550d5cad8e88b6b2952f8f256efda416f35e5a84dd2f6066144d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/css/materialize.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12572
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-sbdnp
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 29052
cf-request-id: 0a9a2523cc00000221a0b0d000000001
x-served-by: cache-mdw17342-MDW, cache-bwi5055-BWI
last-modified: Wed, 19 May 2021 20:17:12 GMT
server: cloudflare
x-timer: S1623360026.980528,VS0,VE1
etag: W/"60a57248-2491e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 21 May 2022 08:17:23 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b2d8580221-ZRH
x-styx-req-id: ce16b7bf-b943-11eb-954b-02ef434f4fb3
x-cache-hits: 1, 1

GET
H2 200 style.min.css
www.recordedfuture.com/wp-includes/css/dist/block-library/ 57 KB
11 KB 23ms
21ms Stylesheet
text/css 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12572
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-hs9rn
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 10961
cf-request-id: 0a9a2523cd00000221b9852000000001
x-served-by: cache-mdw17328-MDW, cache-wdc5558-WDC
last-modified: Wed, 09 Jun 2021 19:17:04 GMT
server: cloudflare
x-timer: S1623360026.982195,VS0,VE1
etag: W/"60c113b0-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 11 Jun 2022 06:02:36 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b2e85a0221-ZRH
x-styx-req-id: 74a4d0ad-c9b1-11eb-873c-322628bd3fb9
x-cache-hits: 0, 1

GET
H2 200 blocks.style.build.css
www.recordedfuture.com/wp-content/plugins/cool-timeline-pro/includes/gutenberg-instant-builder/dist/ 11 KB
2 KB 29ms
28ms Stylesheet
text/css 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/cool-timeline-pro/includes/gutenberg-instant-builder/dist/blocks.style.build.css?ver=5.7.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c60328c2a2fba270c2fc603e556bb6eb41d10cecac5941dfe54e0c071472cc78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/plugins/cool-timeline-pro/includes/gutenberg-instant-builder/dist/blocks.style.build.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12572
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-vvpv5
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 1813
cf-request-id: 0a9a2523cd00000221be14c000000001
x-served-by: cache-mdw17364-MDW, cache-bwi5028-BWI
last-modified: Tue, 01 Jun 2021 17:03:14 GMT
server: cloudflare
x-timer: S1623360026.993213,VS0,VE1
etag: W/"60b66852-2d20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Jun 2022 17:03:30 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b2e85b0221-ZRH
x-styx-req-id: 4a6db6b2-c2fb-11eb-a13f-22fc72b05ee4
x-cache-hits: 0, 1

GET
H2 200 dashicons.min.css
www.recordedfuture.com/wp-includes/css/ 58 KB
36 KB 34ms
32ms Stylesheet
text/css 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/css/dashicons.min.css?ver=5.7.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-includes/css/dashicons.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12572
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-d4scp
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 36701
cf-request-id: 0a9a2523cd0000022148231000000001
x-served-by: cache-mdw17335-MDW, cache-bwi5076-BWI
last-modified: Tue, 01 Jun 2021 17:03:25 GMT
server: cloudflare
x-timer: S1623360026.999117,VS0,VE0
etag: W/"60b6685d-e688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Jun 2022 17:03:30 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b2e85c0221-ZRH
x-styx-req-id: 4a6b7cc4-c2fb-11eb-802b-16d95c1b4906
x-cache-hits: 1, 2

GET
H2 200 css
fonts.googleapis.com/ 4 KB
727 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700&ver=5.7.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 23:18:31 GMT
server: ESF
date: Fri, 11 Jun 2021 00:49:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Jun 2021 00:49:58 GMT

GET
H2 200 genericons.css
www.recordedfuture.com/wp-content/plugins/megamenu-pro/icons/genericons/genericons/ 27 KB
17 KB 24ms
23ms Stylesheet
text/css 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=1.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=1.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12572
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-s7n8b
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 16752
cf-request-id: 0a9a2523cd000002214cbd4000000001
x-served-by: cache-mdw17343-MDW, cache-bwi5042-BWI
last-modified: Mon, 07 Jun 2021 18:58:19 GMT
server: cloudflare
x-timer: S1623360026.000673,VS0,VE0
etag: W/"60be6c4b-6b84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Thu, 09 Jun 2022 04:59:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b2e85d0221-ZRH
x-styx-req-id: 4809427b-c816-11eb-b9b0-0a6939d335f4
x-cache-hits: 0, 2

GET
H2 200 font-awesome.min.css
www.recordedfuture.com/wp-content/plugins/megamenu-pro/icons/fontawesome/css/ 30 KB
8 KB 32ms
30ms Stylesheet
text/css 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/megamenu-pro/icons/fontawesome/css/font-awesome.min.css?ver=1.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/plugins/megamenu-pro/icons/fontawesome/css/font-awesome.min.css?ver=1.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12572
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-zdbfl
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 7949
cf-request-id: 0a9a2523cd00000221a1b93000000001
x-served-by: cache-mdw17330-MDW, cache-wdc5524-WDC
last-modified: Wed, 09 Jun 2021 05:33:23 GMT
server: cloudflare
x-timer: S1623360026.006760,VS0,VE1
etag: W/"60c052a3-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Fri, 10 Jun 2022 06:04:47 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b2e85e0221-ZRH
x-styx-req-id: 983a89bd-c8e8-11eb-85c2-d2b9b30b8f04
x-cache-hits: 0, 1

GET
H2 200 all.min.css
www.recordedfuture.com/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/ 51 KB
12 KB 29ms
28ms Stylesheet
text/css 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=1.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84decc00a588d65b9c7ae58a79d11fa6eb4a1ae0330a0e78097ef88599482168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=1.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12572
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-vvpv5
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 12389
cf-request-id: 0a9a2523ce00000221a13e4000000001
x-served-by: cache-mdw17368-MDW, cache-bwi5043-BWI
last-modified: Mon, 07 Jun 2021 18:58:18 GMT
server: cloudflare
x-timer: S1623360026.005333,VS0,VE1
etag: W/"60be6c4a-ca00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Thu, 09 Jun 2022 12:27:59 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b2e85f0221-ZRH
x-styx-req-id: f5d4259c-c854-11eb-a13f-22fc72b05ee4
x-cache-hits: 1, 1

GET
H2 200 style.css
www.recordedfuture.com/wp-content/themes/recorded-future-2019/ 611 KB
82 KB 38ms
37ms Stylesheet
text/css 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ead7c8b3a7ab4739c36bb4d199a3f79d1dc53052345f6cbaf50a899cc1f137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12572
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-swfkk
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 83216
cf-request-id: 0a9a2523ce000002219094a000000001
x-served-by: cache-mdw17364-MDW, cache-bwi5027-BWI
last-modified: Wed, 09 Jun 2021 19:17:16 GMT
server: cloudflare
x-timer: S1623360026.007636,VS0,VE1
etag: W/"60c113bc-98b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 11 Jun 2022 06:32:16 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b2e8620221-ZRH
x-styx-req-id: 99ab80ed-c9b5-11eb-99cb-2e705eee618f
x-cache-hits: 0, 1

GET
H2 200 jquery.min.js Show response
www.recordedfuture.com/wp-includes/js/jquery/ 87 KB
36 KB 36ms
29ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-d4scp
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 36073
cf-request-id: 0a9a25243300000221989bc000000001
x-served-by: cache-mdw17369-MDW, cache-wdc5561-WDC
last-modified: Mon, 07 Jun 2021 18:58:24 GMT
server: cloudflare
x-timer: S1623360027.047282,VS0,VE2
etag: W/"60be6c50-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Thu, 09 Jun 2022 12:14:38 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b388840221-ZRH
x-styx-req-id: 18d0c686-c853-11eb-802b-16d95c1b4906
x-cache-hits: 1, 1

GET
H2 200 jquery-migrate.min.js Show response
www.recordedfuture.com/wp-includes/js/jquery/ 11 KB
5 KB 59ms
52ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-s7n8b
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 4565
cf-request-id: 0a9a252433000002219a8e3000000001
x-served-by: cache-mdw17383-MDW, cache-wdc5529-WDC
last-modified: Wed, 09 Jun 2021 05:32:18 GMT
server: cloudflare
x-timer: S1623360027.044815,VS0,VE1
etag: W/"60c05262-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Fri, 10 Jun 2022 06:04:49 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b388860221-ZRH
x-styx-req-id: 99065bef-c8e8-11eb-b9b0-0a6939d335f4
x-cache-hits: 1, 1

GET
H2 200 rf-logo-2020-1.png
www.recordedfuture.com/wp-content/uploads/ 4 KB
4 KB 43ms
36ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/rf-logo-2020-1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0940efb55fa2f1deb76f9261931ac680e0fc2429e1073e2bafaadc7a32bab6d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/rf-logo-2020-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-s7n8b
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4016
cf-request-id: 0a9a2524330000022154b02000000001
x-served-by: cache-mdw17330-MDW, cache-bwi5083-BWI
last-modified: Fri, 03 Jul 2020 11:31:31 GMT
server: cloudflare
x-timer: S1623360027.060161,VS0,VE1
etag: "5eff1713-fb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 117f279a-c9b3-11eb-b9b0-0a6939d335f4
expires: Sat, 11 Jun 2022 06:14:09 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b388870221-ZRH
x-cache-hits: 1, 1

GET
H2 200 logo-primary-black-2020.svg
www.recordedfuture.com/wp-content/uploads/ 5 KB
2 KB 32ms
26ms Image
image/svg+xml 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/logo-primary-black-2020.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40bcd63ab74f4ab4d6976033797595ea693379a4186ba951e8059d8f2b63c7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/logo-primary-black-2020.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-zdbfl
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1879
cf-request-id: 0a9a2524330000022188a1a000000001
x-served-by: cache-mdw17351-MDW, cache-bwi5021-BWI
access-control-allow-origin: *
last-modified: Tue, 11 Aug 2020 17:58:16 GMT
server: cloudflare
x-timer: S1623360027.073746,VS0,VE1
etag: W/"5f32dc38-141a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
expires: Sat, 11 Jun 2022 05:33:24 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b388880221-ZRH
x-styx-req-id: 601b099c-c9ad-11eb-85c2-d2b9b30b8f04
x-cache-hits: 1, 1

GET
H2 200 menu-aws-1.png
www.recordedfuture.com/wp-content/uploads/ 7 KB
7 KB 57ms
50ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/menu-aws-1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b44433b6d777aed38ed9359c5453bba1fb62c181f99f060b94cc58e457457d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/menu-aws-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-568bv
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 6793
cf-request-id: 0a9a25243300000221b9853000000001
x-served-by: cache-mdw17378-MDW, cache-bwi5038-BWI
last-modified: Thu, 16 Jul 2020 14:51:53 GMT
server: cloudflare
x-timer: S1623360027.077680,VS0,VE1
etag: "5f106989-1a89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 194d7d59-c9bb-11eb-ab43-d22b8ecde9c3
expires: Sat, 11 Jun 2022 07:11:38 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b388890221-ZRH
x-cache-hits: 1, 1

GET
H2 200 solution-menu-2.png
www.recordedfuture.com/wp-content/uploads/ 42 KB
42 KB 32ms
26ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/solution-menu-2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cc82f513588a417cfb181cd5b2329432cc3b2bb9d1f056e432838a036851aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/solution-menu-2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-swfkk
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 42837
cf-request-id: 0a9a25243400000221be14e000000001
x-served-by: cache-mdw17327-MDW, cache-wdc5530-WDC
last-modified: Wed, 02 Sep 2020 14:38:31 GMT
server: cloudflare
x-timer: S1623360027.053406,VS0,VE1
etag: "5f4fae67-a755"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 993b08f2-c8e8-11eb-8f48-2e705eee618f
expires: Fri, 10 Jun 2022 06:04:49 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3888a0221-ZRH
x-cache-hits: 1, 1

GET
H2 200 9210833d-34a7-4597-ade0-03e16dcbc24c.png
no-cache.hubspot.com/cta/default/252628/ 138 KB
139 KB 149ms
142ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/252628/9210833d-34a7-4597-ade0-03e16dcbc24c.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

302afd20bcb475384017be6d90a969ca3696523934ea36a340192ee573daa34c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N5P8DK6BPP0WS79J
x-amz-server-side-encryption: AES256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 141151
x-amz-id-2: 3HZLXRfsoZ2cUb2gfp89edYWevEFG22V4DkBOtQ+euTIy3D+Ek/ATb4mwfv52v4ik6MoRWV4mnw=
last-modified: Sun, 21 Mar 2021 16:26:52 GMT
server: cloudflare
etag: "d146c50ec9da4af6792c166bb87015c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wOtPITF0GPSerAgjnVHsM4GFF8YjTpeCk2rMSjEHxzcYvqEpZqUkkvDuTpNmyyT7RYmfjO5I01oYePa1PmYmvyVVE24KoH5HTfs7dnWLL9ZAzKGuHVDJuU1N84Q9h6jblpB06i31EDsMGVwAWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
cf-request-id: 0a9a25242e0000c2f9981d2000000001
accept-ranges: bytes
cf-ray: 65d6d7b3788cc2f9-FRA

GET
H2 200 current.js Show response
js.hscta.net/cta/ 9 KB
4 KB 35ms
12ms Script
application/javascript 2606:4700::6811:dfcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:dfcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ee2f7ce35c9debc48074853c1f54821a7d1cd2f738a0857cb9754c904bfbb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 8d6071bd169bbf5fd46638140132b1d1.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 80
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.36/bundles/current.js&cfRay=65d6d5bd7ebfc2c7-EWR
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0a9a2524160000c2ea50887000000001
last-modified: Wed, 12 May 2021 09:48:14 UTC
server: cloudflare
etag: W/"1777b53ad85549fa3ece2bc9c51b6340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: QMWar19_03IGFsusYgoXniHbdWzPWjnr
cache-control: max-age=600
x-hs-cache-status: EXPIRED
x-amz-cf-pop: IAD89-C3
cf-ray: 65d6d7b358d4c2ea-FRA
x-amz-cf-id: IdTTijsSmClhlzw3LQriDjOWSVjpn8Ldl-TbSec8vNaQ2xbbf1SRZw==
x-hs-target-asset: cta-embed-js/static-1.36/bundles/current.js

GET
H2 200 a7fb8b5c-b14d-4030-a76d-26dbc96ab43b.png
no-cache.hubspot.com/cta/default/252628/ 36 KB
36 KB 152ms
145ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/252628/a7fb8b5c-b14d-4030-a76d-26dbc96ab43b.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c13ac28c11e551e0f2a5a75cde96400e92cec10f23e4c08b42e45ee694532b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N5P1C0N5P4P6HHYE
x-amz-server-side-encryption: AES256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 36409
x-amz-id-2: qotpDknq2WoyYmKX5JtbIm3PAMNA4N80+x+q0/+6AqlF4jq4+ty0KP8jD/h62peSLVFWPKF59E8=
last-modified: Sun, 21 Mar 2021 16:26:52 GMT
server: cloudflare
etag: "97e3ee11b243e4cc44d569cb4bfc06f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eVPuQ9LU9OhW3rfzK5iMGqvpIWQiA4timAPN9qeDHPfdoZKYXTtj2XOg8r2l4XsGsQV7vAz7EgoE6cIg65%2FAPZYGvXpBvTUTBaPQ5Lj8tRgI1qdC682BUMrav1vPDK3mbh7RS4L5fOl86x1rPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store
cf-request-id: 0a9a25242e0000c2f96d0de000000001
accept-ranges: bytes
cf-ray: 65d6d7b3788bc2f9-FRA

GET
H2 200 threats-asian-communities-north-america-europe-oceania-list.jpg
www.recordedfuture.com/wp-content/uploads/ 471 KB
472 KB 65ms
59ms Image
image/jpeg 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/threats-asian-communities-north-america-europe-oceania-list.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e77fdad5335a23d6513c37be8cd74470f9f9ab2d24e9245b86e6cb84f919b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/threats-asian-communities-north-america-europe-oceania-list.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10290
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-568bv
x-cache: MISS, HIT
cf-bgj: h2pri
content-length: 482621
cf-request-id: 0a9a25243400000221b3b4d000000001
x-served-by: cache-mdw17347-MDW, cache-bwi5077-BWI
last-modified: Wed, 02 Jun 2021 14:17:58 GMT
server: cloudflare
x-timer: S1623362308.863391,VS0,VE2
etag: "60b79316-75d3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-styx-req-id: 5ee284d3-c3ae-11eb-ab43-d22b8ecde9c3
expires: Fri, 03 Jun 2022 14:25:24 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3888b0221-ZRH
x-cache-hits: 0, 1

GET
H2 200 business-fraud-dating-underground-listpg.jpg
www.recordedfuture.com/wp-content/uploads/ 461 KB
462 KB 36ms
30ms Image
image/jpeg 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/business-fraud-dating-underground-listpg.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fd4dc741e46ea50096170d7a7d9e245eb7362a2c7c85543bcbb960b20da0846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/business-fraud-dating-underground-listpg.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10290
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-568bv
x-cache: MISS, HIT
cf-bgj: h2pri
content-length: 472273
cf-request-id: 0a9a252434000002214cbd5000000001
x-served-by: cache-mdw17378-MDW, cache-wdc5539-WDC
last-modified: Wed, 19 May 2021 19:15:03 GMT
server: cloudflare
x-timer: S1623362308.860709,VS0,VE3
etag: "60a563b7-734d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-styx-req-id: f0f80b63-c9c5-11eb-ab43-d22b8ecde9c3
expires: Sat, 11 Jun 2022 08:29:15 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3888c0221-ZRH
x-cache-hits: 0, 1

GET
H2 200 business-fraud-drops-mules-list.jpg
www.recordedfuture.com/wp-content/uploads/ 382 KB
382 KB 42ms
36ms Image
image/jpeg 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/business-fraud-drops-mules-list.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aebe6ee96e6c6b9fc7b032854da493b545d82177f9439202cedd27e6e160841e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/business-fraud-drops-mules-list.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2755
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-vvpv5
x-cache: HIT, HIT
cf-bgj: h2pri
content-length: 390738
cf-request-id: 0a9a25243400000221a1b95000000001
x-served-by: cache-mdw17342-MDW, cache-bwi5045-BWI
last-modified: Tue, 11 May 2021 14:02:37 GMT
server: cloudflare
x-timer: S1623369844.594769,VS0,VE2
etag: "609a8e7d-5f652"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-styx-req-id: c8b24c34-bed0-11eb-a13f-22fc72b05ee4
expires: Sat, 28 May 2022 09:49:09 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3888d0221-ZRH
x-cache-hits: 1, 1

GET
H2 200 footer-logo.png
www.recordedfuture.com/wp-content/themes/recorded-future-2019/img/ 16 KB
16 KB 42ms
36ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/img/footer-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f972353442840a191a5f341fb188f1afd3521ee2df82f4244a5f8baff94ed6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/img/footer-logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-vlzg6
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 16089
cf-request-id: 0a9a25243400000221a13e5000000001
x-served-by: cache-mdw17381-MDW, cache-wdc5577-WDC
last-modified: Wed, 09 Jun 2021 05:33:04 GMT
server: cloudflare
x-timer: S1623360027.050271,VS0,VE1
etag: "60c05290-3ed9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: c32bf1f8-c900-11eb-ac4b-f6160bff9e0a
expires: Fri, 10 Jun 2022 08:57:47 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3888e0221-ZRH
x-cache-hits: 0, 1

GET
H2 200 rf-logo-square-white-1.png
www.recordedfuture.com/wp-content/themes/recorded-future-2019/img/ 2 KB
3 KB 42ms
36ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/img/rf-logo-square-white-1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a17254417c7cf571e6b249cceea19081e5e2c079bfe78830375a5ecee085ccd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/img/rf-logo-square-white-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-swfkk
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2461
cf-request-id: 0a9a252434000002219094b000000001
x-served-by: cache-mdw17357-MDW, cache-wdc5564-WDC
last-modified: Wed, 09 Jun 2021 19:17:16 GMT
server: cloudflare
x-timer: S1623360027.047677,VS0,VE1
etag: "60c113bc-99d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 4e346338-c9b0-11eb-99cb-2e705eee618f
expires: Sat, 11 Jun 2022 05:54:22 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3888f0221-ZRH
x-cache-hits: 1, 1

GET
H2 200 qppr_frontend_script.min.js Show response
www.recordedfuture.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/ 2 KB
946 B 56ms
50ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.2.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.2.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-d4scp
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 568
cf-request-id: 0a9a252434000002217629e000000001
x-served-by: cache-mdw17322-MDW, cache-bwi5035-BWI
last-modified: Wed, 09 Jun 2021 19:17:03 GMT
server: cloudflare
x-timer: S1623360027.061193,VS0,VE1
etag: W/"60c113af-636"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 11 Jun 2022 06:50:36 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b388900221-ZRH
x-styx-req-id: 293a8dcd-c9b8-11eb-802b-16d95c1b4906
x-cache-hits: 0, 1

GET
H2 200 jquery.rwdImageMaps.min.js Show response
www.recordedfuture.com/wp-content/plugins/responsive-image-maps/ 1 KB
885 B 56ms
51ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/responsive-image-maps/jquery.rwdImageMaps.min.js?ver=1.5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed839d9fae4a8e722e9c408c2716a6f1eb789b99ef16722cd39ff4965749d8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/plugins/responsive-image-maps/jquery.rwdImageMaps.min.js?ver=1.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-d4scp
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 661
cf-request-id: 0a9a2524340000022194137000000001
x-served-by: cache-mdw17337-MDW, cache-bwi5049-BWI
last-modified: Wed, 09 Jun 2021 19:17:03 GMT
server: cloudflare
x-timer: S1623360027.062476,VS0,VE1
etag: W/"60c113af-45a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 11 Jun 2022 05:06:51 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b388910221-ZRH
x-styx-req-id: aa71e937-c9a9-11eb-802b-16d95c1b4906
x-cache-hits: 1, 1

GET
H2

200

aos.js Show response
unpkg.com/aos@2.3.1/dist/
Redirect Chain

https://unpkg.com/aos@2.3.1/dist/aos.js?ver=3.6.4
https://unpkg.com/aos@2.3.1/dist/aos.js

14 KB
4 KB

14ms
13ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6925351
vary: Accept-Encoding
cf-request-id: 0a9a2524b800004e079a2bf000000001
last-modified: Thu, 17 May 2018 22:11:13 GMT
server: cloudflare
etag: W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: a2f11065789abffdec9e74fcad17e6ee
cache-control: public, max-age=31536000
cf-ray: 65d6d7b459314e07-FRA

