www.digitalshadows.com Open in urlscan Pro
2600:9000:21f3:9e00:9:91af:d140:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF-2V-ookcybe9NrJuuYQQt0R2Hr3AlQELeCmwBlYG21bhJQ58t-_N46E-tnXvcfgyESUsi1yg=
Effective URL:
https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8e...
Submission: On August 17 via manual (August 17th 2021, 7:29:27 pm UTC) from US

Summary HTTP 156 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 38 domains to perform 156 HTTP transactions. The main IP is 2600:9000:21f3:9e00:9:91af:d140:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.digitalshadows.com.
TLS certificate: Issued by Amazon on July 1st 2021. Valid for: a year.

This is the only time www.digitalshadows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2600:9000:21f... 2600:9000:21f3:9e00:9:91af:d140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:82c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
5	104.111.216.226 104.111.216.226	16625 (AKAMAI-AS) (AKAMAI-AS)
4	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02)
1 6	2a02:26f0:6c0... 2a02:26f0:6c00::210:baab	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1 1	54.73.110.124 54.73.110.124	16509 (AMAZON-02) (AMAZON-02)
13 16	63.33.54.207 63.33.54.207	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	162.13.202.201 162.13.202.201	15395 (RACKSPACE...) (RACKSPACE-LON)
15 15	54.225.93.124 54.225.93.124	14618 (AMAZON-AES) (AMAZON-AES)
3 3	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
4 7	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.184.95.242 18.184.95.242	16509 (AMAZON-02) (AMAZON-02)
1 2	64.202.112.63 64.202.112.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	18.196.76.242 18.196.76.242	16509 (AMAZON-02) (AMAZON-02)
1 2	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
62	13.224.196.41 13.224.196.41	16509 (AMAZON-02) (AMAZON-02)
2	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
13	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.196.91 13.224.196.91	16509 (AMAZON-02) (AMAZON-02)
2	34.234.150.139 34.234.150.139	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
156	39

1 104.17.73.206 (United States)

ASN13335 (CLOUDFLARENET, US)

mailer.digitalshadows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:21f3:9e00:9:91af:d140:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.digitalshadows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:82c (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.216.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-226.deploy.static.akamaitechnologies.com

lonrtp1-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00::210:baab (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.110.124 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-110-124.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 63.33.54.207 (Dublin, Ireland) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-54-207.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.13.202.201 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

lonrtp1.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.225.93.124 (Ashburn, United States) 15 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-93-124.compute-1.amazonaws.com

cs.choozle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.215.191 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.131 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.174.68 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.95.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-95-242.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.63 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.76.242 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-76-242.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.38 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 13.224.196.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-41.fra2.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-91.fra2.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.150.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-150-139.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com	733 KB
22	adroll.com 14 redirects s.adroll.com d.adroll.com	30 KB
15	drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com	4 KB
15	choozle.com 15 redirects cs.choozle.com	9 KB
12	digitalshadows.com mailer.digitalshadows.com www.digitalshadows.com	2 MB
8	marketo.com lonrtp1-cdn.marketo.com rtp-static.marketo.com lonrtp1.marketo.com	122 KB
7	rlcdn.com 4 redirects idsync.rlcdn.com	2 KB
5	doubleclick.net 4 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1012 B
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	ensighten.com nexus.ensighten.com	11 KB
4	gstatic.com fonts.gstatic.com	60 KB
4	typekit.net use.typekit.net p.typekit.net	33 KB
3	bluekai.com 3 redirects tags.bluekai.com	3 KB
3	google-analytics.com www.google-analytics.com	60 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	sentry.io sentry.io	613 B
2	openx.net 1 redirects us-u.openx.net	479 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	869 B
2	3lift.com 1 redirects eb2.3lift.com	738 B
2	outbrain.com 1 redirects sync.outbrain.com	832 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	marketo.net munchkin.marketo.net	6 KB
1	driftcdn.com embeds.driftcdn.com	14 KB
1	yahoo.com ads.yahoo.com	299 B
1	taboola.com sync.taboola.com	222 B
1	pubmatic.com simage2.pubmatic.com	547 B
1	advertising.com pixel.advertising.com	125 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	licdn.com snap.licdn.com	2 KB
1	ipapi.co ipapi.co	912 B
1	googletagmanager.com www.googletagmanager.com	53 KB
0	Failed function sub() { [native code] }. Failed
156	38