Redirect headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: EXPIRED
fly-request-id: 01F7W8QY52FZJ9TT5VR38RGPRF
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /aos@2.3.1/dist/aos.js
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 65d6d7b3c8894e07-FRA
cf-request-id: 0a9a25245800004e073c2ad000000001

GET
H2 200 materialize.min.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 217 KB
61 KB 55ms
50ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/materialize.min.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9576157078dda9a522dad222249eeec6e639a856351b9f09451163cec1828ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/materialize.min.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-vvpv5
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 61953
cf-request-id: 0a9a2524350000022148233000000001
x-served-by: cache-mdw17382-MDW, cache-bwi5024-BWI
last-modified: Tue, 01 Jun 2021 15:13:56 GMT
server: cloudflare
x-timer: S1623360027.071272,VS0,VE1
etag: W/"60b64eb4-36305"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Jun 2022 15:14:03 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b388920221-ZRH
x-styx-req-id: ff0a8ac5-c2eb-11eb-a13f-22fc72b05ee4
x-cache-hits: 1, 1

GET
H2 200 isotope.pkgd.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 89 KB
27 KB 56ms
51ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/isotope.pkgd.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

699713f69dbd2387b7c3b57204bcdc3d86d3ac350718a7ad65a5293e0d2c53eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/isotope.pkgd.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-d4scp
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 27654
cf-request-id: 0a9a25243500000221729b6000000001
x-served-by: cache-mdw17326-MDW, cache-bwi5035-BWI
last-modified: Wed, 09 Jun 2021 05:33:04 GMT
server: cloudflare
x-timer: S1623360027.056804,VS0,VE1
etag: W/"60c05290-16506"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Fri, 10 Jun 2022 06:43:08 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b388940221-ZRH
x-styx-req-id: f35ad8c9-c8ed-11eb-802b-16d95c1b4906
x-cache-hits: 1, 1

GET
H2 200 navigation.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 3 KB
1 KB 75ms
70ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/navigation.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/navigation.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-vvpv5
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 1179
cf-request-id: 0a9a25243f0000022150080000000001
x-served-by: cache-mdw17340-MDW, cache-bwi5074-BWI
last-modified: Tue, 01 Jun 2021 15:13:56 GMT
server: cloudflare
x-timer: S1623360027.064325,VS0,VE1
etag: W/"60b64eb4-b97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Jun 2022 15:14:03 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b398970221-ZRH
x-styx-req-id: ff0c80d1-c2eb-11eb-a13f-22fc72b05ee4
x-cache-hits: 0, 1

GET
H2 200 skip-link-focus-fix.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 685 B
812 B 74ms
69ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/skip-link-focus-fix.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/skip-link-focus-fix.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-swfkk
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 426
cf-request-id: 0a9a25243f000002214a104000000001
x-served-by: cache-mdw17324-MDW, cache-bwi5033-BWI
last-modified: Wed, 09 Jun 2021 05:33:14 GMT
server: cloudflare
x-timer: S1623360027.059652,VS0,VE1
etag: W/"60c0529a-2ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Fri, 10 Jun 2022 06:04:49 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b398980221-ZRH
x-styx-req-id: 990f8109-c8e8-11eb-8f48-2e705eee618f
x-cache-hits: 1, 1

GET
H2 200 util.min.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 3 KB
2 KB 72ms
67ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/util.min.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

773a8f6755c75e51461fb4809413075f96342df2696625580b407967292d915c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/util.min.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-zdbfl
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 1302
cf-request-id: 0a9a2524400000022157b1f000000001
x-served-by: cache-mdw17326-MDW, cache-bwi5049-BWI
last-modified: Tue, 01 Jun 2021 15:13:56 GMT
server: cloudflare
x-timer: S1623360027.071773,VS0,VE1
etag: W/"60b64eb4-d48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Jun 2022 15:14:01 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b398990221-ZRH
x-styx-req-id: ff0bf90d-c2eb-11eb-85c2-d2b9b30b8f04
x-cache-hits: 0, 1

GET
H2 200 swipe-content.min.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 3 KB
1 KB 72ms
67ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/swipe-content.min.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8207ade6f639887a7838b2903d39de1b3d21a327b031310555676d120e068b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/swipe-content.min.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-sbdnp
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 912
cf-request-id: 0a9a25244000000221488dc000000001
x-served-by: cache-mdw17361-MDW, cache-bwi5024-BWI
last-modified: Wed, 09 Jun 2021 05:33:04 GMT
server: cloudflare
x-timer: S1623360027.068232,VS0,VE1
etag: W/"60c05290-c29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Fri, 10 Jun 2022 06:04:35 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3989a0221-ZRH
x-styx-req-id: 9133cb79-c8e8-11eb-954b-02ef434f4fb3
x-cache-hits: 1, 1

GET
H2 200 nodelist-foreach-polyfill.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 242 B
441 B 72ms
68ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/nodelist-foreach-polyfill.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c9b373b81d6e43a3479f52231ac50d2691fd9232042514159be5866a65e40f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/nodelist-foreach-polyfill.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-vvpv5
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 174
cf-request-id: 0a9a252440000002214eae4000000001
x-served-by: cache-mdw17357-MDW, cache-wdc5573-WDC
last-modified: Mon, 07 Jun 2021 18:58:21 GMT
server: cloudflare
x-timer: S1623360027.066630,VS0,VE1
etag: W/"60be6c4d-f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Fri, 10 Jun 2022 05:07:49 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3989c0221-ZRH
x-styx-req-id: a2efa970-c8e0-11eb-a13f-22fc72b05ee4
x-cache-hits: 1, 1

GET
H2 200 smoothscroll.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 11 KB
4 KB 72ms
68ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/smoothscroll.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83e7b0edd83ba89635382f425dfdfd4e2dc0f4c43a059c41dce98cdb1048ab86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/smoothscroll.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-vvpv5
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 3373
cf-request-id: 0a9a2524400000022175836000000001
x-served-by: cache-mdw17336-MDW, cache-bwi5033-BWI
last-modified: Mon, 07 Jun 2021 18:58:21 GMT
server: cloudflare
x-timer: S1623360027.075425,VS0,VE1
etag: W/"60be6c4d-2c9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Thu, 09 Jun 2022 12:54:47 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3989d0221-ZRH
x-styx-req-id: b469289c-c858-11eb-a13f-22fc72b05ee4
x-cache-hits: 1, 1

GET
H2 200 slick.min.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 50 KB
14 KB 73ms
68ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/slick.min.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec3873a49c77ec8a26f8c7a6f60eff1c0a7884459b5f8d2fcef28ef0ce271792

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/slick.min.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-vlzg6
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 14024
cf-request-id: 0a9a2524400000022195b42000000001
x-served-by: cache-mdw17330-MDW, cache-bwi5057-BWI
last-modified: Tue, 01 Jun 2021 15:13:56 GMT
server: cloudflare
x-timer: S1623360027.083955,VS0,VE1
etag: W/"60b64eb4-c676"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Jun 2022 15:14:03 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3989e0221-ZRH
x-styx-req-id: ff0e6000-c2eb-11eb-ac4b-f6160bff9e0a
x-cache-hits: 1, 1

GET
H2 200 jquery.matchHeight.min.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 5 KB
2 KB 73ms
69ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/jquery.matchHeight.min.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

271bc594ffc1d972db7f089f567b29b1174183bcd46c672eb7775226a404a027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/jquery.matchHeight.min.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-hs9rn
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 1694
cf-request-id: 0a9a2524400000022197881000000001
x-served-by: cache-mdw17336-MDW, cache-bwi5038-BWI
last-modified: Tue, 01 Jun 2021 15:13:56 GMT
server: cloudflare
x-timer: S1623360027.078692,VS0,VE1
etag: W/"60b64eb4-12b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Jun 2022 15:14:03 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3989f0221-ZRH
x-styx-req-id: ff0da960-c2eb-11eb-873c-322628bd3fb9
x-cache-hits: 0, 1

GET
H2 200 jquery.tabslet.min.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 3 KB
2 KB 76ms
72ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/jquery.tabslet.min.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5238692ecf23970cbc3bad3899f5ad4913886cd16f0883d22fda406b3324a253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/jquery.tabslet.min.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-s7n8b
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 1305
cf-request-id: 0a9a252441000002217fad5000000001
x-served-by: cache-mdw17377-MDW, cache-wdc5573-WDC
last-modified: Wed, 09 Jun 2021 05:33:04 GMT
server: cloudflare
x-timer: S1623360027.076564,VS0,VE1
etag: W/"60c05290-ceb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Fri, 10 Jun 2022 05:42:48 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b398a00221-ZRH
x-styx-req-id: 8617094f-c8e5-11eb-b9b0-0a6939d335f4
x-cache-hits: 0, 1

GET
H2 200 vendor.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 101 KB
26 KB 77ms
73ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/vendor.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

692f218144b18d4f2c28c9d8d69385106263fb3239fd0ae2b42680202941ba0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/vendor.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-hs9rn
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 26112
cf-request-id: 0a9a252441000002216f89d000000001
x-served-by: cache-mdw17383-MDW, cache-wdc5572-WDC
last-modified: Wed, 09 Jun 2021 19:17:03 GMT
server: cloudflare
x-timer: S1623360027.077819,VS0,VE1
etag: W/"60c113af-19302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 11 Jun 2022 07:52:39 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b398a10221-ZRH
x-styx-req-id: d4347e07-c9c0-11eb-873c-322628bd3fb9
x-cache-hits: 0, 1

GET
H2 200 script.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 10 KB
3 KB 73ms
69ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/script.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c759948343b56dd68314bbb6a038d972cdfa4f0a06d31819eb3b5d33ab8fecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/script.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-568bv
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 3124
cf-request-id: 0a9a25244100000221c10af000000001
x-served-by: cache-mdw17344-MDW, cache-bwi5050-BWI
last-modified: Tue, 01 Jun 2021 15:13:56 GMT
server: cloudflare
x-timer: S1623360027.079139,VS0,VE1
etag: W/"60b64eb4-2983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Jun 2022 15:14:01 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b398a20221-ZRH
x-styx-req-id: ff0e3bc1-c2eb-11eb-ab43-d22b8ecde9c3
x-cache-hits: 0, 1

GET
H2 200 IGLibrary.js Show response
www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/ 33 KB
10 KB 74ms
70ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/js/IGLibrary.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7e6a6c895c100151dfb452658d754fba7965e3ca95359990486db344d531e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/js/IGLibrary.js?ver=3.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-sbdnp
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 9789
cf-request-id: 0a9a25244100000221a03f2000000001
x-served-by: cache-mdw17334-MDW, cache-bwi5035-BWI
last-modified: Wed, 09 Jun 2021 19:17:03 GMT
server: cloudflare
x-timer: S1623360027.066811,VS0,VE1
etag: W/"60c113af-853a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 11 Jun 2022 06:10:22 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b398a30221-ZRH
x-styx-req-id: 8a4d40b3-c9b2-11eb-954b-02ef434f4fb3
x-cache-hits: 0, 1

GET
H2 200 hoverIntent.min.js Show response
www.recordedfuture.com/wp-includes/js/ 1 KB
773 B 73ms
70ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-includes/js/hoverIntent.min.js?ver=1.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-d4scp
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 501
cf-request-id: 0a9a252441000002219f06b000000001
x-served-by: cache-mdw17376-MDW, cache-bwi5026-BWI
last-modified: Mon, 07 Jun 2021 18:58:27 GMT
server: cloudflare
x-timer: S1623360027.065365,VS0,VE1
etag: W/"60be6c53-462"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Thu, 09 Jun 2022 12:53:32 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b398a40221-ZRH
x-styx-req-id: 878ffce0-c858-11eb-802b-16d95c1b4906
x-cache-hits: 1, 1

GET
H2 200 maxmegamenu.js Show response
www.recordedfuture.com/wp-content/plugins/megamenu/js/ 29 KB
6 KB 75ms
72ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8271756d5397dd04fee9e7b5e9bb25a40b32102998938539946d9a006a0ec737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-sbdnp
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 6172
cf-request-id: 0a9a252441000002217aa38000000001
x-served-by: cache-mdw17358-MDW, cache-bwi5056-BWI
last-modified: Wed, 09 Jun 2021 19:17:13 GMT
server: cloudflare
x-timer: S1623360027.071007,VS0,VE1
etag: W/"60c113b9-7583"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 11 Jun 2022 05:33:23 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b398a50221-ZRH
x-styx-req-id: 5f57a788-c9ad-11eb-954b-02ef434f4fb3
x-cache-hits: 0, 1

GET
H2 200 public.js Show response
www.recordedfuture.com/wp-content/plugins/megamenu-pro/assets/ 20 KB
4 KB 76ms
73ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/plugins/megamenu-pro/assets/public.js?ver=1.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a24dc262ca6db1017f88a6f18786dbb088dce4d06f65ed2b4b43cfd8d0cc618b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/plugins/megamenu-pro/assets/public.js?ver=1.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-568bv
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 4080
cf-request-id: 0a9a252442000002218b097000000001
x-served-by: cache-mdw17369-MDW, cache-bwi5020-BWI
last-modified: Wed, 19 May 2021 20:17:13 GMT
server: cloudflare
x-timer: S1623360027.120701,VS0,VE1
etag: W/"60a57249-4f87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 21 May 2022 06:57:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b398a60221-ZRH
x-styx-req-id: 9ddc7a25-b938-11eb-ab43-d22b8ecde9c3
x-cache-hits: 1, 1

GET
H2 200 wp-embed.min.js Show response
www.recordedfuture.com/wp-includes/js/ 1 KB
1 KB 76ms
73ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/js/wp-embed.min.js?ver=5.7.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-snd2f
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 779
cf-request-id: 0a9a25244200000221510fb000000001
x-served-by: cache-mdw17362-MDW, cache-bwi5025-BWI
last-modified: Wed, 09 Jun 2021 19:17:19 GMT
server: cloudflare
x-timer: S1623360027.074550,VS0,VE1
etag: W/"60c113bf-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 11 Jun 2022 06:32:24 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b398a70221-ZRH
x-styx-req-id: 9e6ce9aa-c9b5-11eb-92ce-bebd5a5f06de
x-cache-hits: 0, 1

GET
H2 200 materialdesignicons.min.css
cdn.materialdesignicons.com/3.5.95/css/ 151 KB
27 KB 102ms
27ms Stylesheet
text/css 185.59.220.193
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.materialdesignicons.com/3.5.95/css/materialdesignicons.min.css
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-193.datapacket.com
Software: BunnyCDN-DE1-601 /
Resource Hash: 81a0af4b719cd7130599920adcdb46c1baee5556a3bdac934cc13acab1da9d30

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
cdn-edgestorageid: 632, 718, 718
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 21:11:32
cdn-pullzone: 190968
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Tue, 26 Feb 2019 05:52:58 GMT
server: BunnyCDN-DE1-601
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=7776000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 7b5c0edb4d381777ef5f7321df73cefc
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H3-29 200 icon
fonts.googleapis.com/ 568 B
365 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a2a092a084f6b4417162897add3a68006c8570de386c83710753f75391b90e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Jun 2021 00:49:58 GMT
server: ESF
date: Fri, 11 Jun 2021 00:49:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Jun 2021 00:49:58 GMT

GET
H2 200 slick.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 2 KB
860 B 11ms
11ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1967990
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 450
cf-request-id: 0a9a25242500004e67600fe000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gfU0Ffd3igOhuKWM0%2BG30BUZ1hchz7hbaw0BZVox1hhzSffKrhATWs5iuaQrxAPsKTl%2BG5CEBLMk74%2BOji4Qxy5m39GZGoFRgdlykFJdAE709krgegjgYDpJZZb9BtWvjtRIjfIS28ykVxDysQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65d6d7b36be64e67-FRA
expires: Wed, 01 Jun 2022 00:49:58 GMT

GET
H2 200 slick-theme.css
kenwheeler.github.io/slick/slick/ 3 KB
1 KB 34ms
26ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://kenwheeler.github.io/slick/slick/slick-theme.css
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-111-153.github.com
Software: GitHub.com /
Resource Hash: 7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: f80ee53dabe05ff2bf1f890f61d01d9b4a0d47f5
date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
age: 7
x-cache: HIT
content-length: 882
x-served-by: cache-hhn4037-HHN
access-control-allow-origin: *
last-modified: Mon, 02 Jul 2018 12:58:42 GMT
server: GitHub.com
x-github-request-id: 2F02:ED8F:1351293:13CAADD:60C28FD4
x-timer: S1623372598.327727,VS0,VE0
etag: W/"5b3a2182-c49"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 10 Jun 2021 22:25:20 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/ 57 KB
4 KB 34ms
27ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3122758
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3541
cf-request-id: 0a9a25242f00004e67033b6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-e283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=S%2Fd%2BjuwvpkLG7xNH3jDZEFklqHdLsjThkOgsYGWY3NyPPRVXgK%2F5cavf5ZNG0S%2BSlGrIGzCPZIomwzEFTL%2BDclPyv7pKXYDRl7ilSDz69B84uVwHSCjuXS2615B%2Bt%2BUw4EJzOeros0DCsXUE%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65d6d7b37bf64e67-FRA
expires: Wed, 01 Jun 2022 00:49:58 GMT

GET
H2 200 lity.css
www.recordedfuture.com/wp-content/themes/recorded-future-2019/css/ 3 KB
1 KB 33ms
25ms Stylesheet
text/css 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/css/lity.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0604167abf2874fdbd5b6d19037baba5d36642b21656c3a6ce6cfef5b6ae8a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/css/lity.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-s7n8b
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1025
cf-request-id: 0a9a2524330000022187392000000001
x-served-by: cache-mdw17332-MDW, cache-bwi5069-BWI
last-modified: Wed, 19 May 2021 20:17:16 GMT
server: cloudflare
x-timer: S1623360027.049482,VS0,VE1
etag: W/"60a5724c-cd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sat, 21 May 2022 06:00:07 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b388830221-ZRH
x-styx-req-id: a1073c03-b930-11eb-b9b0-0a6939d335f4
x-cache-hits: 1, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 27ms
24ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9153858-2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ebec660886f03bd7502df183186f39bda8d3b820da1d9ca0e1ffa73b2153c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36107
x-xss-protection: 0
last-modified: Fri, 11 Jun 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Jun 2021 00:49:58 GMT

GET
H2 200 252628.js Show response
js.hs-scripts.com/ 905 B
862 B 57ms
12ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/252628.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e3e7bb32d700b907b9e5c097d8ef3d6961d3642741583c1f924e7762b0e2f50

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 42
cf-polished: origSize=1012
cf-request-id: 0a9a252458000005e48bafa000000001
x-hubspot-correlation-id: ad94e4f3-5f5b-4c5a-ba90-67469c0a259a
cf-bgj: minify
server: cloudflare
x-trace: 2B6DC74EC41BA3063ECED1B5F86B325599751D0DF6000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://therecord.media
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 65d6d7b3bb1e05e4-FRA
expires: Fri, 11 Jun 2021 00:50:58 GMT

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 23 KB
8 KB 114ms
29ms Script
application/javascript 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

da1b60970149580c709bbc357622d24e7029d658e852e74ef1d861ffb22ad219

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:49:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 7764
Pragma: no-cache
Last-Modified: Wed, 17 Mar 2021 01:04:50 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "605155b2-5d6b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Fri, 11 Jun 2021 00:49:58 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
24 KB 12ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-fb-rlafr: 0
pragma: public
x-fb-debug: qZiLwkZxF5oCvGJSR5mhRaoihbdTMYNs4p8MNSGZ5dREb9infFa2I/dND3STiODfhRJdzoi7H6BskFG3gomfhw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 11 Jun 2021 00:49:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 167 KB
55 KB 34ms
16ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-539N74N

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca3429d77a75fe901b92a13cf9ae8800fa713d8fdaa63523a8d081d9e25cbfa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56019
x-xss-protection: 0
last-modified: Fri, 11 Jun 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Jun 2021 00:49:58 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 190 KB
55 KB 76ms
23ms Script
application/javascript 2600:9000:211a:fa00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:fa00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05d91f851a25aaf50298c4e8fe0d4b6e9de001112170c3bb0bb48367f451a515

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 11 Jun 2021 00:03:25 GMT
content-encoding: gzip
last-modified: Mon, 24 May 2021 01:47:29 GMT
server: AmazonS3
age: 2794
etag: W/"ec4d06881dcf5b43aee140a840e270c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 4fcd504c9be280bceae32e94ae54e04e.cloudfront.net (CloudFront)
cache-control: max-age=691200
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: QgUJ5TPfyY80rOSoXA8SSnzhKnvmFQH6COqLLXXG6ytbnSZgN33dsQ==

GET
H2 200 container_nbhoRDM8.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 226 KB
65 KB 76ms
24ms Script
application/javascript 2600:9000:211a:fa00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_nbhoRDM8.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:fa00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6897f1a6622f0773442f9027b0a128f68d11b78abdcc59140a79ba590608f8ee

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 06 Jun 2021 18:13:26 GMT
content-encoding: gzip
last-modified: Mon, 24 May 2021 01:47:30 GMT
server: AmazonS3
age: 369393
etag: W/"74812def18e3a45b9441048d56970127"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 4fcd504c9be280bceae32e94ae54e04e.cloudfront.net (CloudFront)
cache-control: max-age=691200
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: yXUARdnozV75C9ZvkWf5NeA82-vKLDp9LrcRyHBnfcBk12Z6ib_WYg==

GET
H2 200 wp-emoji-release.min.js Show response
www.recordedfuture.com/wp-includes/js/ 14 KB
5 KB 78ms
75ms Script
application/x-javascript 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12571
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-568bv
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 5269
cf-request-id: 0a9a2524420000022183309000000001
x-served-by: cache-mdw17341-MDW, cache-bwi5034-BWI
last-modified: Tue, 01 Jun 2021 17:03:23 GMT
server: cloudflare
x-timer: S1623360027.087355,VS0,VE20
etag: W/"60b6685b-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Jun 2022 17:03:32 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b398a80221-ZRH
x-styx-req-id: 4b501222-c2fb-11eb-ab43-d22b8ecde9c3
x-cache-hits: 0, 1

GET
H3-29 400 css2
fonts.googleapis.com/ 0
0 33ms
32ms Stylesheet
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=Inter:100,200,300,400,500,600,700,800,900
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 mp5rtwcnz2nd.js Show response
js.driftt.com/include/1623372600000/ 214 KB
61 KB 205ms
147ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1623372600000/mp5rtwcnz2nd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

8a5530f9cb746480fc0127fc3dab633918dae47d76624bbd330ca2db605f91c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 18:11:56 GMT
server: nginx
etag: W/"4e34e84cb154a5331618ee711964a7b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ge6NAN94qseJSLQKMnhOxe9ClamTIOjs
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FI3k3ZUn1KNqQM-X8L3gBM5DwPVoAi2YY2UZgcF4-Iwqu3J1wGZWkA==

GET
DATA 200
OK truncated
/ 609 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 420 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5efce88ac7228ea159bcf7fd1cc56d73c19428394218706524bac0e9151d4c61

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 545 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 545 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 592 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fdd24bd96b3a482bc058d5c9bcfd6f1c664d91bbd47658d65ac5d852535f7fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 icon-brand-protect.png
www.recordedfuture.com/wp-content/uploads/ 4 KB
4 KB 52ms
43ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-brand-protect.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c23c7b5a64271af443cbff923966e7878bdbe67654ff666c1619e991be666775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/icon-brand-protect.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11889
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-snd2f
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 3905
cf-request-id: 0a9a2524550000022154b03000000001
x-served-by: cache-mdw17344-MDW, cache-wdc5550-WDC
last-modified: Wed, 05 Feb 2020 16:09:29 GMT
server: cloudflare
x-timer: S1623360710.780409,VS0,VE2
etag: "5e3ae8b9-f41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 9e75ed4a-c9b5-11eb-92ce-bebd5a5f06de
expires: Sat, 11 Jun 2022 06:32:24 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3b8b60221-ZRH
x-cache-hits: 1, 1

GET
H2 200 icon-secops.png
www.recordedfuture.com/wp-content/uploads/ 5 KB
5 KB 49ms
43ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-secops.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a09ca406e89e7b1d3172741824df92d81eb000aa3241559c573f1bf17bc4899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/icon-secops.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11889
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-vlzg6
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4735
cf-request-id: 0a9a25245500000221a0b10000000001
x-served-by: cache-mdw17328-MDW, cache-bwi5023-BWI
last-modified: Wed, 05 Feb 2020 16:09:33 GMT
server: cloudflare
x-timer: S1623360710.801216,VS0,VE1
etag: "5e3ae8bd-127f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 7593976b-c9b1-11eb-9d73-f6160bff9e0a
expires: Sat, 11 Jun 2022 06:02:38 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3b8b70221-ZRH
x-cache-hits: 0, 1

GET
H2 200 icon-threat-intel.png
www.recordedfuture.com/wp-content/uploads/ 3 KB
3 KB 50ms
44ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-threat-intel.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f76e86c6a29453f0e15e74069a1e105af353ff07abaf5b7fdbb599e7c3263741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/icon-threat-intel.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11889
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-568bv
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2590
cf-request-id: 0a9a2524550000022188a1c000000001
x-served-by: cache-mdw17325-MDW, cache-bwi5073-BWI
last-modified: Wed, 05 Feb 2020 16:09:28 GMT
server: cloudflare
x-timer: S1623360710.812281,VS0,VE1
etag: "5e3ae8b8-a1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 3508171a-b93e-11eb-ab43-d22b8ecde9c3
expires: Sat, 21 May 2022 07:37:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3b8b80221-ZRH
x-cache-hits: 1, 1

GET
H2 200 icon-vuln-mgmt.png
www.recordedfuture.com/wp-content/uploads/ 5 KB
6 KB 50ms
44ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-vuln-mgmt.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6759e1844268d4ab9f5c8a9c16c245b58c1b5cc8d8361ce751bf8902a0025293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/icon-vuln-mgmt.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11889
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-vlzg6
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5398
cf-request-id: 0a9a25245500000221be14f000000001
x-served-by: cache-mdw17331-MDW, cache-wdc5522-WDC
last-modified: Wed, 05 Feb 2020 16:09:32 GMT
server: cloudflare
x-timer: S1623360710.812444,VS0,VE1
etag: "5e3ae8bc-1516"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 05bf44f2-c853-11eb-ac4b-f6160bff9e0a
expires: Thu, 09 Jun 2022 12:14:06 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3b8b90221-ZRH
x-cache-hits: 1, 1

GET
H2 200 icon-third-party.png
www.recordedfuture.com/wp-content/uploads/ 5 KB
5 KB 49ms
43ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-third-party.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7223c0b2ffaafe54a5aa7784420e711a847bde036b3e8050c319e815a4b1aa33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/icon-third-party.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11889
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-snd2f
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5241
cf-request-id: 0a9a252455000002214cbd6000000001
x-served-by: cache-mdw17356-MDW, cache-bwi5025-BWI
last-modified: Wed, 05 Feb 2020 16:09:31 GMT
server: cloudflare
x-timer: S1623360710.814319,VS0,VE1
etag: "5e3ae8bb-1479"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 9ec8ed67-c9b5-11eb-92ce-bebd5a5f06de
expires: Sat, 11 Jun 2022 06:32:25 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3b8ba0221-ZRH
x-cache-hits: 1, 1

GET
H2 200 icon-geopoli.png
www.recordedfuture.com/wp-content/uploads/ 5 KB
5 KB 48ms
43ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-geopoli.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7915f988d90a47aff5003835c6e0255c3cb35247762ff36f005e7f94d5e8fbbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/icon-geopoli.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11889
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-vlzg6
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4916
cf-request-id: 0a9a25245500000221b9855000000001
x-served-by: cache-mdw17349-MDW, cache-bwi5038-BWI
last-modified: Wed, 05 Feb 2020 16:09:30 GMT
server: cloudflare
x-timer: S1623360710.818774,VS0,VE1
etag: "5e3ae8ba-1334"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 946d6148-c8ed-11eb-ac4b-f6160bff9e0a
expires: Fri, 10 Jun 2022 06:40:28 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3b8bb0221-ZRH
x-cache-hits: 1, 1

GET
H2 200 icon-overview.png
www.recordedfuture.com/wp-content/uploads/ 790 B
1 KB 50ms
44ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-overview.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

593f56bb9b00b639f6aadc57954f46080ce233d1bc01ef50f85720df619029f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/icon-overview.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11888
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-snd2f
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 790
cf-request-id: 0a9a25245500000221a1b96000000001
x-served-by: cache-mdw17334-MDW, cache-bwi5056-BWI
last-modified: Tue, 17 Dec 2019 15:13:34 GMT
server: cloudflare
x-timer: S1623360710.241289,VS0,VE1
etag: "5df8f09e-316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 3a80978d-bebe-11eb-92ce-bebd5a5f06de
expires: Sat, 28 May 2022 07:36:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3b8bc0221-ZRH
x-cache-hits: 1, 1

GET
H2 200 icon-portal.png
www.recordedfuture.com/wp-content/uploads/ 521 B
791 B 51ms
46ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-portal.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

613c27d45e0551e5862b4bbbf3c6f5241f73bc472ff15e84492f9b4f6579c58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/icon-portal.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11888
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-vlzg6
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 521
cf-request-id: 0a9a25245500000221a13e7000000001
x-served-by: cache-mdw17374-MDW, cache-bwi5072-BWI
last-modified: Tue, 17 Dec 2019 15:13:47 GMT
server: cloudflare
x-timer: S1623360710.253726,VS0,VE1
etag: "5df8f0ab-209"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 6b9acc46-c9b9-11eb-9d73-f6160bff9e0a
expires: Sat, 11 Jun 2022 06:59:37 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3b8bd0221-ZRH
x-cache-hits: 0, 1

GET
H2 200 menu-integrations-1-36x36.png
www.recordedfuture.com/wp-content/uploads/ 966 B
1 KB 52ms
46ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/menu-integrations-1-36x36.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec19e731a605af29732582f00be3657470562ad2c1059ce01e58feda8f8d141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/menu-integrations-1-36x36.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11888
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-d4scp
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 966
cf-request-id: 0a9a252456000002219094c000000001
x-served-by: cache-mdw17355-MDW, cache-bwi5056-BWI
last-modified: Sun, 15 Dec 2019 22:09:35 GMT
server: cloudflare
x-timer: S1623360710.262121,VS0,VE1
etag: "5df6af1f-3c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: c0b35271-c8e2-11eb-802b-16d95c1b4906
expires: Fri, 10 Jun 2022 05:22:58 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3b8be0221-ZRH
x-cache-hits: 1, 1

GET
H2 200 icon-services.png
www.recordedfuture.com/wp-content/uploads/ 5 KB
5 KB 51ms
46ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-services.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1026d9fb308f7ae9af4b10ee43618382be1a6313656b395da90681d6a10b1988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/icon-services.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11888
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-d4scp
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4639
cf-request-id: 0a9a252456000002217629f000000001
x-served-by: cache-mdw17343-MDW, cache-bwi5072-BWI
last-modified: Mon, 16 Dec 2019 20:33:19 GMT
server: cloudflare
x-timer: S1623360710.265399,VS0,VE1
etag: "5df7ea0f-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 1c5acfa1-c9bb-11eb-802b-16d95c1b4906
expires: Sat, 11 Jun 2022 07:11:43 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3b8bf0221-ZRH
x-cache-hits: 1, 1

GET
H2 200 icon-license.png
www.recordedfuture.com/wp-content/uploads/ 872 B
1 KB 55ms
50ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/icon-license.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db2af24bfef6358a1c62eb490dcef92470cfd816b84f7fac5c50ae79b1397f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/icon-license.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11888
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-snd2f
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 872
cf-request-id: 0a9a2524560000022148234000000001
x-served-by: cache-mdw17327-MDW, cache-bwi5083-BWI
last-modified: Tue, 17 Dec 2019 15:13:28 GMT
server: cloudflare
x-timer: S1623360710.271941,VS0,VE1
etag: "5df8f098-368"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 0be4ed50-b942-11eb-92ce-bebd5a5f06de
expires: Sat, 21 May 2022 08:04:48 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3b8c00221-ZRH
x-cache-hits: 0, 1

GET
H2 200 darkside-colonial-pipeline-breach.jpg
www.recordedfuture.com/wp-content/uploads/ 628 KB
629 KB 52ms
47ms Image
image/jpeg 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/uploads/darkside-colonial-pipeline-breach.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

365a0eb1df39308dbc95425f4eecdf60112a585749815b36a06c6776ef1b89ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/uploads/darkside-colonial-pipeline-breach.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2755
x-pantheon-styx-hostname: styx-fe2-b-d65d59d6b-hs9rn
x-cache: MISS, HIT
cf-bgj: h2pri
content-length: 643050
cf-request-id: 0a9a25245600000221729b7000000001
x-served-by: cache-mdw17343-MDW, cache-bwi5067-BWI
last-modified: Wed, 26 May 2021 18:10:29 GMT
server: cloudflare
x-timer: S1623369844.606259,VS0,VE3
etag: "60ae8f15-9cfea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-styx-req-id: 0105fe0e-c9c0-11eb-873c-322628bd3fb9
expires: Sat, 11 Jun 2022 07:46:45 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b3b8c10221-ZRH
x-cache-hits: 0, 1

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Origin: https://www.recordedfuture.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 footer-icons.png
www.recordedfuture.com/wp-content/themes/recorded-future-2019/img/ 1 KB
2 KB 17ms
16ms Image
image/png 104.18.13.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/img/footer-icons.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb54e94c545f03932d631cd985aff128d39396abed2de7cbb522b535493d0262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/recorded-future-2019/img/footer-icons.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.recordedfuture.com
referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.recordedfuture.com/wp-content/themes/recorded-future-2019/style.css?ver=3.6.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11888
x-pantheon-styx-hostname: styx-fe2-a-576dd86754-swfkk
x-cache: HIT, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1293
cf-request-id: 0a9a2524c2000002215fb99000000001
x-served-by: cache-mdw17332-MDW, cache-bwi5027-BWI
last-modified: Mon, 07 Jun 2021 18:58:22 GMT
server: cloudflare
x-timer: S1623360710.272539,VS0,VE1
etag: "60be6c4e-50d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f693588c-c854-11eb-8f48-2e705eee618f
expires: Thu, 09 Jun 2022 12:28:00 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 65d6d7b468f50221-ZRH
x-cache-hits: 1, 1

GET
H2 200 / Show response
load.sumo.com/ 2 KB
2 KB 73ms
20ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: PC8HJ80HEYAQHFM5
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:00:16
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: jgxRCZn8vbPkG8KaDnPuGUfRAMdbsjAflFFPD0sYKVobfoTTePN0uHKV26mxNpbKUJiA1xR9jmg=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:31:34 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=600
cdn-requestid: 3bdd3aa23664076230f5e0740d1b4212
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 materialdesignicons-webfont.woff2
cdn.materialdesignicons.com/3.5.95/fonts/ 184 KB
185 KB 74ms
32ms Font
font/woff2 185.59.220.193
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.materialdesignicons.com/3.5.95/fonts/materialdesignicons-webfont.woff2?v=3.5.95
Requested by: Host: cdn.materialdesignicons.com
URL: https://cdn.materialdesignicons.com/3.5.95/css/materialdesignicons.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-193.datapacket.com
Software: BunnyCDN-DE1-601 /
Resource Hash: 7201c12b0e82cd05a60c412f53f98f37cfec9616ef61f6e34d7d3a5293e440a5

Request headers

Origin: https://www.recordedfuture.com
Referer: https://cdn.materialdesignicons.com/3.5.95/css/materialdesignicons.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
cdn-edgestorageid: 722, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 21:30:47
cdn-pullzone: 190968
content-length: 188316
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Tue, 26 Feb 2019 05:52:58 GMT
server: BunnyCDN-DE1-601
cdn-requestpullcode: 200
content-type: font/woff2
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=7776000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: eafe358903c1f7f82655dbd90a6aab16
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H3-29 200 194163687656043 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/194163687656043?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1fa7c464dab5292a4a003b822fd19f75cc6751830aff4c270daf828735551fa2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75739
x-fb-rlafr: 0
pragma: public
x-fb-debug: RVCWU9Mccs1YtueVZqu8CM5/dd4W46WYkkXwU5SHx2LeMDrYOGUZ2qD2XhRtEhs0ib2s6Iqu5vHIVFqPXaaqEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 11 Jun 2021 00:49:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 20ms
6ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:49:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=81632
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
378 B 74ms
23ms XHR
text/plain 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e0031d2ca8607154d1b0bf8760ee5d1c8b38fb643abfbd41b08d3677f9e7e4e2

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:49:58 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.recordedfuture.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 246ms
196ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=609fce58-c73d-479e-8242-c7dfd4351f10&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A49%3A58%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:49:58 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

17ms
17ms

Script
application/javascript

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 2315
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1623372599.622068,VS0,VE0
x-served-by: cache-fra19173-FRA

Redirect headers

x-tw-cdn: VZ
Date: Fri, 11 Jun 2021 00:49:58 GMT
Server: ECS (frb/6712)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Content-Length: 0

GET
H2 200 252628.js Show response
js.hs-analytics.net/analytics/1623372300000/ 63 KB
19 KB 42ms
26ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1623372300000/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd9ef4e5f96881b0e06393b01a1be3d5bc305fcd5db934f11cbf624f597a59a

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 276
x-amz-server-side-encryption: AES256
x-amz-request-id: SJQKJPMZX85YC9EM
x-amz-id-2: SHNszGV/1nOtcUb2MvV7JSjYOG5Jkm8KuCVJ2NliR9OKsFALGMB+sWmhDysEPehGi0RtGpZ6f28=
last-modified: Wed, 12 May 2021 18:57:36 GMT
server: cloudflare
etag: W/"8b75207fa99f9374d95a48051c8d7d92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 0a9a25253f0000c281a3311000000001
cf-ray: 65d6d7b538efc281-FRA
expires: Fri, 11 Jun 2021 00:50:22 GMT

GET
H2 200 252628.js Show response
js.hs-banner.com/ 60 KB
15 KB 36ms
20ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 792599204b3470d68b161c0b0563d0fd34d94378a0fc469b8237480266bb08a3

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 121
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: FHG0M1M299WXHNR2
x-amz-id-2: BV+r1E/bhhVdWbFYuDZvkNeibDw362x8Z0ubQ71ACXvx7fK6VDBm4c+Fgqu8OaSAJOcOixj7vQw=
timing-allow-origin: *
last-modified: Thu, 27 May 2021 16:24:50 GMT
server: cloudflare
etag: W/"5866c0147754cfe58ba0160535a2c32e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: PzGKeZbJ72n93.Md6jSBqpQ8wMZpeNuX
access-control-allow-origin: https://therecord.media
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 0a9a25254000002b1aa61af000000001
cf-ray: 65d6d7b53f4b2b1a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 11 Jun 2021 00:52:56 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 17ms
17ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-539N74N
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 3023
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1623372599.589198,VS0,VE0
x-served-by: cache-fra19173-FRA

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1891
date: Fri, 11 Jun 2021 00:18:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 11 Jun 2021 02:18:27 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 30 B
214 B 452ms
115ms Script
application/javascript 50.16.226.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-539N74N
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.226.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-226-23.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 4e0b59f1cc02c30bd7937c35c744d703490e5fde77eeefda5d1efc6a7cad4307

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:49:58 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 30
Vary: Origin
Content-Type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9153858-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2957
date: Fri, 11 Jun 2021 00:00:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 11 Jun 2021 02:00:41 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 86 KB
34 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1003136084&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9153858-2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27449728016a02c64093b4a233d10829aafa71c82ecce4bbdd2f8530816a771a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34821
x-xss-protection: 0
last-modified: Fri, 11 Jun 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Jun 2021 00:49:58 GMT

POST
H/1.1 204
No Response matomo.php
recordedfuture.matomo.cloud/ 0
253 B 150ms
53ms Ping
text/plain 52.59.167.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/matomo.php?action_name=www.recordedfuture.com%2F&idsite=1&rec=1&r=134591&h=2&m=49&s=58&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&_id=ff1f194a97111a06&_idn=1&_rcn=hs_email&_refts=1623372599&send_image=0&cookie=1&res=1600x1200&pv_id=RqX5rk&fa_pv=1&fa_fp[0][fa_vid]=d6IHXB&fa_fp[0][fa_fv]=1&fa_fp[1][fa_vid]=CNNbKY&fa_fp[1][fa_fv]=1&pf_net=32&pf_srv=1383&pf_tfr=13&pf_dm1=304
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.167.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-167-155.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin: https://www.recordedfuture.com
Date: Fri, 11 Jun 2021 00:49:58 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 240ms
194ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=609fce58-c73d-479e-8242-c7dfd4351f10&event=click&q=%7B%22event_id%22%3A%22%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:49:58 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=194163687656043&ev=PageView&dl=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&rl=&if=false&ts=1623372598662&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623372598660.1164625877&it=1623372598506&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 11 Jun 2021 00:49:58 GMT

GET
H/1.1 200
OK configs.php Show response
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
360 B 32ms
28ms Script
application/javascript 52.59.167.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=1ck1pc&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.167.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-167-155.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 1a1757fa4a848cf6ef3a991a57577eb6c8f9aa4492f8ea855ecdf5f8bdcf228d

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:49:58 GMT
Content-Encoding: gzip
Server: Apache
Content-Length: 118
Vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
Content-Type: application/javascript

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1623372598678&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D26800%26time%3D1623372598678%26url%3Dhttps%253A%252F%252Fwww.recordedfuture.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1623372598678&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1623372598678&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140...