	Domain	Requested by
62	js.driftt.com	www.digitalshadows.com js.driftt.com
16	d.adroll.com	13 redirects www.digitalshadows.com
15	cs.choozle.com	15 redirects
11	www.digitalshadows.com	mailer.digitalshadows.com www.digitalshadows.com
7	idsync.rlcdn.com	4 redirects www.digitalshadows.com
6	metrics.api.drift.com	js.driftt.com
6	s.adroll.com	1 redirects www.googletagmanager.com www.digitalshadows.com s.adroll.com d.adroll.com
4	targeting.api.drift.com	js.driftt.com
4	cm.g.doubleclick.net	4 redirects
4	match.adsrvr.org	4 redirects
4	rtp-static.marketo.com	lonrtp1-cdn.marketo.com
4	nexus.ensighten.com	www.googletagmanager.com nexus.ensighten.com
4	fonts.gstatic.com	fonts.googleapis.com
3	bootstrap.api.drift.com	js.driftt.com
3	tags.bluekai.com	3 redirects
3	lonrtp1.marketo.com	lonrtp1-cdn.marketo.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	use.typekit.net	www.digitalshadows.com use.typekit.net
3	fonts.googleapis.com	www.digitalshadows.com js.driftt.com
2	event.api.drift.com	js.driftt.com
2	sentry.io	js.driftt.com
2	us-u.openx.net	1 redirects www.digitalshadows.com
2	ib.adnxs.com	1 redirects www.digitalshadows.com
2	x.bidswitch.net	1 redirects www.digitalshadows.com
2	eb2.3lift.com	1 redirects www.digitalshadows.com
2	sync.outbrain.com	1 redirects www.digitalshadows.com
2	dsum-sec.casalemedia.com	1 redirects www.digitalshadows.com
2	sync.mathtag.com	2 redirects
2	px.ads.linkedin.com	2 redirects
2	munchkin.marketo.net	mailer.digitalshadows.com munchkin.marketo.net
1	embeds.driftcdn.com	js.driftt.com
1	ads.yahoo.com	www.digitalshadows.com
1	sync.taboola.com	www.digitalshadows.com
1	simage2.pubmatic.com	www.digitalshadows.com
1	pixel.advertising.com	www.digitalshadows.com
1	pixel.rubiconproject.com	www.digitalshadows.com
1	www.google.de	www.digitalshadows.com
1	www.google.com	www.digitalshadows.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	d.adroll.mgr.consensu.org	1 redirects
1	px4.ads.linkedin.com	www.digitalshadows.com
1	www.linkedin.com	1 redirects
1	lonrtp1-cdn.marketo.com	mailer.digitalshadows.com
1	snap.licdn.com	www.googletagmanager.com
1	ipapi.co	www.digitalshadows.com
1	www.googletagmanager.com	www.digitalshadows.com
1	p.typekit.net	use.typekit.net
1	mailer.digitalshadows.com
0	corpweb.prod.ds.local Failed	www.digitalshadows.com
156	49

This site contains links to these domains. Also see Links.

Domain
resources.digitalshadows.com
portal-digitalshadows.com
info.digitalshadows.com
www.ic3.gov
www.zdnet.com
www.techrepublic.com
blog.certfa.com
www.ncsc.gov.uk
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
mailer.digitalshadows.com Cloudflare Inc ECC CA-3	`2021-04-27` - `2022-04-26`	a year	crt.sh
www.digitalshadows.com Amazon	`2021-07-01` - `2022-07-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-03` - `2021-11-07`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2020-09-09` - `2021-10-11`	a year	crt.sh
adroll.com R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-07-26` - `2022-01-19`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-26` - `2021-09-15`	2 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Frame ID: 2E6B3BB8C90C42A07DABFFD9D14BE0C2
Requests: 72 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
Frame ID: 38A9449DD9E5007D58959D8553EE4743
Requests: 40 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
Frame ID: 420413A7756F887652B51A0D9B934E28
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF-2V-ookcybe9NrJuuYQQt0R2Hr3AlQELeCmwBlYG21bhJQ58t-_N46E-t... Page URL
https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAA... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/nexus\.ensighten\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

156
Requests

96 %
HTTPS

37 %
IPv6

38
Domains

49
Subdomains

39
IPs

6
Countries

2982 kB
Transfer

5897 kB
Size

0
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://resources.digitalshadows.com/
Title: Resources Center

Search URL Search Domain Scan URL

URL: https://resources.digitalshadows.com/weekly-intelligence-summary
Title: Weekly Intelligence Summary