0
155 B

369ms
153ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1623372598678&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&liSync=true&e_ipv6=AQIruQzSPnyQzgAAAXn4jBAx1x7OsmFWzGSdqwbOztVJ4M7NbOS1wXkWYxb-esrJgOdh1hJd
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:59 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: NWoVRsdghxZQ2LmW7CoAAA==

Redirect headers

date: Fri, 11 Jun 2021 00:49:59 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1623372598678&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&liSync=true&e_ipv6=AQIruQzSPnyQzgAAAXn4jBAx1x7OsmFWzGSdqwbOztVJ4M7NbOS1wXkWYxb-esrJgOdh1hJd
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: A6BWMcdghxZgcwQV4ioAAA==

GET
H2 200 72.0a035390359aab65eb82.js Show response
load.sumo.com/ 131 KB
43 KB 24ms
23ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: JMNR2E5CMEK65Y0A
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:33:49
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: XalRiBeGqeeb8EqfdC2PmWiM7Zr9y8wF9DwedQ+fkIBKqX3tfHjot226VqRr26ZzcWWx7GskzPc=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:31:11 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 93cc9d4c9c94f14b6223e31f000661ab
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 73.0a035390359aab65eb82.js Show response
load.sumo.com/ 289 KB
99 KB 38ms
38ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 00X5DEXAP0E7XNW2
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:33:48
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: KfBD78JxVn9sYlkF157qwkt+aWuLpEt0DX9iveytSQsTQ9Ke4XmR5Ezh7Xscsf+41OELocw0tag=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:31:11 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 677ed650b80f5615a487a442c4817a1d
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MV8X7B7&t=gtag_UA_9153858_2&cid=223659066.1623372599

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51248bf7921047ec9404bda7a3f7c9cae9ee652d88c016779cbe4dbadb5ade58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35555
x-xss-protection: 0
last-modified: Fri, 11 Jun 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Jun 2021 00:49:58 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 30ms
30ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1003136084&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

3ac71c3ae051581f7cf3ecefdb030e36b15501920e0584c10a84167d516540ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13990
x-xss-protection: 0
server: cafe
etag: 17037312688149531852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 00:49:58 GMT

GET
H3-29 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 27ms
13ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1274139825&utmhn=www.recordedfuture.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F&utmhid=1845482640&utmr=-&utmp=%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&utmht=1623372598726&utmac=UA-XXXYYYZZZ-1&utmcc=__utma%3D93161374.223659066.1623372599.1623372599.1623372599.1%3B%2B__utmz%3D93161374.1623372599.1.1.utmcsr%3Dhs_email%7Cutmccn%3D(not%2520set)%7Cutmcmd%3Demail%7Cutmcct%3D133017140%3B&utmjid=1346795680&utmredir=1&utmu=qhAgAAAAAAAAAAAAAAABAAAE~

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 00:49:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
165 B 123ms
123ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv0r6&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 11 Jun 2021 00:49:58 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 78b25f7b9694966d78eb6f8be320651f116899b1618e2d6437c3611dbda9ed0c
x-transaction: e64de0485d9c2d36
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
117 B 138ms
138ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv0r6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 11 Jun 2021 00:49:58 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 78b25f7b9694966d78eb6f8be320651f116899b1618e2d6437c3611dbda9ed0c
x-transaction: aeb0be3fb28e19bc
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1845482640&t=pageview&_s=1&dl=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=93161374.223659066.1623372599.1623372599.1623372599.1&_utmz=93161374.1623372599.1.1.utmcsr%3Dhs_email%7Cutmccn%3D(not%2520set)%7Cutmcmd%3Demail%7Cutmcct%3D133017140&_utmht=1623372598787&_u=aGBCAUADQAAAAC~&jid=1799453667&gjid=127590291&cid=223659066.1623372599&tid=UA-9153858-2&_gid=681406177.1623372599&_r=1&gtm=2ou690&z=329284475

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 00:49:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1845482640&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blog%20Tracking&ea=Post%20Type%20Blog%20Tracking&el=Blog%20Tracking%20%7C%7C%20https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&_utma=93161374.223659066.1623372599.1623372599.1623372599.1&_utmz=93161374.1623372599.1.1.utmcsr%3Dhs_email%7Cutmccn%3D(not%2520set)%7Cutmcmd%3Demail%7Cutmcct%3D133017140&_utmht=1623372598796&_u=aGDCAUADQAAAAC~&jid=419939823&gjid=421178974&cid=223659066.1623372599&tid=UA-9153858-2&_gid=681406177.1623372599&_r=1&gtm=2wg690539N74N&z=1353384223

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 00:49:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1003136084/ 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1003136084/?random=1623372598810&cv=9&fst=1623372598810&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa690&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&tiba=Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

691d7daa458df06d071f635cc8ec576a929ca26e2146070c81d0aa7fcf878999

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 00:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-9153858-2&cid=223659066.1623372599&jid=1799453667&gjid=127590291&_gid=681406177.1623372599&_u=aGBCAUACQAAAAC~&z=1093305435

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Jun 2021 00:49:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-9153858-2&cid=223659066.1623372599&jid=419939823&gjid=421178974&_gid=681406177.1623372599&_u=aGDCAUADQAAAAC~&z=618747466

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Jun 2021 00:49:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-9153858-2&cid=223659066.1623372599&jid=1799453667&_u=aGBCAUACQAAAAC~&z=793682388

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 00:49:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-9153858-2&cid=223659066.1623372599&jid=1799453667&_u=aGBCAUACQAAAAC~&z=793682388

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 00:49:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-9153858-2&cid=223659066.1623372599&jid=419939823&_u=aGDCAUADQAAAAC~&z=37083264

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 00:49:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-9153858-2&cid=223659066.1623372599&jid=419939823&_u=aGDCAUADQAAAAC~&z=37083264

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 00:49:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1003136084/ 42 B
108 B 17ms
16ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1003136084/?random=1623372598810&cv=9&fst=1623369600000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa690&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&tiba=Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F&async=1&fmt=3&is_vtc=1&random=85930575&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 00:49:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1003136084/ 42 B
64 B 27ms
26ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1003136084/?random=1623372598810&cv=9&fst=1623369600000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa690&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&tiba=Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F&async=1&fmt=3&is_vtc=1&random=85930575&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 00:49:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1845482640&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=IP&ea=Sent&_utma=93161374.223659066.1623372599.1623372599.1623372599.1&_utmz=93161374.1623372599.1.1.utmcsr%3Dhs_email%7Cutmccn%3D(not%2520set)%7Cutmcmd%3Demail%7Cutmcct%3D133017140&_utmht=1623372599056&_u=aGDCAUADQAAAAC~&jid=&gjid=&cid=223659066.1623372599&tid=UA-9153858-2&_gid=681406177.1623372599&gtm=2wg690539N74N&cd17=91.132.136.68&z=393473209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 21:45:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11087
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 13ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryYllKA8kpYxlBs2Ao

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 11 Jun 2021 00:49:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 195ms
195ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=64bb10022140000036b3c260a001000073952100&session=609fce58-c73d-479e-8242-c7dfd4351f10&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A49%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A49%3A58%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:49:59 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 06BC 4 KB
1 KB 125ms
125ms Document
text/html 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1623372600000/mp5rtwcnz2nd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6e68323becc53d587a72feb392bf8282e51d08bad025732b74eb5ea33614b7e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.recordedfuture.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.recordedfuture.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 10 Jun 2021 18:11:35 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: JKDpMNWuf0_pY6hCGa2OL1obxoiHqA7q
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 11 Jun 2021 00:49:59 GMT
cache-control: no-cache
etag: W/"a7c96fb9029f3d5291c6251152e7d5d9"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: g8_m-HPuJ835ushYnbMK0hIjfwS3exYDaHWtfQGzA1P4jxv98EX8cw==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame A1D8 4 KB
1 KB 122ms
122ms Document
text/html 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1623372600000/mp5rtwcnz2nd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6e68323becc53d587a72feb392bf8282e51d08bad025732b74eb5ea33614b7e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.recordedfuture.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.recordedfuture.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 10 Jun 2021 18:11:35 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: JKDpMNWuf0_pY6hCGa2OL1obxoiHqA7q
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 11 Jun 2021 00:49:59 GMT
cache-control: no-cache
etag: W/"a7c96fb9029f3d5291c6251152e7d5d9"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DLk_bu-nSgzmdfF7oxfAKsjyhu2lgdvK4cbxHW9x9W2Fcf69yfE_Og==

GET
H2 200 nr-1209.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 18ms
17ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1209.min.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ilyf2heqjbcb6UZHMuleD6bz44kdIrhk
content-encoding: gzip
etag: "ceffb14d16467e17c5360bf7880099fa"
x-amz-request-id: 5748RK4XNY0JFAXS
x-cache: HIT
content-length: 11738
x-amz-id-2: Bgz/pgtJbcxVQT1M95LrS9P8w6ydNOlS7rqz4RAI+tM5Ek3RKKQrMB0BxrzJZwT8Jt6pEpDvSuo=
x-served-by: cache-fra19171-FRA
last-modified: Thu, 20 May 2021 23:21:18 GMT
server: AmazonS3
x-timer: S1623372600.795256,VS0,VE0
date: Fri, 11 Jun 2021 00:49:59 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3034

GET
H2 200 loader-v2.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 6 KB
2 KB 153ms
145ms Script
text/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/loader-v2.js?__hsfp=2736934676&__hssc=57501621.1.1623372599793&__hstc=57501621.b7289097c5e628e0b34b92bfcd48013f.1623372599792.1623372599792.1623372599792.1&canon=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F&hsutk=b7289097c5e628e0b34b92bfcd48013f&pg=9210833d-34a7-4597-ade0-03e16dcbc24c&pid=252628&sv=cta-embed-js-static-1.36&utm_medium=email&lag=1365&rdy=1&df=a

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7407b5777263dd854442f600dc0112bdd434f4a6cb2a84bbf4ffd6fb89e726f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7e4e4db8-6d0b-4b38-ab16-dde118fefbd6
cf-ray: 65d6d7bccb11c2f9-FRA
content-disposition: attachment; name="loaderJS" filename="loader-v2.js"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9a2529fd0000c2f95885a000000001
server: cloudflare
x-trace: 2B41EA3938BA86AA9F4BB61CC2D5D8329321432DD6000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zYWAtE7sq6rW3xJJbB2N%2BiJ90Pgkuw9tRSEWJUXg6xfRJ1%2Fl1DeZJ6SMj158fA5ogSQEXX6DEltYhRI3LnlrKNKQzSM9edWPaiG3vP3DCz29iUMIAT6BP1lzczBrIIrVP3m1sIl7XH%2F04kM%2BmzbxyNZR3hAH"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow

GET
H2 200 loader-v2.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 7 KB
3 KB 121ms
113ms Script
text/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/loader-v2.js?__hsfp=2736934676&__hssc=57501621.1.1623372599793&__hstc=57501621.b7289097c5e628e0b34b92bfcd48013f.1623372599792.1623372599792.1623372599792.1&canon=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F&hsutk=b7289097c5e628e0b34b92bfcd48013f&pg=a7fb8b5c-b14d-4030-a76d-26dbc96ab43b&pid=252628&sv=cta-embed-js-static-1.36&utm_medium=email&lag=1364&rdy=1&df=a

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eef77b75ba6e819074e8060dba3fe81f8aa70303c93d30548b42931bf73433e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: fe43ad0b-463f-4532-a3dd-eb2218106139
cf-ray: 65d6d7bccb12c2f9-FRA
content-disposition: attachment; name="loaderJS" filename="loader-v2.js"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9a2529fe0000c2f9ad02d000000001
server: cloudflare
x-trace: 2B0021A2FA2D724DF84A54AD309B231094FF6B9085000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=41sZ6TvOLNphfdbZWZHZyYoSXb8kiOK0xYTaqooSoc0oMAYNJJHoVw5FjJnwYfakF%2F1MRRPm8%2Fgfpi8BUGySHbIQ%2FRMnbRZeJjXg09VXLX90x0qGwhMQTXpb8csBWcJUGkR6eRyc3o2DWpfqLa8pTNs4hOFX"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
722 B 35ms
34ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=252628&rcu=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F&pu=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&t=Who+is+Darkside%E2%80%94The+Group+Behind+the+Colonial+Pipeline+Breach%3F&cts=1623372599798&vi=b7289097c5e628e0b34b92bfcd48013f&nc=true&u=57501621.b7289097c5e628e0b34b92bfcd48013f.1623372599792.1623372599792.1623372599792.1&b=57501621.1.1623372599793&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:59 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: fe318cd9-aa70-47b7-8c0f-06ae4a6cfba9
cf-ray: 65d6d7bccb10c2f9-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
cf-request-id: 0a9a2529fd0000c2f9782e4000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cUU%2BfOfTv2uddowLUywj0X8zISt19sZZmfN8OUFydg4JlBHP7XkVFFDxifcfB7jFo7wjU1RYlRC0T2oI45hcOJgB37tkADjfOKOa0eNGJ42ARBlXCwwbhl83%2BYryxdm4BH4mVZpdkTXlCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
280 B 127ms
126ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv0r6&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 11 Jun 2021 00:49:59 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 164b32388b5bc0b56e29c682de487ad8ad9911d670fc72aef8482e778d0aabc9
x-transaction: a77c5fae66f20d65
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
234 B 132ms
131ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv0r6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 11 Jun 2021 00:49:59 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 164b32388b5bc0b56e29c682de487ad8ad9911d670fc72aef8482e778d0aabc9
x-transaction: e0e2db144820d9d4
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700&ver=5.7.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.recordedfuture.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:14:26 GMT
x-content-type-options: nosniff
age: 214533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:14:26 GMT

POST
H2 200 / Show response
sumo.com/api/load/ 953 B
1 KB 610ms
200ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

399105333fa5f4fd6ff5aea4506dc6d3ae44496bda62bc25b34ef7a2f75e0b20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
vary: Origin, Accept-Encoding
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 953

GET
H/1.1 200
OK da2b64f2d4 Show response
bam.nr-data.net/1/ 57 B
275 B 516ms
128ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/da2b64f2d4?a=155511080&v=1209.f04e2b9&to=ZVxUY0UAD0AEAENQClwWd1RDCA5dShBeVwJeXA%3D%3D&rst=3186&ck=1&ref=https://www.recordedfuture.com/darkside-colonial-pipeline-breach/&ap=762&be=1581&fe=3153&dc=1915&perf=%7B%22timing%22:%7B%22of%22:1623372596633,%22n%22:0,%22f%22:155,%22dn%22:156,%22dne%22:157,%22c%22:157,%22s%22:168,%22ce%22:187,%22rq%22:188,%22rp%22:1571,%22rpe%22:1584,%22dl%22:1573,%22di%22:1877,%22ds%22:1915,%22de%22:1918,%22dc%22:3146,%22l%22:3152,%22le%22:3178%7D,%22navigation%22:%7B%7D%7D&fp=1803&fcp=2184&at=SRtXFQ0aHE4%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1209.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H2 200 runtime~main.f8467414.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 5 KB
3 KB 21ms
19ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

305e3f63a9ea36a8d35776ba48bb8baa08ecd8e678931dd689200a418456649b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:08 GMT
server: nginx
etag: W/"d5316e5389640d578282851792867cdb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eKnBHVaSDcvsdLXjDGbhresHjhYedTjD
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QNs9APxvZ-dIL9_2oNin4yn5rlmXQcUc9A_EGebrfag7WmCTUQznQA==

GET
H2 200 42.1d3e72f0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 40 KB
12 KB 23ms
20ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

42b6a4cb0223e8edcf8a735efce1e53d8ab0b2604f31606ea6e4e454755a46de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"6bafacd7106b1f1a919e0d9db9ac2d45"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PsraKE5Rqpn1WCq0VTYjZOvkR1qNgwsQ
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 35MR5i9wZVTZrxGrDG9QBbt70xqFTzkOljYjR26eloN3BWXiVpboLA==

GET
H2 200 25.3ad21d5f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 42 KB
12 KB 25ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.3ad21d5f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e9618225f87a07ea43af2674ce4207adfb0897b1bb6aaf2157b502ee89538aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"505015ae57a46f8d45f6393ec7549ede"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Mo_zy1ksUoC1wF0C0Kb2Mfkbb80QKle1
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nmwCEhnO7ANQttR13QwKLuFVqSWzR_DfBXtwxgB6R6jqHL8KtfBU4g==

GET
H2 200 40.f7d72950.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 23 KB
7 KB 25ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.f7d72950.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f469f0f2ec90c279cfe0e1a54b280d51e700fd6454ca7bffd7202df3dd7d6b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"8d32077d11bf130936ad9f6b2796c9e5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IztndX_FtIwJA1wjdnknjusFhKQvrAWn
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WdfPvxVwS86IOxEygML1XkWSoIXA6S5Cw8OEdlZ0rRQRQO9rSXaE8Q==

GET
H2 200 22.9acf1962.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 16 KB
5 KB 27ms
24ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.9acf1962.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

0bc5a66e21f8648156fcbc214136ac5ff60d0adc8c9e438a2b769a83f5075d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"8270d313e55bc5cda4436c12c7c8efca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: BDxh3Fo2DoBJW9cBWFp5.5s4o4CX96EV
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9xO4-de_PwplL0jvtE5_3hVLj3nHbMcqdHEnGk5klv6xmwnfuLYLGg==

GET
H2 200 36.2cef282c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 17 KB
6 KB 27ms
24ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.2cef282c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9ae3331ec7a341b12a352038820ade9dfc4f8946ec365397abf5b5a9a6f74b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"927e45b8993175159e1e9856122c937c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ao6lr74fcDw5JSJPXySF7ZNwybNy8h6G
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DP7Lf3hhxT7hvfoBADxmn7LCPEAvdsxPAApCm2W52d3HrVd_-ObmXw==

GET
H2 200 32.48b4a528.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 48 KB
15 KB 27ms
25ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.48b4a528.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

106a6f15d7a3e5d58d45ec5cdc5895303f8d89fb297d7144776d6a61ed43ec88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"a78e63a18295c0d6b9b738183ec44511"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u_Z8TtISpqZ_5Q3EUL9.qOa_OzI.rDBV
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t33rv-Yi2MtFw1mSNL2WtBZMv0a8LyfD0cBOu3w6xA8jvHATRLKvWA==

GET
H2 200 18.afae54c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 29 KB
8 KB 27ms
25ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.afae54c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e7657b3001a9523fb81152df7eb790ac0e7c7a163d06c31c5052b6e1b25ca77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 3581757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"aa46b8d2411ca710860501cb70b87aa6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RsEAITRzirmwXWJLuxexiqSCME3tTtns
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _MR_pPqbvTblIpDTB5BnDQRPG4CalnDFvpqeaccl3bz1Qpqf7IIfaQ==

GET
H2 200 19.96441b8b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 39 KB
10 KB 27ms
25ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.96441b8b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2f5cdaaa7889492b45c17f3fd0d79f8a7f72fccb1bb40ad956b37bf11d8c0175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 6666897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:09 GMT
server: nginx
etag: W/"854e298ba40cc0c37109059dacdab629"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MzIZE0mgaY7m.fGb.LX9IlVUAL8cjvev
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FU0Bn33jsAu5jn4qQ6onip3Wy_gJgXZvP77qTuXh_-O1O9DdIraKDg==

GET
H2 200 38.352fecdd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 52 KB
18 KB 27ms
25ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.352fecdd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

3356dfe5f7449f95f2518779c2cde62577d323f32a8742179400e24d242aa820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"f5344e718d92b730a8438d79fcbc17e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6tdMMIlFk57Tdpv5c9NuZd0QguYiTalf
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tpjmO_dNXNwUdXTVtADqm1oAIXnqi6FbcGxzWi9SQMkuKOgAHxmELw==

GET
H2 200 35.57bc2812.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 24 KB
10 KB 37ms
36ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.57bc2812.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6336f71e33dee69b46657b12675fad734c11b8fb43782f5db75d5cb3ce84d785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"3749f56217551e2a96eef995213d9832"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OYsSCDH.OueWQ7Fjc3Wye7OLkxk5vnaR
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _oumtFTpBtnI1CaKtO2OCxzSTnnb35OEzoXAhGQ2REXn8PC5wQLAUA==

GET
H2 200 24.7bbe74f0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 14 KB
5 KB 38ms
36ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.7bbe74f0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

76f73bfe436a71077f252ade8fb13fdd724a8f1a40fa2ec8bcf65b413a0e6939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"c7ac762c256cb1f0ca73524a8cd0714b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nlhdhxhcru.01V0uXFfcDupLe.RJ8qN2
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6ymQILfHA42RbHCzrZbP3wKMJlc8at0sOSLsIqC6D7og2t6k8K0_2g==

GET
H2 200 14.b0278960.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 60 KB
21 KB 38ms
36ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.b0278960.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d75c1823f06b25faffc4d8177e4fbad465186322ee07a862adabf1de9f6606ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 3581757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:10 GMT
server: nginx
etag: W/"f0ce14b295202c78f02177e314fdf340"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XvmmE.MlaEpf2uz.SJHuSFnPeHj97JvY
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nTevVghY3YiEJTJ87nns5HrsAlyAcCCYECikYASftD-Zpqb7XZexZA==

GET
H2 200 main~493df0b3.74141887.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 21 KB
7 KB 38ms
37ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.74141887.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

77af654a0951e9a142e3378e3095fe84c189836e76ffe57cbdebaa179c850c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:03:54 GMT
content-encoding: gzip
age: 193565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 18:42:42 GMT
server: nginx
etag: W/"01f7cb02a3313d3a0b5f194c6db0705f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Te02jZyQg2jBgFXG29moFYWHcmYCkUxU
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D11AgigDlgADYgFNs1u8IdttcXA9ARE1V4IhYt2AyRBqJAvyvtva-g==

GET
H2 200 main~970f9218.36085d6c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 65 KB
17 KB 38ms
37ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.36085d6c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

aef0d2e070e93be6c5e0aab807ccd79bd79582e05ab72de313f85c94828d5a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:03:54 GMT
content-encoding: gzip
age: 193565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 18:42:43 GMT
server: nginx
etag: W/"f5b542b6c11c933ce9a4c73e8795cb14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZhMUR0zC2QNyCHG2GziHcwq20SYQylXW
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rc_rgQLpF6etb4B8VXAnq_ZNZ4JIHRFkOXDjgCCD8f75cQ-lrthrvg==

GET
H2 200 main~89e24786.4ef06ffd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 65 KB
18 KB 38ms
37ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.4ef06ffd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

297cd80b4252e15bcc935658af668724a6e585e147618bd30131a27c7f84dab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:32:16 GMT
content-encoding: gzip
age: 202663
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 15:23:26 GMT
server: nginx
etag: W/"1231cd411994e9ad2fdb7904122da2f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Yakx1ozrO4t6dW4GRtuoyMsxMyvL.SMq
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J5eHfjZ09tKv8ODLnfXqOidUGJncm-1M7HsYpNCRet3vGh--mX8zGg==

GET
H2 200 main~53ca99a6.ec52d756.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 30 KB
10 KB 38ms
37ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.ec52d756.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

880f4e93ae7ed8a4b6f6920ae622cfb15ad63e4f8d1b1e7f599b37d487ce2292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:08 GMT
server: nginx
etag: W/"c627de88af058cc3aecc7e6ab97cdd66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: thpFT7z_iwBSSxu.Bqk7Ebl91OSAqdHz
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: A7wjplQfktV4n09K_A0NMdXjQnQpahfYh-ZwFnKv6Io-02pef7hBFA==

GET
H2 200 runtime~main.f8467414.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 5 KB
3 KB 35ms
32ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

305e3f63a9ea36a8d35776ba48bb8baa08ecd8e678931dd689200a418456649b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:08 GMT
server: nginx
etag: W/"d5316e5389640d578282851792867cdb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eKnBHVaSDcvsdLXjDGbhresHjhYedTjD
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 96TFPt0EBji4AK6OtLtU6uewqy5lngwcb5OjyqaxDRaThli15cTcVg==

GET
H2 200 42.1d3e72f0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 40 KB
12 KB 35ms
31ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

42b6a4cb0223e8edcf8a735efce1e53d8ab0b2604f31606ea6e4e454755a46de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"6bafacd7106b1f1a919e0d9db9ac2d45"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PsraKE5Rqpn1WCq0VTYjZOvkR1qNgwsQ
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UoqHI_RiYh7FBw6SdrlOBh2zHkOEyH1sgMHG0GeOD2SX6bnw5SV1VA==

GET
H2 200 25.3ad21d5f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 42 KB
12 KB 34ms
31ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.3ad21d5f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e9618225f87a07ea43af2674ce4207adfb0897b1bb6aaf2157b502ee89538aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"505015ae57a46f8d45f6393ec7549ede"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Mo_zy1ksUoC1wF0C0Kb2Mfkbb80QKle1
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hgvNOz_EyLYPqhZRgr9dOShoND_9RwYTIDKvY1i-_y5WE45rLNPZxA==

GET
H2 200 40.f7d72950.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 23 KB
7 KB 34ms
31ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.f7d72950.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f469f0f2ec90c279cfe0e1a54b280d51e700fd6454ca7bffd7202df3dd7d6b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"8d32077d11bf130936ad9f6b2796c9e5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IztndX_FtIwJA1wjdnknjusFhKQvrAWn
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 286TbuMS7x-l-kl9381NC0UNx-PspcD5mXOAIE0E4keL2l3AOKXtRQ==

GET
H2 200 22.9acf1962.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 16 KB
5 KB 35ms
32ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.9acf1962.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

0bc5a66e21f8648156fcbc214136ac5ff60d0adc8c9e438a2b769a83f5075d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"8270d313e55bc5cda4436c12c7c8efca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: BDxh3Fo2DoBJW9cBWFp5.5s4o4CX96EV
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bR71oKXIISgPY7-AVbktcpbXSeB5Z0dV5-Z5ghEKDGfSlMLMWXI2dg==

GET
H2 200 36.2cef282c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 17 KB
6 KB 35ms
32ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.2cef282c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9ae3331ec7a341b12a352038820ade9dfc4f8946ec365397abf5b5a9a6f74b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"927e45b8993175159e1e9856122c937c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ao6lr74fcDw5JSJPXySF7ZNwybNy8h6G
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N37MLoeQwNRnjJJX0ovmjEq_sjsPNkBFUljnR6ufmfTRVXlxwPie5g==

GET
H2 200 32.48b4a528.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 48 KB
15 KB 35ms
32ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.48b4a528.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

106a6f15d7a3e5d58d45ec5cdc5895303f8d89fb297d7144776d6a61ed43ec88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"a78e63a18295c0d6b9b738183ec44511"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u_Z8TtISpqZ_5Q3EUL9.qOa_OzI.rDBV
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DjhhGXC-ND_ukE-EGFG7cwezKoo74GJnfdL5pSP2Re8BmB4GpAcGkQ==

GET
H2 200 18.afae54c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 29 KB
8 KB 34ms
32ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.afae54c8.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e7657b3001a9523fb81152df7eb790ac0e7c7a163d06c31c5052b6e1b25ca77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 3581757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"aa46b8d2411ca710860501cb70b87aa6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RsEAITRzirmwXWJLuxexiqSCME3tTtns
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mwIDvkNBfIEbVRametstfscSMyYCD6dBsPtPeg6xTvs8ZzUaffkC5w==

GET
H2 200 19.96441b8b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 39 KB
10 KB 34ms
32ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.96441b8b.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2f5cdaaa7889492b45c17f3fd0d79f8a7f72fccb1bb40ad956b37bf11d8c0175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 6666897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:09 GMT
server: nginx
etag: W/"854e298ba40cc0c37109059dacdab629"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MzIZE0mgaY7m.fGb.LX9IlVUAL8cjvev
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -68_ALlZ4ErT_ZKWcoLurfThzst2c6wztIkhqWq8ivYgFa75APdJlg==

GET
H2 200 38.352fecdd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 52 KB
18 KB 35ms
32ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.352fecdd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

3356dfe5f7449f95f2518779c2cde62577d323f32a8742179400e24d242aa820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:43 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"f5344e718d92b730a8438d79fcbc17e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6tdMMIlFk57Tdpv5c9NuZd0QguYiTalf
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 62H-P-uirGRvzjPus3dpxQcCJrCWfEKELWhRyE62_zTtj4LmjOMPSQ==

GET
H2 200 35.57bc2812.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 24 KB
10 KB 35ms
33ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.57bc2812.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6336f71e33dee69b46657b12675fad734c11b8fb43782f5db75d5cb3ce84d785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"3749f56217551e2a96eef995213d9832"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OYsSCDH.OueWQ7Fjc3Wye7OLkxk5vnaR
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Co8NHqBNomsXzn_RRUUvqw6SOWNGCSCjmGPmYZpD4O0xMyZYAO0f6g==

GET
H2 200 24.7bbe74f0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 14 KB
5 KB 35ms
33ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.7bbe74f0.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

76f73bfe436a71077f252ade8fb13fdd724a8f1a40fa2ec8bcf65b413a0e6939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 2091615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"c7ac762c256cb1f0ca73524a8cd0714b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nlhdhxhcru.01V0uXFfcDupLe.RJ8qN2
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BI3tK4N8twCFqsYsAf51X1CZ9Hkq_AW_XppFIZ_qX0OJU8NeQRmdPQ==

GET
H2 200 14.b0278960.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 60 KB
21 KB 35ms
33ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.b0278960.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d75c1823f06b25faffc4d8177e4fbad465186322ee07a862adabf1de9f6606ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 3581757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:10 GMT
server: nginx
etag: W/"f0ce14b295202c78f02177e314fdf340"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XvmmE.MlaEpf2uz.SJHuSFnPeHj97JvY
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: x1Tce_9mjJpDGdu4H2Zd3PNK9-npVuNJq0MGtPfMhEVjfd02xhwCkg==

GET
H2 200 main~493df0b3.74141887.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 21 KB
7 KB 35ms
33ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.74141887.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

77af654a0951e9a142e3378e3095fe84c189836e76ffe57cbdebaa179c850c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:03:54 GMT
content-encoding: gzip
age: 193565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 18:42:42 GMT
server: nginx
etag: W/"01f7cb02a3313d3a0b5f194c6db0705f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Te02jZyQg2jBgFXG29moFYWHcmYCkUxU
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gEBlZKuan6rgMCwVALv-HDGtDPdSjlUQmDleH4NfpThmOJLBiuas6Q==

GET
H2 200 main~970f9218.36085d6c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 65 KB
17 KB 35ms
33ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.36085d6c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

aef0d2e070e93be6c5e0aab807ccd79bd79582e05ab72de313f85c94828d5a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:03:54 GMT
content-encoding: gzip
age: 193565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 18:42:43 GMT
server: nginx
etag: W/"f5b542b6c11c933ce9a4c73e8795cb14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZhMUR0zC2QNyCHG2GziHcwq20SYQylXW
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s_uCoztggOWzHtj9Tq3vn8f576965Jhs1bFO-On2Adj8UKe1carsXg==

GET
H2 200 main~89e24786.4ef06ffd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 65 KB
18 KB 35ms
34ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.4ef06ffd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

297cd80b4252e15bcc935658af668724a6e585e147618bd30131a27c7f84dab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:32:16 GMT
content-encoding: gzip
age: 202663
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 15:23:26 GMT
server: nginx
etag: W/"1231cd411994e9ad2fdb7904122da2f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Yakx1ozrO4t6dW4GRtuoyMsxMyvL.SMq
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uNpafY7D3GtZm-JbWiDqM1qCBq3oEDraBpyqiJCj0ckc0jbHuiYIGw==

GET
H2 200 main~53ca99a6.ec52d756.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 30 KB
10 KB 35ms
34ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.ec52d756.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

880f4e93ae7ed8a4b6f6920ae622cfb15ad63e4f8d1b1e7f599b37d487ce2292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:08 GMT
server: nginx
etag: W/"c627de88af058cc3aecc7e6ab97cdd66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: thpFT7z_iwBSSxu.Bqk7Ebl91OSAqdHz
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _kTpxBU3MDI7yztiPqFcceYvn1H2gZLIx2z0pG5pP-7RSw2y3YokFQ==

GET
H3-29 200 __ptq.gif
track.hubspot.com/ 45 B
792 B 48ms
37ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22a7fb8b5c-b14d-4030-a76d-26dbc96ab43b%22%2C%222e21fef8-db34-4568-83d3-81489939d16f%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=252628&rcu=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F&pu=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&t=Who+is+Darkside%E2%80%94The+Group+Behind+the+Colonial+Pipeline+Breach%3F&cts=1623372599926&vi=b7289097c5e628e0b34b92bfcd48013f&nc=true&u=57501621.b7289097c5e628e0b34b92bfcd48013f.1623372599792.1623372599792.1623372599792.1&b=57501621.1.1623372599793&cc=15

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:49:59 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2d210352-4d6b-41a8-9dac-ebd086ead63d
cf-ray: 65d6d7bd9b81dfcf-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
cf-request-id: 0a9a252a830000dfcf62088000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9ZHCL8vxgXCd67cuaP%2BsGPJZruynnxV4a0WXYa4078MEBfWwH1YXYAUxhEkEuUttd5zbMnjb6HRm0jUCuOtuK4NOY8QLRN5ZeCBxleoXYyfhsEKyJSjj%2FEHZk5WeLB7mG9I5pzolB6crng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-29 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
729 B 131ms
131ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=252628&pg=a7fb8b5c-b14d-4030-a76d-26dbc96ab43b&lt=1623372598432&dt=1623372599796&at=1623372599937&ae=1&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: e89e67fd-054a-4856-91b5-0aaa9812053e
x-trace: 2B9DF66433C7233D65A2F42BACDD98955E2001F07E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B8aPgHYlE82jErzCvf5ZnOeZUJjDLBlzqjz4phT80ic%2FMu7Wa%2FmkbEwyVTZ9Z%2BgT7BaEiapVXAewok4OMjTz544R0juZUlRqD37mOg7rxFfJjkP4eEWJ3mWC205wMWoKQk4nVDZsm1NHq2A1j8%2FJsEFrurev"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 65d6d7bd9b82dfcf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9a252a830000dfcf6b96d000000001
x-robots-tag: noindex, follow

GET
H2 206 Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
go.recordedfuture.com/hubfs/video/ 320 KB
0 23ms
22ms Media
video/mp4 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/hubfs/video/Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.recordedfuture.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

cf-request-id: 0a9a252a8f00000601b43b2000000001
x-amz-meta-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
age: 1379176
x-amz-server-side-encryption: AES256
edge-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 57Z0CXS092WQWW5Y
etag: "00a848b44bdd5610587cef8a45019e4e"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1610485568833
content-type: video/mp4
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Fri, 11 Jun 2021 00:49:59 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
Content-Range: bytes 0-4269036/4269037
Content-Length: 4269037
x-amz-id-2: T5G39U4gPxp71FLSbTkiy+kJFB+0KT7m9qyOZ9++sDSpjSxrzt3j104uE6XN7upP1eLvf/QSY1Q=
x-amz-meta-index-tag: all
last-modified: Tue, 12 Jan 2021 21:06:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1tbP%2BmTNGg%2BYnVBBaEddiyo7rGx3Tsj7kh9TSo52QMBdojPQSb3n4iclmDWH4nhyfcFb8qzbkaIzmgHtZxSO8Cpz3d%2FXKKBaryp3noL0pI7N1vhpQcxlSFL%2B2YWE%2B78wvtCvGZ0%2FixnKV2jh8U4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 79LGqSd8FimGTolASEfBxka7OKPTvU04
cf-ray: 65d6d7bdba960601-FRA
x-amz-cf-id: RJ6Js6hTRGek8vcNSPOCq1is0FMY_8jEOQ60Br1OnX9ose5QHdZlLQ==

GET
H3-29 200 __ptq.gif
track.hubspot.com/ 45 B
762 B 28ms
28ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%229210833d-34a7-4597-ade0-03e16dcbc24c%22%2C%22bfb042c4-2edc-4f3e-b748-d104f601ac33%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=252628&rcu=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F&pu=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&t=Who+is+Darkside%E2%80%94The+Group+Behind+the+Colonial+Pipeline+Breach%3F&cts=1623372600001&vi=b7289097c5e628e0b34b92bfcd48013f&nc=true&u=57501621.b7289097c5e628e0b34b92bfcd48013f.1623372599792.1623372599792.1623372599792.1&b=57501621.1.1623372599793&cc=15

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: cda7b167-435b-40d7-a9a4-393f894ae651
cf-ray: 65d6d7be0bf5dfcf-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
cf-request-id: 0a9a252ac30000dfcf5d229000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qGOoTznv%2BN21VCgvAiFPB3%2FiN2IhaKFvGmOr6y4oHDkSCXbVhRxwEjL4UozvrTufxgkTRO2hMRMe%2FIA66GRRQNGZCIvT34KZruw%2BP7MRZ%2ByOZSDKIanWjv44tyeiFlyYWUVv1Bl7II7Hmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-29 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
723 B 140ms
140ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=252628&pg=9210833d-34a7-4597-ade0-03e16dcbc24c&lt=1623372598430&dt=1623372599795&at=1623372600013&ae=1&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: 14db87f3-ab9f-49b3-a04a-e8be270b574f
x-trace: 2B41E9732537350C1B6E652562CF9665E5EEE2BBA9000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QroyshKFu2NfwH8NlP3jx%2BLJyFCjADMbbfNAYWz8cv7LQpb5mzQZLlaGj9506i9BLpiyds5vrnNEeK11lc2B1wSgtKkQ6KXJ6Nr6KvGuYf3PrQLkEAToKj0R0J4bBeA4oU8DXyJh8T7rj0lnXEBaBk9AYoiR"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 65d6d7be1c05dfcf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9a252acf0000dfcf77a83000000001
x-robots-tag: noindex, follow

GET
H2 200 39.f00f9225.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 6 KB
3 KB 22ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.f00f9225.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fb6a54fd0ea4287ed803a20a197516820c7e13ee66649e7c99aeefd06b646543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 2091616
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"ba8635d920070dde24a0a4a9e3177b21"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QT91uxvWeWY83BLBOcxyM7AH84IphadG
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V7JWUbPhj0BRZOyqeYD50yoWNvdxumlWgqqQzqmUsYUeJEZkQb4FQg==

GET
H2 200 37.44c05d56.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 107 KB
34 KB 22ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.44c05d56.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2badd5eb27f506ea9c8c6e77ae1f938883ac131e2294c4e02bfbabc70ce9e6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 2091616
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"714e6baa2fa3579ac720cb0419c3f11a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _Oz3INBC0zU_UOCtnzVzgHjtUphoYphb
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rIs8yX33QJMET1aQ4lwocg9AVYe5R-EPtOvqMrVrt2QnoCs3XiKbeQ==

GET
H2 200 30.5caeefdb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 27 KB
9 KB 22ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5caeefdb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dcc9b82683719d082db3ba8d6927ac8a03dd5c01d80e6fbe9418badf1e27270e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 16:09:32 GMT
content-encoding: gzip
age: 722428
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 02 Jun 2021 14:32:01 GMT
server: nginx
etag: W/"607a066f07dd87bede92756538ea6d80"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HzzKPa6xFWL2fxirUfNCU25XGWCU2.Qz
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6Cz5ByXRICyeJoO_LlAKkTJJWyMYZK_Sai7Mw5PcFwqB_rtpRzKzxw==

GET
H2 200 33.4335bc3d.chunk.css
js.driftt.com/core/assets/css/ Frame A1D8 1 KB
1 KB 24ms
24ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/33.4335bc3d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 637673
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:26:36 GMT
server: nginx
etag: W/"7362dc7cbde5becc44253ec6d0061465"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: T8r_1brQGQIS6Tv5aX1yn9Rddg.QFD01
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QmbVch9QIFjrpwmb9fNcQztPX9NClhUTzLK8Q4196UDZTBBjfpCBHA==

GET
H2 200 33.8b7360bc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 5 KB
2 KB 24ms
24ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.8b7360bc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

0cfc04a7b9b3897c3dc90a86a832c2b254bd6efe7afadcd047dd5665acb3a57c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:06 GMT
server: nginx
etag: W/"db736afb31031d9d81ff0914624a9a40"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kEXwyPsPoozlcxkBltzqDcgOYqgc5.WS
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t3CT7-jHgHfGaqWTasBwRlLebRyhLUHDwI6xG2gv8bsaLPdSKSCKdg==

GET
H2 200 39.f00f9225.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 6 KB
3 KB 22ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.f00f9225.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fb6a54fd0ea4287ed803a20a197516820c7e13ee66649e7c99aeefd06b646543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 2091616
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"ba8635d920070dde24a0a4a9e3177b21"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QT91uxvWeWY83BLBOcxyM7AH84IphadG
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y6Dca_faQcHFbwXEmsbpz8bb1bphC0IYQ07SVBw9BR1C6Ve89665wA==

GET
H2 200 37.44c05d56.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 107 KB
34 KB 23ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.44c05d56.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2badd5eb27f506ea9c8c6e77ae1f938883ac131e2294c4e02bfbabc70ce9e6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 2091616
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"714e6baa2fa3579ac720cb0419c3f11a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _Oz3INBC0zU_UOCtnzVzgHjtUphoYphb
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8vDHVCkDHbweL4KghkySr9QOewtKoqgeKoWbr0Hc2mXfMDp7x2UmTw==

GET
H2 200 30.5caeefdb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 27 KB
9 KB 23ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5caeefdb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dcc9b82683719d082db3ba8d6927ac8a03dd5c01d80e6fbe9418badf1e27270e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 16:09:32 GMT
content-encoding: gzip
age: 722428
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 02 Jun 2021 14:32:01 GMT
server: nginx
etag: W/"607a066f07dd87bede92756538ea6d80"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HzzKPa6xFWL2fxirUfNCU25XGWCU2.Qz
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H0ZR-8AElkJUwuVn1y0GfzLwhU4wcvFGMrGFP03fBoCCaD1fokEi-w==

GET
H2 200 33.4335bc3d.chunk.css
js.driftt.com/core/assets/css/ Frame 06BC 1 KB
1 KB 23ms
22ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/33.4335bc3d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 637673
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:26:36 GMT
server: nginx
etag: W/"7362dc7cbde5becc44253ec6d0061465"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: T8r_1brQGQIS6Tv5aX1yn9Rddg.QFD01
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Mp0b4fJaPfXzHRsdwMm0jRnoQQEumgnVB8lyDjIGrkVPrJJ1rqhBpA==

GET
H2 200 33.8b7360bc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 5 KB
2 KB 23ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.8b7360bc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

0cfc04a7b9b3897c3dc90a86a832c2b254bd6efe7afadcd047dd5665acb3a57c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:06 GMT
server: nginx
etag: W/"db736afb31031d9d81ff0914624a9a40"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kEXwyPsPoozlcxkBltzqDcgOYqgc5.WS
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QmNewTzNdVSYy6oM9aMSUVtODG4GP8NKWlrlFtjUaiUqZJOSN5mu3A==

GET
H2 206 Be%20In%20The%20Know%20-%201000x150.mp4
go.recordedfuture.com/hubfs/video/ 320 KB
0 29ms
25ms Media
video/mp4 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/hubfs/video/Be%20In%20The%20Know%20-%201000x150.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.recordedfuture.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

cf-request-id: 0a9a252b1c00000601a1bcb000000001
x-amz-meta-cache-tag: F-40645593741,FD-40644989410,P-252628,FLS-ALL
age: 1377234
x-amz-server-side-encryption: AES256
edge-cache-tag: F-40645593741,FD-40644989410,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 2R4QXJYJ25C8AB5E
etag: "7e96f071cd2d83e5b7ed23b469d79a6e"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1610488579540
content-type: video/mp4
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Fri, 11 Jun 2021 00:50:00 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
Content-Range: bytes 0-4182721/4182722
Content-Length: 4182722
x-amz-id-2: hb2t1C12vyM/sZO5tXF7vx4af5c7JWTXLJi5myedmpK7CkU39SaqlsRxyB7u16PdHRKohBYYyV8=
x-amz-meta-index-tag: all
last-modified: Tue, 12 Jan 2021 21:56:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Lm8Z2c8LFja097UOwLMGTERPDjr39DiVSRbD7PV6WhoU7rVSZvvhfIGEYPG4TuBjNAvXStLdAv6Z3oETaX6XdJKJNB24P39xSIp%2Fm0gMpwHH540vqS7ikrdCnKmYNWc%2FJgRkaEKx7gCWlbCkZiM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: csscr0TOmaPgfBrU9ZjgdZG283D4s.x.
cf-ray: 65d6d7be9bce0601-FRA
x-amz-cf-id: cX7mfLIKvrJf-8F2y6vnvKqWV-wvwAJ0UmNTrGk9AIlA5OoVokTUfw==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 17 KB
6 KB 47ms
46ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 22:58:04 GMT
content-encoding: gzip
age: 4499516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 19 Apr 2021 19:42:26 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1g7Hv6w3YDIKnLSLbX8uZi9cdYzVnmu5
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LSdV09oHNL_0XdG9yq50UahX_NGeKsstMOxgYeM5Gmy84sDumeh4yw==

GET
H2 200 34.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame A1D8 6 KB
1 KB 47ms
46ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 2091616
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:45 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GojXQVrNiHbX0B3yzg6sYNjY3aFapEc5
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dzLP9T8AKQIZovO2oM7EdHikBkfDHuUglNud4OU8XNXg1z8HeNxpGg==

GET
H2 200 34.700544f5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 2 KB
2 KB 49ms
48ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.700544f5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4ac40e8488984ca7ab58f8571622f99b93053f9e1938aa3975492581139f7554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:06 GMT
server: nginx
etag: W/"f987ce7995df8a263e270c638998464e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W5zSgtooUdIbCzWsUbH.GlGYYepBs9Hi
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QLYhRc5fXnjs8sD5SHFl1TuZBNiN3gVMdsenK0KU4FZXYUF_Hp9-cQ==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 17 KB
6 KB 37ms
36ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 22:58:04 GMT
content-encoding: gzip
age: 4499516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 19 Apr 2021 19:42:26 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1g7Hv6w3YDIKnLSLbX8uZi9cdYzVnmu5
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wNyXChKHeWv3DkhaUWHaYerA4x1lbro4T60mlkC5MPm463YtByGDtw==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 68 KB
20 KB 37ms
35ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:42:28 GMT
content-encoding: gzip
age: 10796852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:44 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kErXw93froxamEp2BnqkXpG57uNk3Qr1
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mjk_bJFvGiOKD6I3T1gf23I-8x0nhs0P1mFHI9OJHh_8AUSmUKIzFg==

GET
H2 200 29.af23633f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 42 KB
12 KB 37ms
36ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.af23633f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7c59ba72953cc99b7cc6735de0285f154a29e30b5fd5d5b04d819ed22d21bc3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:44 GMT
content-encoding: gzip
age: 2091616
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:47 GMT
server: nginx
etag: W/"e44e4be66b3069982f14c73c09e21042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fotuwu4LjY0Fjw9Gx8sj1O0oPzVV4rN5
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XI12lq3f5wKL7imWfNh9Onjvb-bQ2_uRNuIjwtybWMoxFhZOJsCGAw==

GET
H2 200 2.9e348098.chunk.css
js.driftt.com/core/assets/css/ Frame 06BC 2 KB
1 KB 37ms
35ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.9e348098.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e90d57f411dd7b15b40912a0054905950c28469a3feb592e6c3ddb74d2ef5915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 637673
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:26:35 GMT
server: nginx
etag: W/"97eba23aec3d21fff25c5114b738526d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: X7.U5pNSEiBC_Ve7E1M4nL1G5oIwqWQO
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f02HYishlNLSDwS0nE7HKwJ_8CjegZxQuNTg5g7gH5bjL4aoQGjRSw==

GET
H2 200 2.7dac93f0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 33 KB
11 KB 37ms
36ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.7dac93f0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2779699f6d890e616827371ca7afbdab8368d10d26fcd4b6f975ff6a81856a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:06 GMT
server: nginx
etag: W/"d1b041e3d0df86618996b01e18aaa6e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hJInc_qC_PhfLncMDCYsyLEfUSUKySCv
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 83um5qTFQcc7dxIK04LRLvVvsKrlCpkIrDlas0f2-DxdEZJ0ok5MEw==