Search URL Search Domain Scan URL

URL: https://resources.digitalshadows.com/whitepapers-and-reports
Title: Whitepapers & Reports

Search URL Search Domain Scan URL

URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk
Title: ShadowTalk Podcast

Search URL Search Domain Scan URL

URL: https://portal-digitalshadows.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/DemoRequest-Website-Button.html
Title: Request Demo

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/test-drive-registration-HB.html
Title: Try For Free

Search URL Search Domain Scan URL

URL: https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf
Title: but the FBI’s

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/smishing-police-make-arrests-in-crackdown-on-scam-text-messages/
Title: smattering of arrests by law enforcement

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/index.php/article/companies-are-losing-the-war-against-phishing-as-attacks-increase-in-number-and-sophistication/
Title: attackers experiencing greater success targeting mobile users

Search URL Search Domain Scan URL

URL: https://resources.digitalshadows.com/brand-protection/domain-monitoring-solutions-guide
Title: guide on domain monitoring

Search URL Search Domain Scan URL

URL: https://blog.certfa.com/posts/charming-kitten-christmas-gift/
Title: CERTFA reported on a campaign by APT35

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/this-password-stealing-android-malware-is-spreading-quickly-heres-watch-to-watch-out-for/
Title: reported to have spread quickly and significantly across targets

Search URL Search Domain Scan URL

URL: https://www.ncsc.gov.uk/guidance/flubot-guidance-for-text-message-scam
Title: NCSC have produced some great guidance as part of the FluBot alert

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/TestDrivev1-Blog_Reg.html
Title: Test Drive to explore SearchLight yourself free for seven days

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/test-drive-registration-blognewsad.html
Title: Try It Now

Search URL Search Domain Scan URL

URL: https://www.facebook.com/digitalshadows/

Search URL Search Domain Scan URL

URL: https://twitter.com/digitalshadows

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/2284467/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCqgjXfx8uDkDZgmKHmqZQvw

Search URL Search Domain Scan URL

URL: https://resources.digitalshadows.com/podcast-shadow-talk

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/test-drive-registration-footer.html
Title: Try For Free

Search URL Search Domain Scan URL

URL: https://resources.digitalshadows.com/customer-stories
Title: Customer Stories

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/DigitalRiskProtection-Practitioner-FooterNav.html
Title: Practical Guide to Digital Risk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF-2V-ookcybe9NrJuuYQQt0R2Hr3AlQELeCmwBlYG21bhJQ58t-_N46E-tnXvcfgyESUsi1yg= Page URL
https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1629228546314&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2017233%26time%3D1629228546314%26url%3Dhttps%253A%252F%252Fwww.digitalshadows.com%252Fblog-and-research%252Funderstanding-smishing-attacks%252F%253Fmkt_tok%253DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1629228546314&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1629228546314&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&liSync=true&e_ipv6=AQLl2JjRGqXrdAAAAXtVlrqXZ7veB5P9Czi3Ky0cCkhS67ukM_0blTDc9yd6sSC7zBxitFgi

Request Chain 33

https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 35

https://d.adroll.mgr.consensu.org/consent/iabcheck/M2GUWUTBBJFFRJ7RPYG7FT?_s=bdfd2889e70c20c3f991e290c7399853&_b=2 HTTP 302
https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=bdfd2889e70c20c3f991e290c7399853&_b=2

Request Chain 49

https://cs.choozle.com/dp/chz/23707?d=www.digitalshadows.com&cb=5861806780 HTTP 302
https://cs.choozle.com/sync HTTP 302
https://cs.choozle.com/sync?v=true&cid=9d73589a-5e22-49c9-9206-f4205df1c78f HTTP 302
https://tags.bluekai.com/site/48443?id=9d73589a-5e22-49c9-9206-f4205df1c78f&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3D9d73589a-5e22-49c9-9206-f4205df1c78f HTTP 302
https://cs.choozle.com/sync?pid=LwWFmx99999TLhhC&dpsync=bk&cid=9d73589a-5e22-49c9-9206-f4205df1c78f HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_puid=9d73589a-5e22-49c9-9206-f4205df1c78f&ttd_pid=gdmv7qs&ttd_tpi=1 HTTP 302
https://cs.choozle.com/sync?pid=77f804d3-910a-41f1-9601-16c5975f3312&dpsync=ttd&cid=9d73589a-5e22-49c9-9206-f4205df1c78f HTTP 302
https://idsync.rlcdn.com/459489.gif?partner_uid=9d73589a-5e22-49c9-9206-f4205df1c78f HTTP 307
https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D HTTP 302
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=8d38611c-0e04-4700-b415-884ffea1b724

Request Chain 50

https://cs.choozle.com/dp/chz/24190?d=www.digitalshadows.com&cb=555898069 HTTP 302
https://cs.choozle.com/sync HTTP 302
https://cs.choozle.com/sync?v=true&cid=c68d3f2b-6051-41b9-8a43-e9292ed2ee1d HTTP 302
https://tags.bluekai.com/site/48443?id=c68d3f2b-6051-41b9-8a43-e9292ed2ee1d&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3Dc68d3f2b-6051-41b9-8a43-e9292ed2ee1d HTTP 302
https://cs.choozle.com/sync?pid=0jb6B999999TLhhC&dpsync=bk&cid=c68d3f2b-6051-41b9-8a43-e9292ed2ee1d HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_puid=c68d3f2b-6051-41b9-8a43-e9292ed2ee1d&ttd_pid=gdmv7qs&ttd_tpi=1 HTTP 302
https://cs.choozle.com/sync?pid=77f804d3-910a-41f1-9601-16c5975f3312&dpsync=ttd&cid=c68d3f2b-6051-41b9-8a43-e9292ed2ee1d HTTP 302
https://idsync.rlcdn.com/459489.gif?partner_uid=c68d3f2b-6051-41b9-8a43-e9292ed2ee1d HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=COGFHBIwCiwIARCp7AEaJGM2OGQzZjJiLTYwNTEtNDFiOS04YTQzLWU5MjkyZWQyZWUxZBAAGg0IhJzwiAYSBQjoBxAAQgBKAA HTTP 307
https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D HTTP 302
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=8a06611c-0e04-4400-b037-ad783b87f516

Request Chain 51

https://cs.choozle.com/dp/chz/24191?d=www.digitalshadows.com&cb=9006783852 HTTP 302
https://cs.choozle.com/sync HTTP 302
https://cs.choozle.com/sync?v=true&cid=418d623b-b7fe-4353-b9e6-25371a0c0ec1 HTTP 302
https://tags.bluekai.com/site/48443?id=418d623b-b7fe-4353-b9e6-25371a0c0ec1&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3D418d623b-b7fe-4353-b9e6-25371a0c0ec1 HTTP 302
https://cs.choozle.com/sync?pid=durZBQ99999TLhhC&dpsync=bk&cid=418d623b-b7fe-4353-b9e6-25371a0c0ec1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_puid=418d623b-b7fe-4353-b9e6-25371a0c0ec1&ttd_pid=gdmv7qs&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_puid=418d623b-b7fe-4353-b9e6-25371a0c0ec1&ttd_pid=gdmv7qs&ttd_tpi=1 HTTP 302
https://cs.choozle.com/sync?pid=77f804d3-910a-41f1-9601-16c5975f3312&dpsync=ttd&cid=418d623b-b7fe-4353-b9e6-25371a0c0ec1 HTTP 302
https://idsync.rlcdn.com/459489.gif?partner_uid=418d623b-b7fe-4353-b9e6-25371a0c0ec1 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHzV92wcCFzldUJkZGE9PeQ&google_cver=1

Request Chain 52

https://d.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&pv=28058558127.331646&cookie=&adroll_s_ref=https%3A//mailer.digitalshadows.com/&keyw= HTTP 302
https://s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/IANINNYENVANJHID2VKV5Q.js

Request Chain 55

https://d.adroll.com/cm/index/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&expiration=1660764546 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&expiration=1660764546&C=1

Request Chain 56

https://d.adroll.com/cm/n/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&expires=365

Request Chain 57

https://d.adroll.com/cm/onevideo/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 58

https://d.adroll.com/cm/outbrain/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&rdrctExp=true

Request Chain 59

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 60

https://d.adroll.com/cm/taboola/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E

Request Chain 61

https://d.adroll.com/cm/triplelift/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 62

https://d.adroll.com/cm/r/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 63

https://d.adroll.com/cm/b/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E

Request Chain 64

https://d.adroll.com/cm/x/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E

Request Chain 66

https://d.adroll.com/cm/o/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=45ba344d8faf8e034ad177163b0f2fca HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=45ba344d8faf8e034ad177163b0f2fca

Request Chain 67

https://d.adroll.com/cm/g/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=Rbo0TY-vjgNK0XcWOw8vyg HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=Rbo0TY-vjgNK0XcWOw8vyg&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