GET
H2 200 28.44736ae1.chunk.css
js.driftt.com/core/assets/css/ Frame 06BC 8 KB
2 KB 37ms
36ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.44736ae1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

8c58a438125e389f81b62999773d8d6cb9e25828bb6049248faa04c12d2bc8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 18:22:23 GMT
content-encoding: gzip
age: 1319257
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 17:36:25 GMT
server: nginx
etag: W/"8b77004f90a97a8796e83c50f9e084d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VTL7YzENnmWXyCBUsKQb8BXlyKIgAsgS
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RsaQ1Vvj1FRbXpHZy61MX_6DUu0roZqslbolsTXWl5diWBsbe6T5ww==

GET
H2 200 28.3ec6aa9f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 65 KB
19 KB 38ms
37ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.3ec6aa9f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

0fb28048485ea376b73537d7230bff0be0400e034d1205cede8b84c2a28122bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:06 GMT
server: nginx
etag: W/"3b9d76d6b8e6cd93c2c25e13ace00bcb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vP2MLb3STKOkArDU8ShXNQz89K5e1fLi
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XUDw6n2ffG9aXLqS2wbmFMLin1h1oIewP0KtxdqtDUUwVDzZFUmhyw==

GET
H2 206 Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
go.recordedfuture.com/hubfs/video/ 640 KB
0 25ms
24ms Media
video/mp4 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/hubfs/video/Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.recordedfuture.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=327680-

Response headers

cf-request-id: 0a9a252b56000006018bb3a000000001
x-amz-meta-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
age: 1379177
x-amz-server-side-encryption: AES256
edge-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 57Z0CXS092WQWW5Y
etag: "00a848b44bdd5610587cef8a45019e4e"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1610485568833
content-type: video/mp4
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Fri, 11 Jun 2021 00:50:00 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
Content-Range: bytes 327680-4269036/4269037
Content-Length: 3941357
x-amz-id-2: T5G39U4gPxp71FLSbTkiy+kJFB+0KT7m9qyOZ9++sDSpjSxrzt3j104uE6XN7upP1eLvf/QSY1Q=
x-amz-meta-index-tag: all
last-modified: Tue, 12 Jan 2021 21:06:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YqU0ED7CJpKAJrihatsVSRgpnp2fBk1bH%2BuKpCOGhfdOv%2F%2BWAZ0JN%2BNJ5zrlDCdZZBuxiCt00yIWJuk4JUXxUu%2B9Og%2F3yZj7Zbkt4QmNci5LJmkbCpRb%2Fi8YapbiPIEsvFmZLLCw1oY4of%2B71j8%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 79LGqSd8FimGTolASEfBxka7OKPTvU04
cf-ray: 65d6d7beec580601-FRA
x-amz-cf-id: RJ6Js6hTRGek8vcNSPOCq1is0FMY_8jEOQ60Br1OnX9ose5QHdZlLQ==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 68 KB
20 KB 40ms
40ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:42:28 GMT
content-encoding: gzip
age: 10796852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:44 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kErXw93froxamEp2BnqkXpG57uNk3Qr1
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RphSRrx6FihGMNUJdkPnJYmwwecpshODexiI1CEBC9rwpser5pnwFQ==

GET
H2 200 7.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame A1D8 7 KB
2 KB 41ms
40ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 3581757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:09 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qRE432HVQ7Y1w.s9lcCBDT5jZX9YXsTD
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6mTppNCcOM44cdmY13p27JRHv3ZD84cMqrIcHKw-oKF1rZyhLcf2ag==

GET
H2 200 7.d2b06f0f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 38 KB
13 KB 41ms
40ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.d2b06f0f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a700f71fb1bb8fbba02eb3a6e70c73441e24337c4521bacc1c4e2b97d7b191a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 3581757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:12 GMT
server: nginx
etag: W/"d22fa8dd9fdbdcdde74443bcd7a64fa3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xnIs15mgedQOb8VhFDNVv2E4rRhqKdBF
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EJ726bgtJs0z_xLVSTCH3X_ln8mTb9HYSldtLu90Lbt1tt_z2gyY6g==

GET
H2 200 5.39718cbd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 50 KB
14 KB 40ms
40ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.39718cbd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b05c21426d9a2999f3f7b48d494bc6dba7b4fba240d3eae1047c99116c075232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:07 GMT
server: nginx
etag: W/"22b4f20089aad6d0ac685e754c01e20c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .5a_QrgLkSUAEb_A2beueRCXQorNwT3X
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rACJH0K_TgbAj2KoDIMkcF55lP_N9mtWrQ3zwRLVFLLIUf3AUPqT0Q==

GET
H2 200 2.9e348098.chunk.css
js.driftt.com/core/assets/css/ Frame A1D8 2 KB
1 KB 40ms
40ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.9e348098.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e90d57f411dd7b15b40912a0054905950c28469a3feb592e6c3ddb74d2ef5915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 637673
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:26:35 GMT
server: nginx
etag: W/"97eba23aec3d21fff25c5114b738526d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: X7.U5pNSEiBC_Ve7E1M4nL1G5oIwqWQO
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YO-m8o3f1rvHNdkEoB9OKt9wMG0jQ532p5KIn5s9EP21qXX9RMfLAg==

GET
H2 200 2.7dac93f0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 33 KB
11 KB 42ms
42ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.7dac93f0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2779699f6d890e616827371ca7afbdab8368d10d26fcd4b6f975ff6a81856a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:06 GMT
server: nginx
etag: W/"d1b041e3d0df86618996b01e18aaa6e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hJInc_qC_PhfLncMDCYsyLEfUSUKySCv
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jBu2AufHhULRNAsMPSLHW7_WWKtBfjbsY9_cvp6XtTw0g02uYTE7Mw==

GET
H2 200 8.095c1bdd.chunk.css
js.driftt.com/core/assets/css/ Frame A1D8 11 KB
3 KB 42ms
42ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.095c1bdd.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7c7de094077ca042a6043ba4f991d61f8c23718d9431f1c5f59341293b368f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 637673
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:25:57 GMT
server: nginx
etag: W/"234bd0a4c41e2519e5ca8630aa478e83"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 503SkCtCybYikCzlhcj4icSZpN2cEB5I
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NL-Karf-GrRh1M7kPCMpWFq9nBovFmvr5gyCw3EW6K9pFJLx2OaSog==

GET
H2 200 8.72decc61.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 16 KB
6 KB 42ms
42ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.72decc61.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

106fa16009dcc0fcec76154afef33c71f3280adee2878dbe37ac95087232abc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:07 GMT
server: nginx
etag: W/"9775575a939bddf71f29150e32e26237"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dlIKrW34ZoBJaNrQMVyEbRrqQ5KTa05a
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PuBDGogg8A4ApNL4j2yY_N1xXWYZ2LsSjejvbp0_ATmDgUofZWnmfA==

GET
H2 200 6.be43392b.chunk.css
js.driftt.com/core/assets/css/ Frame A1D8 6 KB
2 KB 42ms
42ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/6.be43392b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e12f41f00e2ee8a10327a832e9f228d9a21e346f300eb483233171c5d86ecb60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:42:07 GMT
content-encoding: gzip
age: 637673
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 13:26:36 GMT
server: nginx
etag: W/"3474c814e1241a585ba13f3170881693"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MTrFIW.ZdI7k.J4AhyAYsKB6_1Zaxw6x
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Gi4KihmhIt-xfHojiqVKQnP1rotQKsZZvsDygsrmN_cCoiSSyaSx-Q==

GET
H2 200 6.bf75f137.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 14 KB
6 KB 42ms
42ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/6.bf75f137.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

cdaf9710ff27931eb0f8f8b8e8df97faf4a7791725ef647de6585bbfc8f5909d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 14:45:33 GMT
content-encoding: gzip
age: 727467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 02 Jun 2021 14:32:02 GMT
server: nginx
etag: W/"4afd68421c4dd4e8c9e7706d38352647"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DPu3gmtUmOj1zuxNCpfvthFRBe_6gzCH
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lCB9jgNbFUzlqQ0q0B5i-OwArOq_3nHTycQVTK4W5rrNi1CaDIEr2w==

GET
H2 200 3.11b2228d.chunk.css
js.driftt.com/core/assets/css/ Frame A1D8 34 KB
6 KB 42ms
42ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.11b2228d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

55181dcd33131a6768d7652b57b7f1d413464c75114870f7cfc8052e13422ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:50:37 GMT
content-encoding: gzip
age: 284363
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 17:30:30 GMT
server: nginx
etag: W/"df5c5c7e94de085cd7399eb1c76696ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: THj3frSmZKXnPwQbFfs464BQ2DjnNmwc
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q8CZQY9_z7eG-kTll4_9MosF5S_Zda9ldmogDllnIyp67RFyx9136w==

GET
H2 200 3.56470b3e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 66 KB
20 KB 42ms
41ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.56470b3e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fcaebfb105e7cd869d5e0bb4ebdfa85a579b6f1541d55ad6725cf4e8ec4c9f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:06 GMT
server: nginx
etag: W/"347bd87d8b91945c3533709a8861037b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: P.1BwtdaB29MqKJhIw6iy7HO5ZQgP0w8
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YQVkac8G57BNNgH48kKvboiG_1I3jlDKamYoCNXULEyMrx4bi-atAg==

GET
H2 200 4.0e648f3b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 17 KB
7 KB 43ms
41ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.0e648f3b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

87dbdfe00579c4809d1844b4628ba7a4de43b831509af629d718016f697a3526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:07 GMT
server: nginx
etag: W/"2caee83d6afc4ce55ab782fa24e19003"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MWiUOKQJ3coIJLYaHCuO0Z78IKusdQtD
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fQGtL7jQ0ncnh-u1itqLkj-el_vrtuM10CarAIqpmmRUPK4QRgHJqw==

GET
H2 200 26.cbeac9c0.chunk.css
js.driftt.com/core/assets/css/ Frame A1D8 15 KB
3 KB 43ms
41ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/26.cbeac9c0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

38fe61c974c3fa45b7a3c85975bb1bea318308957c2329f6c932623acff155b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:04 GMT
server: nginx
etag: W/"ebfbb9df704776942182975f5f6547a4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: d0D3QA8B0iNoBshvSItbSHQnueHz0RzJ
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y7QUKMTLbsWKIbcUCSdIt1pT9oRkK5wrPMk4PrQuj041fBqhkZrXcA==

GET
H2 200 26.60619e31.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 21 KB
7 KB 43ms
41ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.60619e31.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f84aabf8f80ac7bafc223e82ec5bfb910d174e8e03995080536a10b50a1b56ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 18:11:35 GMT
content-encoding: gzip
age: 23905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 10 Jun 2021 15:41:06 GMT
server: nginx
etag: W/"a07681bb4caa13ff910bb6c4bb8545e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Gmbhn1LtA4gRgxJGcui2HTER3cqdSOkU
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9Nz8cxTwEO8KOlPTB2r2fQIyFGJ_AZ9uknwTeJcu9GmKhWr6p1LmIg==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 351ms
118ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift5d5359e40ffb52300e6f9740641
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 06BC 25 B
123 B 130ms
129ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
server: istio-envoy
requestid: d00524fd5a9a74a6
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 mp5rtwcnz2nd.json Show response
embeds.driftcdn.com/embeds/ Frame 06BC 38 KB
11 KB 494ms
434ms XHR
application/json 13.32.2.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/mp5rtwcnz2nd.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-13.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a2b554f4c17529729b9c3884333d1ef5138ccf6af80e6360f89036f63864f44

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:01 GMT
content-encoding: gzip
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 09 Jun 2021 16:42:09 GMT
server: AmazonS3
etag: W/"f5342939929b4283ec5d7c4db5a060ef"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 5d650f4d20204610aaf075ff8f6494c7.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: u6jfI7snSVBOpqxk7QYz0tuKK-9JSzxnC3l9GYGdKZKIdPGpl-dpYA==

GET
H3-29 200 css
fonts.googleapis.com/ Frame 06BC 4 KB
643 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.7dac93f0.chunk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 23:21:34 GMT
server: ESF
date: Fri, 11 Jun 2021 00:50:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Jun 2021 00:50:00 GMT

GET
H2 206 Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
go.recordedfuture.com/hubfs/video/ 128 KB
0 30ms
30ms Media
video/mp4 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/hubfs/video/Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.recordedfuture.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=983040-

Response headers

cf-request-id: 0a9a252bb600000601538e9000000001
x-amz-meta-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
age: 1379177
x-amz-server-side-encryption: AES256
edge-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 57Z0CXS092WQWW5Y
etag: "00a848b44bdd5610587cef8a45019e4e"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1610485568833
content-type: video/mp4
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Fri, 11 Jun 2021 00:50:00 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
Content-Range: bytes 983040-4269036/4269037
Content-Length: 3285997
x-amz-id-2: T5G39U4gPxp71FLSbTkiy+kJFB+0KT7m9qyOZ9++sDSpjSxrzt3j104uE6XN7upP1eLvf/QSY1Q=
x-amz-meta-index-tag: all
last-modified: Tue, 12 Jan 2021 21:06:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RpTXALQ4HMujDtkdInqQLu29gtV2uLZVFz8h3iGxyoz%2FWZAQ4qOs4ELFTWbMkDfHcptfaqrSuocwKTaYIjnfWMIRD5cbPsiPpA%2FPqnyiYefUNinX077DUWy%2BZ%2FIRUHLaI4aN0JFtPFIKvxCbPRs%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 79LGqSd8FimGTolASEfBxka7OKPTvU04
cf-ray: 65d6d7bf8d3e0601-FRA
x-amz-cf-id: RJ6Js6hTRGek8vcNSPOCq1is0FMY_8jEOQ60Br1OnX9ose5QHdZlLQ==

GET
H2 206 Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
go.recordedfuture.com/hubfs/video/ 128 KB
0 30ms
30ms Media
video/mp4 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/hubfs/video/Download%20Our%20Free%20Browser%20Extension%20-%20350x300.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.recordedfuture.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1114112-

Response headers

cf-request-id: 0a9a252bd7000006018f36e000000001
x-amz-meta-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
age: 1379177
x-amz-server-side-encryption: AES256
edge-cache-tag: F-40627856511,FD-40644989410,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 57Z0CXS092WQWW5Y
etag: "00a848b44bdd5610587cef8a45019e4e"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1610485568833
content-type: video/mp4
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Fri, 11 Jun 2021 00:50:00 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
Content-Range: bytes 1114112-4269036/4269037
Content-Length: 3154925
x-amz-id-2: T5G39U4gPxp71FLSbTkiy+kJFB+0KT7m9qyOZ9++sDSpjSxrzt3j104uE6XN7upP1eLvf/QSY1Q=
x-amz-meta-index-tag: all
last-modified: Tue, 12 Jan 2021 21:06:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Yx9TT9bcXnH%2F%2FVyCoZHevpDiBfiwYkhVKSU0vOgvK3rDjidGlHgB58OTxSdGTOp%2BAaM4CMfSZxL7kxyBZsfocAkbTa4sw%2FUVZCjX5ce7ItspxF2tLKzhl74lS56DLv02NM51axCxXjLCSkMtb54%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 79LGqSd8FimGTolASEfBxka7OKPTvU04
cf-ray: 65d6d7bfbd820601-FRA
x-amz-cf-id: RJ6Js6hTRGek8vcNSPOCq1is0FMY_8jEOQ60Br1OnX9ose5QHdZlLQ==

POST
H2 200 services Show response
sumo.com/ 88 KB
10 KB 220ms
219ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

18869c1519fa91f08431642cbbd824be5bacb0bf7bff510363d09de4c3b8a70d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-Sumo-Auth: iZEJXtZN4GMOlh43KAm5PGH9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

OPTIONS
H2 204 services
sumo.com/ Frame 0
0 184ms
184ms Preflight 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Protocol: H2
Server: 52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sumo-auth
Origin: https://www.recordedfuture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.18.0
date: Fri, 11 Jun 2021 00:50:00 GMT
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 195ms
194ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=64bb10022140000036b3c260a001000073952100&session=609fce58-c73d-479e-8242-c7dfd4351f10&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A49%3A59%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222005%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:50:00 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 utk Show response
customer.api.drift.com/integrations/hubspot/ Frame 06BC 2 B
63 B 179ms
179ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/integrations/hubspot/utk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
server: istio-envoy
requestid: b9e239fa8e03384
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 66
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 utk
customer.api.drift.com/integrations/hubspot/ Frame 0
0 120ms
113ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/integrations/hubspot/utk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftde47e2a4c84814e8fc9d5a91052
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 7.0a035390359aab65eb82.js Show response
load.sumo.com/ 97 KB
33 KB 21ms
20ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: JMNTC7DP6JXXD2Y7
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:33:49
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: AslDIzkj4lLm+CaldeS4AonP3TvltvwQkaEqTW9C0K+M/dFOmHLiJqmJQK7tameWUswRwO2ODcU=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:31:09 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: ed5ea54894350b7bb8a9de9d04a76a0e
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 4.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
3 KB 21ms
20ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: KEG5W5PMZ0AZ1XZY
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:13:03
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: ZnfdWPoCAsRHBRVozFW7nkarhjldjtYYmX1nzemPtvIc6vkFYKPm6/tGFTsmrqB50gUe8oUoDjQ=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:30:44 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: dc66db98093bbc9f5e703fad299fc3eb
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 2.0a035390359aab65eb82.js Show response
load.sumo.com/ 3 KB
2 KB 22ms
21ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 4V6M4VSR7Y8PYAD1
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:05:34
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: RU0v+rIrQnBSy2upSpMNvqUPfF23uw8nU5SlsEEP7TCK7QsD9j0tSTQWVeJ7SY6z1ZrqfdvrdBk=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:30:28 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 14e25f7df8d73aec03c0186cbf45e3da
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 10.0a035390359aab65eb82.js Show response
load.sumo.com/ 11 KB
5 KB 22ms
20ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: ACVKWQP2AFD19PG3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:31:44
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: y9yW5E+cFizviMhZUgYaScwOgW6lQRgFqdOXcvAbgUDiWBNgdlcoAQhkviAa3sNjJHZUNVnep4w=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:30:14 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 8b8b2dfcd4a2d1ea364e4434bea7ca5c
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 22.0a035390359aab65eb82.js Show response
load.sumo.com/ 92 KB
24 KB 22ms
21ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: DZTTPF09J4XRCCSS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:33:51
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: w3kHednAZpnjZG/btdNCJEhJBQfIDdkzjKpPKwHlopbDVgTTlzy+2qEvk9UMWSlrqJOine16/+k=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:30:30 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 2bd844cef2fabe3066cc5c16c0428660
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 23.0a035390359aab65eb82.js Show response
load.sumo.com/ 329 KB
93 KB 22ms
21ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: MNVQJCAMXR7DX167
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:10:13
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: kSQ0YRFO04uujkKPjCwRe2QgATeX2D3biRYe4lj0Zl5qEX1fvGmW/WEcV7IUu7Bx9FlBBQ/Jn3M=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:30:30 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: a50d4048128ed4fa0efb4bdd11c1ecee
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 21.0a035390359aab65eb82.js Show response
load.sumo.com/ 179 KB
51 KB 22ms
21ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: JMNP94RPA0JTGXX9
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:33:49
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: YrsyjNF9mcrFJmZ0zOsRVFwd5Bnp/bpWXx+LiMY/BPqdCs6xWA3Utpxyw8ocdcQG5XVo82qUVBE=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:30:29 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: fa214f81b099398064bd1013f2104834
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 64.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 KB
1 KB 22ms
21ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/64.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: B817XFWQZC906PJC
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:03:34
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: UYLGFWfMXlZMQS22ucK/fr2LKusEizdECOHUVkFiClOID2LgdVAnwzSo7bVbH7dzXGteVdkQ4LI=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:31:05 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 6d7067a0f2deccd9616fcfb9f9a21602
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 0.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
3 KB 23ms
21ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: ZVDWHF7A1EF5Q4BS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:31:41
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: XcfKPPsOE4IIFumnIgMSvP3BirYoZzKhgC8CuLD6TmfEJoWrvHxchyZwSDnbWmIG/nnRdMNGbbk=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:30:13 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: a26212660c81029c41d50a531b08fd12
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 1.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 KB
2 KB 22ms
21ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/1.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 66T1VTFBD9GC0RTY
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 18:55:14
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: vpz2gfsAUwXGAMjQxHfQfIgPNGzrEVbkA1Fhuzzlg1G7DFSZfrCaylNGy6yh2Hb/nzd40nv2D2A=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:30:13 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 100c77f70bed9a124c8b044e587d939f
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 3.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
2 KB 38ms
37ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/3.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 4FEDK6AX243AQ8JT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 18:38:17
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: GX8e2hcWaC1SAWZjvSYG1SCZDogQBfZ4TXm06gu443Am3ghZVt4oR6zmX6Au+8hWbmjH2GVPnSc=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:30:36 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: c0af66d707b38fa995113bd66840c122
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 11.0a035390359aab65eb82.js Show response
load.sumo.com/ 438 KB
128 KB 22ms
21ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/11.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: BZRQ2VSJ9SM3AC3Z
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 17:59:34
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 9gCInsQ4cbaBZ0EjfI0NgoO0pzqktRgoYff7flOnd0BHFaYRVKfEW6Iqbhq/LHxhR9gXcm9S23g=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:30:20 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 4a555fa665e05ad398485b1a7b6b80f9
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 15.0a035390359aab65eb82.js Show response
load.sumo.com/ 711 KB
52 KB 25ms
24ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/15.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: KHDQ9DNJ9EYVRYRM
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:09:25
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: JfvHvXYhofUKv9VH/VmGyQCQijYYWVODy6699f94AeMSLies+TDafO2OLf4L8Dz7b0SKQD8hRsc=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:30:23 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 478afc788a3338b15bf652102f7fdefc
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 96.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 MB
77 KB 21ms
20ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: KBCVDR44F94RVKBF
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:33:01
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: BJuIE34V5mYXHyKybuNFMvXe95W+VlA/sc5+sTCiWlZ9tCvnVhStC4vL5UlZYt8mGoSNSrXtMFo=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:31:30 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: e643d684705d50a774c222fff2437303
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 97.0a035390359aab65eb82.js Show response
load.sumo.com/ 221 B
917 B 21ms
20ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Schleiz, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:00 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: ERTG72PGA3G7JTN8
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-08 19:33:50
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 2AkcGDm11NPkdWgL0HTtJ2Nf77powMcodu5Y3Uefvq8XBzV25VjQGXPtqAV/5Xq6g8H4g3PF+bA=
access-control-allow-origin: *
last-modified: Fri, 28 May 2021 14:31:30 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 680bebab27e51a48d5b524c14785c06c
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H3-29 200 css
fonts.googleapis.com/ 20 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 23:21:28 GMT
server: ESF
date: Fri, 11 Jun 2021 00:50:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Jun 2021 00:50:01 GMT

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 06BC 5 KB
2 KB 512ms
503ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

754c1c080e1dde164595239d1d6f8ee12b1f02f762ebe3c1ec2ce8fa115db213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Jun 2021 00:50:01 GMT
content-encoding: gzip
server: istio-envoy
requestid: 6a84b19397e09e4e
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 390
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2122
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 204 features
sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/ Frame 0
0 188ms
188ms Preflight 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/features?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c
Protocol: H2
Server: 52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://www.recordedfuture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.18.0
date: Fri, 11 Jun 2021 00:50:01 GMT
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H2 200 features Show response
sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/ 3 KB
1 KB 203ms
203ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/features?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

48ed0b05d91e59d7ac7cbc6543cd30b2b3e2aa7bac9b06f3b0f261c9db69a266

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Sumo-Auth: iZEJXtZN4GMOlh43KAm5PGH9

Response headers

date: Fri, 11 Jun 2021 00:50:01 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.18.0
etag: "-1529360806"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

GET
H2 200 features Show response
sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/ 3 KB
1 KB 203ms
202ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/features?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

48ed0b05d91e59d7ac7cbc6543cd30b2b3e2aa7bac9b06f3b0f261c9db69a266

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Sumo-Auth: iZEJXtZN4GMOlh43KAm5PGH9

Response headers

date: Fri, 11 Jun 2021 00:50:01 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.18.0
etag: "-1529360806"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

GET
H2 200 features Show response
sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/ 3 KB
1 KB 202ms
202ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/features?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

48ed0b05d91e59d7ac7cbc6543cd30b2b3e2aa7bac9b06f3b0f261c9db69a266

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Sumo-Auth: iZEJXtZN4GMOlh43KAm5PGH9

Response headers

date: Fri, 11 Jun 2021 00:50:01 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.18.0
etag: "-1529360806"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

OPTIONS
H2 204 features
sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/ Frame 0
0 188ms
188ms Preflight 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/features?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c
Protocol: H2
Server: 52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://www.recordedfuture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.18.0
date: Fri, 11 Jun 2021 00:50:01 GMT
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

OPTIONS
H2 204 features
sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/ Frame 0
0 188ms
188ms Preflight 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c/features?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c
Protocol: H2
Server: 52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://www.recordedfuture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.18.0
date: Fri, 11 Jun 2021 00:50:01 GMT
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H3-29 200 css
fonts.googleapis.com/ 20 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 23:19:22 GMT
server: ESF
date: Fri, 11 Jun 2021 00:50:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Jun 2021 00:50:01 GMT

OPTIONS
H2 404 rpc
clients6.google.com/ Frame 0
0 26ms
5ms Preflight
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ
Protocol: H2
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.recordedfuture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

GET
H2 200 / Show response
graph.facebook.com/ 251 B
655 B 56ms
42ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F&callback=jQuery110207283337143275765_1623372598766&_=1623372598767

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc07e42a852892e9780c67b61ac12f7ae74c5c34e9c6541be82c86696869fff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1003946478
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 190
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ls9310JMuvsoz98XBraOSkvxLpZF3YO3zLQdU/RJotrddCVrmC2f9cPmBdY6q2HKichcNXkXQRPoB5MHDK4VFg==
x-fb-trace-id: BWEVV3Xybrf
date: Fri, 11 Jun 2021 00:50:01 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: Aj5bPYi1GA0EAB8l0p-RmDE
cache-control: no-store
facebook-api-version: v3.3
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 links.getStats Show response
api.facebook.com/method/ 430 B
631 B 52ms
39ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/links.getStats?urls=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F&format=json&callback=jQuery110207283337143275765_1623372598768&_=1623372598769

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16fa2e48d94f6ecdcdd391dd07e38e7b24b3677a755458a37e9529be9e96d879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: CAWB+0NyR/2FVODXGdZ3zuRBKg5ki9/7Aw3RIIXEq/xPJHMd1D+Quu7ELnRyHKHHgQkPCBKRCwe35GKFraeoDg==
content-encoding: br
vary: Accept-Encoding
x-fb-trace-id: H3MkRqCcU4g
date: Fri, 11 Jun 2021 00:50:01 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-fb-request-id: AVp04eq1-klalVkkRRFL8rN
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rev: 1003946478
facebook-api-version: v3.3
content-length: 265
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST rpc
clients6.google.com/ 0
0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 252ms
251ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=64bb10022140000036b3c260a001000073952100&session=609fce58-c73d-479e-8242-c7dfd4351f10&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A01%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A00%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223007%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:50:01 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 /
sumo.com/api/event/ 2 B
150 B 579ms
190ms Image
text/plain 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumo.com/api/event/?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c&app_id=156085c5-0017-4150-b225-a731ad248f38&shortcut_id=&visitor_id=a54864c01a90000bcdf71ae46fb1d771c4764acce99cea847e7ffea74b7f39b9&event=popup&href=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&ref=&cache=0.34877186252304937

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
vary: Accept-Encoding
server: nginx/1.18.0
etag: "-684271315"
x-frame-options: SAMEORIGIN
content-type: text/plain
x-robots-tag: noindex, nofollow
content-length: 2

GET
H2 200 /
sumo.com/api/event/ 2 B
151 B 577ms
189ms Image
text/plain 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumo.com/api/event/?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c&app_id=156085c5-0017-4150-b225-a731ad248f38.fa5554b80632a3fcab4d3cbdeaf9e76f129a718c7eae1330727e19eb9cdfcea5&shortcut_id=&visitor_id=a54864c01a90000bcdf71ae46fb1d771c4764acce99cea847e7ffea74b7f39b9&event=popup&href=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&ref=&cache=0.5402529894186139

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
vary: Accept-Encoding
server: nginx/1.18.0
etag: "-684271315"
x-frame-options: SAMEORIGIN
content-type: text/plain
x-robots-tag: noindex, nofollow
content-length: 2

GET
H2 200 /
sumo.com/api/event/ 2 B
150 B 580ms
192ms Image
text/plain 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumo.com/api/event/?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c&app_id=156085c5-0017-4150-b225-a731ad248f38.22209524b0515a91def4fb7a305b566298f654b2c285faef86db943f543f98d6&shortcut_id=&visitor_id=a54864c01a90000bcdf71ae46fb1d771c4764acce99cea847e7ffea74b7f39b9&event=popup&href=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&ref=&cache=0.1680030785597606

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
vary: Accept-Encoding
server: nginx/1.18.0
etag: "-684271315"
x-frame-options: SAMEORIGIN
content-type: text/plain
x-robots-tag: noindex, nofollow
content-length: 2

GET
H2 200 /
sumo.com/api/event/ 2 B
150 B 581ms
193ms Image
text/plain 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumo.com/api/event/?site_id=2133ca9a16479c4dd1535bd17a570d58daffb34f52c68550c9ac43651c6e101c&app_id=156085c5-0017-4150-b225-a731ad248f38.fa5554b80632a3fcab4d3cbdeaf9e76f129a718c7eae1330727e19eb9cdfcea5.22209524b0515a91def4fb7a305b566298f654b2c285faef86db943f543f98d6&shortcut_id=&visitor_id=a54864c01a90000bcdf71ae46fb1d771c4764acce99cea847e7ffea74b7f39b9&event=popup&href=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&ref=&cache=0.6323615315743059

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
vary: Accept-Encoding
server: nginx/1.18.0
etag: "-684271315"
x-frame-options: SAMEORIGIN
content-type: text/plain
x-robots-tag: noindex, nofollow
content-length: 2

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
media.sumo.com/ 586 B
1 KB 82ms
22ms Image
image/svg+xml 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sumo.com/4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-194.datapacket.com
Software: BunnyCDN-DE1-713 /
Resource Hash: d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:01 GMT
content-encoding: br
cdn-edgestorageid: 632
x-amz-request-id: MT6M19VQ877SD30M
cdn-cachedat: 2021-06-08 21:34:50
cdn-pullzone: 50990
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: F/DL3EJsxslxMUo0ziUbQndMgN/kEzfcDx5Cx0vTkuzYQG/yan1dLClOPq+NW/5LSUD6f4WE5i4=
access-control-allow-origin: *
last-modified: Thu, 11 Aug 2016 16:48:17 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 45de53838425256985889711373e867a
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88 Show response
media.sumo.com/ 586 B
1 KB 83ms
22ms XHR
image/svg+xml 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://media.sumo.com/4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-194.datapacket.com
Software: BunnyCDN-DE1-713 /
Resource Hash: d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:01 GMT
content-encoding: br
cdn-edgestorageid: 632
x-amz-request-id: MT6M19VQ877SD30M
cdn-cachedat: 2021-06-08 21:34:50
cdn-pullzone: 50990
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: F/DL3EJsxslxMUo0ziUbQndMgN/kEzfcDx5Cx0vTkuzYQG/yan1dLClOPq+NW/5LSUD6f4WE5i4=
access-control-allow-origin: *
last-modified: Thu, 11 Aug 2016 16:48:17 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 6814b2cb4f85eb24454f1eead125ab2f
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
media.sumo.com/ 586 B
1 KB 70ms
21ms Image
image/svg+xml 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sumo.com/4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-194.datapacket.com
Software: BunnyCDN-DE1-713 /
Resource Hash: d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:01 GMT
content-encoding: br
cdn-edgestorageid: 632
x-amz-request-id: MT6M19VQ877SD30M
cdn-cachedat: 2021-06-08 21:34:50
cdn-pullzone: 50990
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: F/DL3EJsxslxMUo0ziUbQndMgN/kEzfcDx5Cx0vTkuzYQG/yan1dLClOPq+NW/5LSUD6f4WE5i4=
access-control-allow-origin: *
last-modified: Thu, 11 Aug 2016 16:48:17 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: eaea0b9f3d93e43cd8e166aa120bb381
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 mp5rtwcnz2nd Show response
targeting.api.drift.com/hours/availability/combined/ Frame 06BC 61 B
125 B 201ms
201ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/mp5rtwcnz2nd

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

ab566c27ae4e35a42e84c329e8f3b82b69dfdee38826b39d684ad89195b73c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5OTUzMzQ2MjY5IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTM4MTE5MyIsImV4cCI6MTY1NDkwODYwMSwiaWF0IjoxNjIzMzcyNjAxfQ.YA1VGvAfmQnd5MeSkBUR_H8jB20veTXCbk2NwqaOTKLxPghvNVZJtqeDdg-4-nb06cs9BpL1ENNSm6ZnImHrPg

Response headers

date: Fri, 11 Jun 2021 00:50:01 GMT
server: istio-envoy
requestid: eb0a3fef10b7d7af
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 86
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 61
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 mp5rtwcnz2nd
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 116ms
114ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/mp5rtwcnz2nd

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Jun 2021 00:50:01 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: HEAD,GET,OPTIONS
requestid: drift1a83af14d9594ab672d9559370d
content-length: 18
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 track Show response
event.api.drift.com/ Frame 06BC 812 B
1 KB 1450ms
1449ms XHR
application/json 52.2.107.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.2.107.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-107-241.compute-1.amazonaws.com

Software

Resource Hash

5437755b9195a825a0d739801c2067261aa661c6a74c9ef9adfe79669ce8ae2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5OTUzMzQ2MjY5IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTM4MTE5MyIsImV4cCI6MTY1NDkwODYwMSwiaWF0IjoxNjIzMzcyNjAxfQ.YA1VGvAfmQnd5MeSkBUR_H8jB20veTXCbk2NwqaOTKLxPghvNVZJtqeDdg-4-nb06cs9BpL1ENNSm6ZnImHrPg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Jun 2021 00:50:03 GMT
requestid: 599eef419c82a9eb
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 812

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 365ms
117ms Preflight
text/plain 52.2.107.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

52.2.107.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-107-241.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Jun 2021 00:50:01 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: driftbd462e743f385f35205bdd5ddc7

GET
H2 200 47.d1ec1cad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 06BC 17 KB
6 KB 20ms
20ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.d1ec1cad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4f7b7bbf5225cd88e68285c8d02057dd19cb7e7a12d4465f67c9cd2976aeee29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=mp5rtwcnz2nd&forceShow=false&skipCampaigns=false&sessionId=12ab6630-7a38-4b03-b619-c6dce403a75a&sessionStarted=1623372599&campaignRefreshToken=2659a1b8-dc80-4d1d-9963-6022fd45515e&hideController=false&pageLoadStartTime=1623372598217&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:45 GMT
content-encoding: gzip
age: 2091616
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"df31a79a2de4ba62caa657c97430e66a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DMAn20D8bvI5mDi60vBr03OzyuS1ohG6
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vMh0qvnzV7WEqLFFFDkO71B4mlZ6FDx1Cial3m6q9klp-dQuzuIL8Q==

GET
H2 200 47.d1ec1cad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A1D8 17 KB
6 KB 20ms
20ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.d1ec1cad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f8467414.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4f7b7bbf5225cd88e68285c8d02057dd19cb7e7a12d4465f67c9cd2976aeee29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:49:45 GMT
content-encoding: gzip
age: 2091616
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:05:48 GMT
server: nginx
etag: W/"df31a79a2de4ba62caa657c97430e66a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DMAn20D8bvI5mDi60vBr03OzyuS1ohG6
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9766jVtUB-aGIqAU5GRd3ArqGX28G6Yk4KK_Ri0k-Q2EqtdRKGv6fw==

GET
H3-29 200 css
fonts.googleapis.com/ Frame A1D8 4 KB
643 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.7dac93f0.chunk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 23:16:34 GMT
server: ESF
date: Fri, 11 Jun 2021 00:50:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Jun 2021 00:50:01 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame A1D8 14 KB
14 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:14:26 GMT
x-content-type-options: nosniff
age: 214535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:14:26 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame A1D8 15 KB
15 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 11:24:48 GMT
x-content-type-options: nosniff
age: 221113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:24:48 GMT

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 06BC 1 KB
633 B 116ms
115ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

2a1d5c1aa6ec17832833ddfb2a7dd87ef36f65856c8b99dbd35d7bb95927e224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5OTUzMzQ2MjY5IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTM4MTE5MyIsImV4cCI6MTY1NDkwODYwMSwiaWF0IjoxNjIzMzcyNjAxfQ.YA1VGvAfmQnd5MeSkBUR_H8jB20veTXCbk2NwqaOTKLxPghvNVZJtqeDdg-4-nb06cs9BpL1ENNSm6ZnImHrPg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
content-encoding: gzip
server: istio-envoy
requestid: 6a54b2e653d7b57c
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 572
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 115ms
114ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift5c7c0e74c2fa119c8f45495e2ba
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 06BC 25 B
88 B 133ms
133ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5OTUzMzQ2MjY5IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTM4MTE5MyIsImV4cCI6MTY1NDkwODYwMSwiaWF0IjoxNjIzMzcyNjAxfQ.YA1VGvAfmQnd5MeSkBUR_H8jB20veTXCbk2NwqaOTKLxPghvNVZJtqeDdg-4-nb06cs9BpL1ENNSm6ZnImHrPg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
server: istio-envoy
requestid: f7a142a92619ba49
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 115ms
114ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftca2117e4e5eadc9fbb34dda9ef1
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 render_initial Show response
flow.api.drift.com/flows/ Frame 06BC 3 KB
2 KB 150ms
150ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

08a6d054c636dfb611625e0b9d0294f96a0324bac3e5c08eb08e8469bd7bcc51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5OTUzMzQ2MjY5IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTM4MTE5MyIsImV4cCI6MTY1NDkwODYwMSwiaWF0IjoxNjIzMzcyNjAxfQ.YA1VGvAfmQnd5MeSkBUR_H8jB20veTXCbk2NwqaOTKLxPghvNVZJtqeDdg-4-nb06cs9BpL1ENNSm6ZnImHrPg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
content-encoding: gzip
server: istio-envoy
requestid: b3aaea9a8338de73
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 36
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1870
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 render_initial
flow.api.drift.com/flows/ Frame 0
0 116ms
114ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift2ff9e7b40018cb6263de91983c3
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame 06BC 0
38 B 128ms
128ms XHR
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5OTUzMzQ2MjY5IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTM4MTE5MyIsImV4cCI6MTY1NDkwODYwMSwiaWF0IjoxNjIzMzcyNjAxfQ.YA1VGvAfmQnd5MeSkBUR_H8jB20veTXCbk2NwqaOTKLxPghvNVZJtqeDdg-4-nb06cs9BpL1ENNSm6ZnImHrPg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
server: istio-envoy
requestid: eeade9b5163fdca9
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 115ms
114ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftbe315b14bad81d7919053a8ac66
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F1950693%252Fd0879b0f2c504b554f8ea197b974ecefsb9tyat8hevw%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w...
driftt.imgix.net/ Frame 06BC 6 KB
6 KB 22ms
6ms Image
image/png 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F1950693%252Fd0879b0f2c504b554f8ea197b974ecefsb9tyat8hevw%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D3a776653323d191bcf554cbc0e7847b8?fit=max&fm=png&h=200&w=200&s=a218ba54ec221d5779d845a176019b93

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

4d13c7d915221b9f41941a80ff5bb35defc9e2733c2e9d651f14e68e469fa2e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:50:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 16:39:33 GMT
server: imgix
age: 115830
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 6c65adbc99eb2b74c66a65173f833970cdf6720c
accept-ranges: bytes
content-length: 6283
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10051-SJC, cache-fra19177-FRA

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 06BC 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:14:26 GMT
x-content-type-options: nosniff
age: 214536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:14:26 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1845482640&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%201658022&_utma=93161374.223659066.1623372599.1623372599.1623372599.1&_utmz=93161374.1623372599.1.1.utmcsr%3Dhs_email%7Cutmccn%3D(not%2520set)%7Cutmcmd%3Demail%7Cutmcct%3D133017140&_utmht=1623372602534&_u=aHDCAUADQAAAAC~&jid=&gjid=&cid=223659066.1623372599&tid=UA-9153858-2&_gid=681406177.1623372599&gtm=2ou690&z=995228479

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 21:45:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11090
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 196ms
196ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=64bb10022140000036b3c260a001000073952100&session=609fce58-c73d-479e-8242-c7dfd4351f10&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A02%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A01%20GMT%22%2C%22timeSpent%22%3A%221010%22%2C%22totalTimeSpent%22%3A%224017%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:50:02 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 4.7e67eece.chunk.js Show response
js.driftt.com/conductor/assets/ 158 B
821 B 21ms
21ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/4.7e67eece.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1623372600000/mp5rtwcnz2nd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7060ccc4a800448d37027d5c6beb0084ad19061feb48a523e29ea1b7dbc1ae3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 14:41:19 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
age: 6948523
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 158
last-modified: Mon, 22 Mar 2021 14:08:22 GMT
server: nginx
etag: "807a90e9d6c19e174f5905b1d130989a"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2OKAPOEBwmfC7ciZWi3f2oC9TZifZTh1
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D2O5Eb0NervQ0EQXoervx82rx3CDkC3yaQEz0aEsIZbinVMbY6s-6A==

GET
H2 206 notification.d46d7db1.mp3
js.driftt.com/conductor/assets/media/ 20 KB
21 KB 21ms
21ms Media
audio/mpeg 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/media/notification.d46d7db1.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.recordedfuture.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 11 Mar 2021 22:01:41 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
age: 7872501
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-20896/20897
Content-Length: 20897
last-modified: Thu, 11 Mar 2021 21:29:39 GMT
server: nginx
etag: "d46d7db110874da77e094dcbc4bec8e6"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Qw4ohBG6iBhPX0HyTJ2OV8nxTFBd8zR_
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: audio/mpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mUv7ikOGL8AowCAHlL3Ws2zdZ6mJHzz2Du6JWZ8zt402f0iRWO61VQ==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 201ms
200ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=64bb10022140000036b3c260a001000073952100&session=609fce58-c73d-479e-8242-c7dfd4351f10&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A03%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A02%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225018%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:50:03 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 196ms
195ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=64bb10022140000036b3c260a001000073952100&session=609fce58-c73d-479e-8242-c7dfd4351f10&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A04%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A03%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%226022%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:50:04 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 06BC 25 B
83 B 114ms
114ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.1d3e72f0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5OTUzMzQ2MjY5IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTM4MTE5MyIsImV4cCI6MTY1NDkwODYwMSwiaWF0IjoxNjIzMzcyNjAxfQ.YA1VGvAfmQnd5MeSkBUR_H8jB20veTXCbk2NwqaOTKLxPghvNVZJtqeDdg-4-nb06cs9BpL1ENNSm6ZnImHrPg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Jun 2021 00:50:05 GMT
server: istio-envoy
requestid: 2e096e6a87d3ea5
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 115ms
115ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Jun 2021 00:50:05 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift1010ecf4aeaa4156b33fd5f34a0
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 195ms
195ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=33c3ba77-c6ba-4cca-84e7-b6447dcec7d3&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A05%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A04%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227023%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:50:05 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 196ms
196ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=096de7eb-6280-461f-87f7-0ff232fd98c9&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A06%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A05%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%228024%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:50:06 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 200ms
199ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=096de7eb-6280-461f-87f7-0ff232fd98c9&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A07%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A06%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%229025%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:50:07 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 229ms
229ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=096de7eb-6280-461f-87f7-0ff232fd98c9&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A08%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A07%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%2210026%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:50:08 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 200
OK da2b64f2d4 Show response
bam.nr-data.net/events/1/ 24 B
189 B 129ms
129ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/da2b64f2d4?a=155511080&v=1209.f04e2b9&to=ZVxUY0UAD0AEAENQClwWd1RDCA5dShBeVwJeXA%3D%3D&rst=13234&ck=1&ref=https://www.recordedfuture.com/darkside-colonial-pipeline-breach/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1209.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.recordedfuture.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 197ms
197ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=096de7eb-6280-461f-87f7-0ff232fd98c9&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A11%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2011%20Jun%202021%2000%3A50%3A08%20GMT%22%2C%22timeSpent%22%3A%223001%22%2C%22totalTimeSpent%22%3A%2213027%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20DarkSide%20ransomware%20group%20has%20made%20the%20news%20in%202021%20due%20to%20its%20high-value%20targets%20such%20as%20the%20Colonial%20Pipeline%20and%20high%20ransom%20amounts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Who%20is%20Darkside%E2%80%94The%20Group%20Behind%20the%20Colonial%20Pipeline%20Breach%3F%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Fdarkside-colonial-pipeline-breach%2F%3Futm_medium%3Demail%26_hsmi%3D133017140%26_hsenc%3Dp2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ%26utm_content%3D133017140%26utm_source%3Dhs_email&pageViewId=b07c262f-0b2c-42c3-8286-e2e2ec77ba83