156 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 NDU3LVhFWS02NzEAAAF-2V-ookcybe9NrJuuYQQt0R2Hr3AlQELeCmwBlYG21bhJQ58t-_N46E-tnXvcfgyESUsi1yg=
mailer.digitalshadows.com/ 570 B
1 KB 668ms
367ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF-2V-ookcybe9NrJuuYQQt0R2Hr3AlQELeCmwBlYG21bhJQ58t-_N46E-tnXvcfgyESUsi1yg=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-THuPtUY+JLtvzF+RhOOJlVASlLbn1kExPI1BwC+j06I=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: mailer.digitalshadows.com
:scheme: https
:path: /NDU3LVhFWS02NzEAAAF-2V-ookcybe9NrJuuYQQt0R2Hr3AlQELeCmwBlYG21bhJQ58t-_N46E-tnXvcfgyESUsi1yg=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:05 GMT
content-type: text/html
cache-control: private, no-cache, no-store, max-age=0
x-cnection: close
referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-THuPtUY+JLtvzF+RhOOJlVASlLbn1kExPI1BwC+j06I=';object-src 'none';form-action 'none';frame-src 'none'
x-content-type-options: nosniff
vary: Accept-Encoding
set-cookie: BIGipServerPOOL-162.13.131.123-go2.wire.com-80=!qa6Wh8rl0w4KIq29jRdq5/AJjPbVzSu+Ef8m3Y8oIKEnQ2aXsKSMfNkipfr4xsN8uGEo37xYsNr4eEs=; path=/; Httponly; Secure __cf_bm=c8825641b3a36f92f853cf26df926639556577e1-1629228545-1800-AUvqvXJKGg445IPBwV9V3m7SeVmiRCo6sPEaSiXu0fRb8nzaVFekzabuvwzyRrvECQVSGZMnCZTifHws041WyKc=; path=/; expires=Tue, 17-Aug-21 19:59:05 GMT; domain=.mailer.digitalshadows.com; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 68054f286ea0d8b5-AMS
content-encoding: gzip

GET
H2 200 Primary Request / Show response
www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/ 67 KB
16 KB 249ms
197ms Document
text/html 2600:9000:21f3:9e00:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B

Requested by

Host: mailer.digitalshadows.com
URL: https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF-2V-ookcybe9NrJuuYQQt0R2Hr3AlQELeCmwBlYG21bhJQ58t-_N46E-tnXvcfgyESUsi1yg=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:9e00:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DS /

Resource Hash

85eda7dbd842798f57f4e31d53fa4af060efc7de91531de1b567dd14742d8cb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.digitalshadows.com .marketo.com munchkin.marketo.net .google-analytics.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net use.typekit.net https://js.driftt.com https://tagmanager.google.com .adroll.com https://d.adroll.mgr.consensu.org https://snap.licdn.com https://optimize.google.com https://nexus.ensighten.com; style-src 'self' 'unsafe-inline' https://.digitalshadows.com https://fonts.googleapis.com .marketo.com .typekit.net unpkg.com https://tagmanager.google.com https://optimize.google.com; img-src data:; connect-src 'self' .digitalshadows.com .marketo.com .mktoresp.com api.ipstack.com https://ipapi.co .google-analytics.com .doubleclick.net; child-src 'self'; font-src 'self' data: https://fonts.gstatic.com use.typekit.net unpkg.com; form-action 'self' https://.digitalshadows.com .marketo.com; frame-src 'self' https://.digitalshadows.com *.marketo.com www.youtube.com www.slideshare.net w.soundcloud.com https://js.driftt.com https://mitre-attack.github.io https://optimize.google.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.digitalshadows.com
:scheme: https
:path: /blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://mailer.digitalshadows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mailer.digitalshadows.com/