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 00:50:11 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: clients6.google.com
URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.recordedfuture.com/	1970-01-19 18:56:14	Name: __hssc Value: 57501621.1.1623372599793
.recordedfuture.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.recordedfuture.com/	1970-01-20 04:17:48	Name: hubspotutk Value: b7289097c5e628e0b34b92bfcd48013f
.recordedfuture.com/	1970-01-20 04:17:48	Name: __hstc Value: 57501621.b7289097c5e628e0b34b92bfcd48013f.1623372599792.1623372599792.1623372599792.1
.recordedfuture.com/	1970-01-19 18:56:12	Name: _gat_gtag_UA_9153858_2 Value: 1
.recordedfuture.com/	1970-01-19 18:56:14	Name: __utmb Value: 93161374.1.10.1623372599
.recordedfuture.com/	1970-01-19 18:56:13	Name: __utmt_sfga Value: 1
www.recordedfuture.com/	1970-01-19 18:56:14	Name: drift_campaign_refresh Value: 2659a1b8-dc80-4d1d-9963-6022fd45515e
.recordedfuture.com/	1970-01-19 23:19:00	Name: __utmz Value: 93161374.1623372599.1.1.utmcsr=hs_email\|utmccn=(not%20set)\|utmcmd=email\|utmcct=133017140
.recordedfuture.com/	1969-12-31 23:59:59	Name: __utmc Value: 93161374
www.recordedfuture.com/	1970-01-19 18:56:26	Name: _gd_session Value: 609fce58-c73d-479e-8242-c7dfd4351f10
.recordedfuture.com/	1970-01-20 12:27:24	Name: _ga Value: GA1.2.223659066.1623372599
.recordedfuture.com/	1970-01-19 23:19:00	Name: _pk_ref.1.e343 Value: %5B%22hs_email%22%2C%22%22%2C1623372599%2C%22%22%5D
.recordedfuture.com/	1970-01-19 18:56:12	Name: _gat_UA-9153858-2 Value: 1
.recordedfuture.com/	1970-01-19 21:05:48	Name: _fbp Value: fb.1.1623372598660.1164625877
www.recordedfuture.com/	1970-01-20 12:27:24	Name: _gd_visitor Value: 235f8034-1cbc-465b-8918-770bb5564442
.recordedfuture.com/	1970-01-19 18:56:14	Name: _pk_ses.1.e343 Value: 1
.recordedfuture.com/	1970-01-20 12:27:24	Name: __utma Value: 93161374.223659066.1623372599.1623372599.1623372599.1
.recordedfuture.com/	1970-01-19 18:57:38	Name: _gid Value: GA1.2.681406177.1623372599
.recordedfuture.com/	1970-01-20 04:22:07	Name: _pk_id.1.e343 Value: ff1f194a97111a06.1623372599.
www.recordedfuture.com/	1970-01-20 12:27:24	Name: _gd_svisitor Value: 64bb10022140000036b3c260a001000073952100
www.recordedfuture.com/darkside-colonial-pipeline-breach	1970-01-19 19:39:24	Name: __smVID Value: a54864c01a90000bcdf71ae46fb1d771c4764acce99cea847e7ffea74b7f39b9

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://go.recordedfuture.com/e2t/tc/VVVHpF6N3qMRW6Y7n2268G12CVNrtzX4sGtZ8N80643c3lGn5V1-WJV7CgCSmW3161qm1RT-skW74HRjq448894W2yTscv8TSX0gW7jQv9Q5Wtzg3W7tpW4-15pd2GW8-L_jQ426d99W6y45X-3Fc0f7W4kG_Xr7qHV8gW6thBM_8YmD14W58Yx018r9Lb-W8MjRST7jFTk9W1Tq52W21R9WWW3bXZ178lXYQCW1p71MG3hWjD1W2hTHX27Vc4ZLW1NH_6s6slQx_VKqqxv64bkDPW1Ns4Pp84-gdMW4hTr0p8j4yMtW64sKZC220VLGW2mP11p4CkmmKW6R53Ng7J8QJlW8-qPWN1c4JDcW7VPDbD5fw1wY3dRg1(Line 13) Message: toS
console-api	log	URL: https://www.recordedfuture.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Duplicate Pixel ID: 194163687656043.
console-api	log	URL: https://www.recordedfuture.com/darkside-colonial-pipeline-breach/?utm_medium=email&_hsmi=133017140&_hsenc=p2ANqtz-_wqiT6p6QASmwWgSsJJBcaQAxUWkslwaiTsR0W0-VOKeOYRcW8LChpzMPdOee2K5esZykCQGxw1hLLokK-n2Ydj7LDkQ&utm_content=133017140&utm_source=hs_email(Line 778) Message: Tracking twitter
console-api	log	URL: https://load.sumo.com/73.0a035390359aab65eb82.js(Line 26) Message: Query variable %s not found sumotoken
console-api	log	URL: https://load.sumo.com/73.0a035390359aab65eb82.js(Line 1) Message: install sumo badge...
console-api	log	URL: https://load.sumo.com/73.0a035390359aab65eb82.js(Line 26) Message: Query variable %s not found sumopath
console-api	info	URL: https://load.sumo.com/73.0a035390359aab65eb82.js(Line 1) Message: CREATING SANDBOX FOR services/index/#services/index
console-api	info	URL: https://load.sumo.com/73.0a035390359aab65eb82.js(Line 1) Message: CREATING SANDBOX FOR 156085c5-0017-4150-b225-a731ad248f38/service/#156085c5-0017-4150-b225-a731ad248f38/service
console-api	log	URL: https://load.sumo.com/15.0a035390359aab65eb82.js(Line 1) Message: rendering share...
console-api	log	URL: https://load.sumo.com/15.0a035390359aab65eb82.js(Line 1) Message: rendering for desktop...
console-api	log	URL: https://load.sumo.com/11.0a035390359aab65eb82.js(Line 1) Message: style buffer update...
console-api	log	URL: https://load.sumo.com/15.0a035390359aab65eb82.js(Line 1) Message: buffer
console-api	log	URL: https://load.sumo.com/15.0a035390359aab65eb82.js(Line 1) Message: facebook
console-api	log	URL: https://load.sumo.com/15.0a035390359aab65eb82.js(Line 1) Message: facebooklike
console-api	log	URL: https://load.sumo.com/15.0a035390359aab65eb82.js(Line 1) Message: googleplus
console-api	log	URL: https://load.sumo.com/15.0a035390359aab65eb82.js(Line 1) Message: pinterest
console-api	log	URL: https://load.sumo.com/15.0a035390359aab65eb82.js(Line 1) Message: reddit
console-api	log	URL: https://load.sumo.com/15.0a035390359aab65eb82.js(Line 1) Message: yummly
console-api	log	URL: https://load.sumo.com/11.0a035390359aab65eb82.js(Line 1) Message: undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.facebook.com
api.ipify.org
b.6sc.co
bam.nr-data.net
bootstrap.api.drift.com
c.6sc.co
cdn.materialdesignicons.com
cdn.matomo.cloud
cdnjs.cloudflare.com
clients6.google.com
connect.facebook.net
cta-service-cms2.hubspot.com
customer.api.drift.com
driftt.imgix.net
embeds.driftcdn.com
event.api.drift.com
flow.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
go.recordedfuture.com
googleads.g.doubleclick.net
graph.facebook.com
j.6sc.co
js-agent.newrelic.com
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscta.net
kenwheeler.github.io
load.sumo.com
media.sumo.com
metrics.api.drift.com
no-cache.hubspot.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
recordedfuture.matomo.cloud
snap.licdn.com
ssl.google-analytics.com
static.ads-twitter.com
stats.g.doubleclick.net
sumo.com
t.co
targeting.api.drift.com
track.hubspot.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.recordedfuture.com
clients6.google.com
104.111.233.140
104.18.13.124
104.244.42.197
104.244.42.67
108.174.10.14
13.32.2.13
142.250.185.98
143.204.98.70
151.101.12.157
151.101.14.110
162.247.242.20
185.199.111.153
185.59.220.193
185.59.220.194
2600:9000:211a:fa00:c:7d55:b3c0:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:2c40::c73c:6702
2606:4700::6810:125e
2606:4700::6810:7daf
2606:4700::6811:44b0
2606:4700::6811:d5cc
2606:4700::6811:dfcc
2606:4700::6812:15bf
2606:4700::6813:9b53
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:800::2008
2a00:1450:4001:801::2008
2a00:1450:4001:803::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c04::9b
2a02:26f0:6c00:2b0::25ea
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::720
50.16.226.23
50.16.7.188
52.2.107.241
52.34.133.113
52.59.167.155
62.113.194.12
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05d91f851a25aaf50298c4e8fe0d4b6e9de001112170c3bb0bb48367f451a515
08a6d054c636dfb611625e0b9d0294f96a0324bac3e5c08eb08e8469bd7bcc51
0940efb55fa2f1deb76f9261931ac680e0fc2429e1073e2bafaadc7a32bab6d5
0bc5a66e21f8648156fcbc214136ac5ff60d0adc8c9e438a2b769a83f5075d7a
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cfc04a7b9b3897c3dc90a86a832c2b254bd6efe7afadcd047dd5665acb3a57c
0fb28048485ea376b73537d7230bff0be0400e034d1205cede8b84c2a28122bb
1026d9fb308f7ae9af4b10ee43618382be1a6313656b395da90681d6a10b1988
106a6f15d7a3e5d58d45ec5cdc5895303f8d89fb297d7144776d6a61ed43ec88
106fa16009dcc0fcec76154afef33c71f3280adee2878dbe37ac95087232abc4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669
16fa2e48d94f6ecdcdd391dd07e38e7b24b3677a755458a37e9529be9e96d879
176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c
18869c1519fa91f08431642cbbd824be5bacb0bf7bff510363d09de4c3b8a70d
1a1757fa4a848cf6ef3a991a57577eb6c8f9aa4492f8ea855ecdf5f8bdcf228d
1cc82f513588a417cfb181cd5b2329432cc3b2bb9d1f056e432838a036851aed
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
1f7e6a6c895c100151dfb452658d754fba7965e3ca95359990486db344d531e7
1fa7c464dab5292a4a003b822fd19f75cc6751830aff4c270daf828735551fa2
271bc594ffc1d972db7f089f567b29b1174183bcd46c672eb7775226a404a027
27449728016a02c64093b4a233d10829aafa71c82ecce4bbdd2f8530816a771a
2779699f6d890e616827371ca7afbdab8368d10d26fcd4b6f975ff6a81856a13
297cd80b4252e15bcc935658af668724a6e585e147618bd30131a27c7f84dab4
2a1d5c1aa6ec17832833ddfb2a7dd87ef36f65856c8b99dbd35d7bb95927e224
2a2a092a084f6b4417162897add3a68006c8570de386c83710753f75391b90e6
2badd5eb27f506ea9c8c6e77ae1f938883ac131e2294c4e02bfbabc70ce9e6a6
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2f5cdaaa7889492b45c17f3fd0d79f8a7f72fccb1bb40ad956b37bf11d8c0175
302afd20bcb475384017be6d90a969ca3696523934ea36a340192ee573daa34c
305e3f63a9ea36a8d35776ba48bb8baa08ecd8e678931dd689200a418456649b
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57
3356dfe5f7449f95f2518779c2cde62577d323f32a8742179400e24d242aa820
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c
365a0eb1df39308dbc95425f4eecdf60112a585749815b36a06c6776ef1b89ba
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
38fe61c974c3fa45b7a3c85975bb1bea318308957c2329f6c932623acff155b4
399105333fa5f4fd6ff5aea4506dc6d3ae44496bda62bc25b34ef7a2f75e0b20
3ac71c3ae051581f7cf3ecefdb030e36b15501920e0584c10a84167d516540ea
3b44433b6d777aed38ed9359c5453bba1fb62c181f99f060b94cc58e457457d9
3e3e7bb32d700b907b9e5c097d8ef3d6961d3642741583c1f924e7762b0e2f50
3ec19e731a605af29732582f00be3657470562ad2c1059ce01e58feda8f8d141
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
40bcd63ab74f4ab4d6976033797595ea693379a4186ba951e8059d8f2b63c7a8
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
42b6a4cb0223e8edcf8a735efce1e53d8ab0b2604f31606ea6e4e454755a46de
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48ed0b05d91e59d7ac7cbc6543cd30b2b3e2aa7bac9b06f3b0f261c9db69a266
495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4
4ac40e8488984ca7ab58f8571622f99b93053f9e1938aa3975492581139f7554
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d13c7d915221b9f41941a80ff5bb35defc9e2733c2e9d651f14e68e469fa2e8
4e0b59f1cc02c30bd7937c35c744d703490e5fde77eeefda5d1efc6a7cad4307
4e77fdad5335a23d6513c37be8cd74470f9f9ab2d24e9245b86e6cb84f919b29
4f7b7bbf5225cd88e68285c8d02057dd19cb7e7a12d4465f67c9cd2976aeee29
51248bf7921047ec9404bda7a3f7c9cae9ee652d88c016779cbe4dbadb5ade58
5238692ecf23970cbc3bad3899f5ad4913886cd16f0883d22fda406b3324a253
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
5437755b9195a825a0d739801c2067261aa661c6a74c9ef9adfe79669ce8ae2f
55181dcd33131a6768d7652b57b7f1d413464c75114870f7cfc8052e13422ba5
593f56bb9b00b639f6aadc57954f46080ce233d1bc01ef50f85720df619029f8
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
5efce88ac7228ea159bcf7fd1cc56d73c19428394218706524bac0e9151d4c61
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5f972353442840a191a5f341fb188f1afd3521ee2df82f4244a5f8baff94ed6e
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
613c27d45e0551e5862b4bbbf3c6f5241f73bc472ff15e84492f9b4f6579c58b
6336f71e33dee69b46657b12675fad734c11b8fb43782f5db75d5cb3ce84d785
65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276
6759e1844268d4ab9f5c8a9c16c245b58c1b5cc8d8361ce751bf8902a0025293
6897f1a6622f0773442f9027b0a128f68d11b78abdcc59140a79ba590608f8ee
691d7daa458df06d071f635cc8ec576a929ca26e2146070c81d0aa7fcf878999
692f218144b18d4f2c28c9d8d69385106263fb3239fd0ae2b42680202941ba0f
699713f69dbd2387b7c3b57204bcdc3d86d3ac350718a7ad65a5293e0d2c53eb
6a09ca406e89e7b1d3172741824df92d81eb000aa3241559c573f1bf17bc4899
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
6e68323becc53d587a72feb392bf8282e51d08bad025732b74eb5ea33614b7e9
6eef77b75ba6e819074e8060dba3fe81f8aa70303c93d30548b42931bf73433e
6fdd24bd96b3a482bc058d5c9bcfd6f1c664d91bbd47658d65ac5d852535f7fd
7060ccc4a800448d37027d5c6beb0084ad19061feb48a523e29ea1b7dbc1ae3b
70c9b373b81d6e43a3479f52231ac50d2691fd9232042514159be5866a65e40f
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
7201c12b0e82cd05a60c412f53f98f37cfec9616ef61f6e34d7d3a5293e440a5
7223c0b2ffaafe54a5aa7784420e711a847bde036b3e8050c319e815a4b1aa33
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
7407b5777263dd854442f600dc0112bdd434f4a6cb2a84bbf4ffd6fb89e726f4
754c1c080e1dde164595239d1d6f8ee12b1f02f762ebe3c1ec2ce8fa115db213
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86
76f73bfe436a71077f252ade8fb13fdd724a8f1a40fa2ec8bcf65b413a0e6939
773a8f6755c75e51461fb4809413075f96342df2696625580b407967292d915c
77af654a0951e9a142e3378e3095fe84c189836e76ffe57cbdebaa179c850c5c
7915f988d90a47aff5003835c6e0255c3cb35247762ff36f005e7f94d5e8fbbc
792599204b3470d68b161c0b0563d0fd34d94378a0fc469b8237480266bb08a3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7c142f741438550d5cad8e88b6b2952f8f256efda416f35e5a84dd2f6066144d
7c59ba72953cc99b7cc6735de0285f154a29e30b5fd5d5b04d819ed22d21bc3a
7c7de094077ca042a6043ba4f991d61f8c23718d9431f1c5f59341293b368f32
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485
81a0af4b719cd7130599920adcdb46c1baee5556a3bdac934cc13acab1da9d30
8207ade6f639887a7838b2903d39de1b3d21a327b031310555676d120e068b47
8271756d5397dd04fee9e7b5e9bb25a40b32102998938539946d9a006a0ec737
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e7b0edd83ba89635382f425dfdfd4e2dc0f4c43a059c41dce98cdb1048ab86
84decc00a588d65b9c7ae58a79d11fa6eb4a1ae0330a0e78097ef88599482168
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87dbdfe00579c4809d1844b4628ba7a4de43b831509af629d718016f697a3526
880f4e93ae7ed8a4b6f6920ae622cfb15ad63e4f8d1b1e7f599b37d487ce2292
8a5530f9cb746480fc0127fc3dab633918dae47d76624bbd330ca2db605f91c7
8c13ac28c11e551e0f2a5a75cde96400e92cec10f23e4c08b42e45ee694532b7
8c58a438125e389f81b62999773d8d6cb9e25828bb6049248faa04c12d2bc8a7
8fd4dc741e46ea50096170d7a7d9e245eb7362a2c7c85543bcbb960b20da0846
8fd9ef4e5f96881b0e06393b01a1be3d5bc305fcd5db934f11cbf624f597a59a
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88
9a2b554f4c17529729b9c3884333d1ef5138ccf6af80e6360f89036f63864f44
9ae3331ec7a341b12a352038820ade9dfc4f8946ec365397abf5b5a9a6f74b83
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830
9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642
9ebec660886f03bd7502df183186f39bda8d3b820da1d9ca0e1ffa73b2153c7a
a17254417c7cf571e6b249cceea19081e5e2c079bfe78830375a5ecee085ccd5
a24dc262ca6db1017f88a6f18786dbb088dce4d06f65ed2b4b43cfd8d0cc618b
a3a2c328bc1506fac5490cddaa6b82384c493088b140636e1452181d301a675b
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a700f71fb1bb8fbba02eb3a6e70c73441e24337c4521bacc1c4e2b97d7b191a9
a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a
ab566c27ae4e35a42e84c329e8f3b82b69dfdee38826b39d684ad89195b73c7c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5
aebe6ee96e6c6b9fc7b032854da493b545d82177f9439202cedd27e6e160841e
aef0d2e070e93be6c5e0aab807ccd79bd79582e05ab72de313f85c94828d5a78
b05c21426d9a2999f3f7b48d494bc6dba7b4fba240d3eae1047c99116c075232
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563
bb54e94c545f03932d631cd985aff128d39396abed2de7cbb522b535493d0262
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c23c7b5a64271af443cbff923966e7878bdbe67654ff666c1619e991be666775
c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1
c3ead7c8b3a7ab4739c36bb4d199a3f79d1dc53052345f6cbaf50a899cc1f137
c4ee2f7ce35c9debc48074853c1f54821a7d1cd2f738a0857cb9754c904bfbb0
c60328c2a2fba270c2fc603e556bb6eb41d10cecac5941dfe54e0c071472cc78
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c759948343b56dd68314bbb6a038d972cdfa4f0a06d31819eb3b5d33ab8fecbf
ca3429d77a75fe901b92a13cf9ae8800fa713d8fdaa63523a8d081d9e25cbfa2
cc94aab8ba80b2ab11788ebbc5b1eb02496186b89a63dba4a8289f50c53b05fb
cdaf9710ff27931eb0f8f8b8e8df97faf4a7791725ef647de6585bbfc8f5909d
d0604167abf2874fdbd5b6d19037baba5d36642b21656c3a6ce6cfef5b6ae8a3
d75c1823f06b25faffc4d8177e4fbad465186322ee07a862adabf1de9f6606ce
d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c
d9576157078dda9a522dad222249eeec6e639a856351b9f09451163cec1828ff
da1b60970149580c709bbc357622d24e7029d658e852e74ef1d861ffb22ad219
db2af24bfef6358a1c62eb490dcef92470cfd816b84f7fac5c50ae79b1397f81
dc07e42a852892e9780c67b61ac12f7ae74c5c34e9c6541be82c86696869fff9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcc9b82683719d082db3ba8d6927ac8a03dd5c01d80e6fbe9418badf1e27270e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0031d2ca8607154d1b0bf8760ee5d1c8b38fb643abfbd41b08d3677f9e7e4e2
e12f41f00e2ee8a10327a832e9f228d9a21e346f300eb483233171c5d86ecb60
e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7657b3001a9523fb81152df7eb790ac0e7c7a163d06c31c5052b6e1b25ca77d
e90d57f411dd7b15b40912a0054905950c28469a3feb592e6c3ddb74d2ef5915
e9618225f87a07ea43af2674ce4207adfb0897b1bb6aaf2157b502ee89538aa4
ec3873a49c77ec8a26f8c7a6f60eff1c0a7884459b5f8d2fcef28ef0ce271792
ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7
ed839d9fae4a8e722e9c408c2716a6f1eb789b99ef16722cd39ff4965749d8fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f469f0f2ec90c279cfe0e1a54b280d51e700fd6454ca7bffd7202df3dd7d6b3b
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f76e86c6a29453f0e15e74069a1e105af353ff07abaf5b7fdbb599e7c3263741
f84aabf8f80ac7bafc223e82ec5bfb910d174e8e03995080536a10b50a1b56ca
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
fb6a54fd0ea4287ed803a20a197516820c7e13ee66649e7c99aeefd06b646543
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fcaebfb105e7cd869d5e0bb4ebdfa85a579b6f1541d55ad6725cf4e8ec4c9f61
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

www.recordedfuture.com Open in urlscan Pro 104.18.13.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

282 Requests

100 %HTTPS

59 %IPv6

35 Domains

56 Subdomains

47 IPs

3 Countries

4941 kBTransfer

13776 kBSize

22 Cookies

21 Outgoing links

Page URL History

Redirected requests

282 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.recordedfuture.com Open in urlscan Pro
104.18.13.124 Public Scan

Screenshot
Live screenshot

Full Image

282
Requests

100 %
HTTPS

59 %
IPv6

35
Domains

56
Subdomains

47
IPs

3
Countries

4941 kB
Transfer

13776 kB
Size

22
Cookies

282 HTTP transactions
13 data transactions