Response headers

content-type: text/html
x-amz-id-2: K00A0nwiSoXGhF0arlaprjLjjIS95FJny6NBnOyRq2zRC0Dn0zO7ADce/Z1R/yaWrEhXmEH11Xs=
x-amz-request-id: 08PH8X1FW51538SM
last-modified: Tue, 17 Aug 2021 11:28:23 GMT
server: DS
content-encoding: gzip
date: Tue, 17 Aug 2021 19:29:06 GMT
etag: W/"4204e9106020421cf93cd10659eb2b87"
vary: Accept-Encoding
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.digitalshadows.com *.marketo.com munchkin.marketo.net *.google-analytics.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net use.typekit.net https://js.driftt.com https://tagmanager.google.com *.adroll.com https://d.adroll.mgr.consensu.org https://snap.licdn.com https://optimize.google.com https://nexus.ensighten.com; style-src 'self' 'unsafe-inline' https://*.digitalshadows.com https://fonts.googleapis.com *.marketo.com *.typekit.net unpkg.com https://tagmanager.google.com https://optimize.google.com; img-src * data:; connect-src 'self' *.digitalshadows.com *.marketo.com *.mktoresp.com api.ipstack.com https://ipapi.co *.google-analytics.com *.doubleclick.net; child-src 'self'; font-src 'self' data: https://fonts.gstatic.com use.typekit.net unpkg.com; form-action 'self' https://*.digitalshadows.com *.marketo.com; frame-src 'self' https://*.digitalshadows.com *.marketo.com www.youtube.com www.slideshare.net w.soundcloud.com https://js.driftt.com https://mitre-attack.github.io https://optimize.google.com; worker-src 'self' blob:
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: RefreshHit from cloudfront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: _8aLpS9hwXQz6lNrnKn33yBicT0vYTpnL_HZTsDlW595cJAbQX4MoA==

GET
H2 200 head-85a21130da5cc54e974072b8142d4d8e08518c24.css
www.digitalshadows.com/wp-content/cache/asset-cleanup/css/ 213 KB
36 KB 17ms
16ms Stylesheet
text/css 2600:9000:21f3:9e00:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/css/head-85a21130da5cc54e974072b8142d4d8e08518c24.css
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9e00:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfd05e463ed81dea01ebc89be35ef52ac48149fe7f04d74178d6c24defcf0be3

Request headers

:path: /wp-content/cache/asset-cleanup/css/head-85a21130da5cc54e974072b8142d4d8e08518c24.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.digitalshadows.com
referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:30:48 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 11:28:36 GMT
server: AmazonS3
age: 28698
etag: W/"6ba0e0bc11e3287dcc817d953a146bc3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 0rPKaCpiVALJuRlscipr7J8hZwb6fLw98Nrcw_Y60KhkMuZetSiEBQ==

GET
H2 200 head-a414ccf27ac45084d28fcccc551176349fa483bc.js Show response
www.digitalshadows.com/wp-content/cache/asset-cleanup/js/ 126 KB
40 KB 17ms
16ms Script
application/javascript 2600:9000:21f3:9e00:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/js/head-a414ccf27ac45084d28fcccc551176349fa483bc.js
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9e00:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ad463f6431a140ca68467f83a580a6f856ed6842033d7cc2745dc758d4385bf

Request headers

:path: /wp-content/cache/asset-cleanup/js/head-a414ccf27ac45084d28fcccc551176349fa483bc.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.digitalshadows.com
referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:30:48 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 11:28:37 GMT
server: AmazonS3
age: 28698
etag: W/"2443b3b64c6956c5892839c3ab84bfe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: BjMZQpTBvdtaxYThdTRtQObhBvxwUV72v_6N_SXt5pqksUCkHioUWw==

GET
H2 200 body-cde415677d8757ebbe633d4ded15924fcded97db.js Show response
www.digitalshadows.com/wp-content/cache/asset-cleanup/js/ 461 KB
133 KB 17ms
17ms Script
application/javascript 2600:9000:21f3:9e00:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/js/body-cde415677d8757ebbe633d4ded15924fcded97db.js
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9e00:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d3b756491fc9e76c2bffd856ce0cbd0e5b290daec2578c66f4b64bf485777cd

Request headers

:path: /wp-content/cache/asset-cleanup/js/body-cde415677d8757ebbe633d4ded15924fcded97db.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.digitalshadows.com
referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:30:50 GMT
content-encoding: gzip
last-modified: Sun, 25 Jul 2021 20:34:58 GMT
server: AmazonS3
age: 28696
etag: W/"e168d619f104adec06ae38072e822a98"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: c0v6UfaUj_0r9cc6CJbImHQCcltk4k1mh2rg72BR2v72OsuvGEjVMg==

GET
H2 200 css
fonts.googleapis.com/ 9 KB
850 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Requested by

Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/css/head-85a21130da5cc54e974072b8142d4d8e08518c24.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e4849329855f04b847b923fc72de03af0d9ab0c7d38e6dee9e92d84f5d33d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 Aug 2021 18:57:43 GMT
server: ESF
date: Tue, 17 Aug 2021 19:29:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Aug 2021 19:29:05 GMT

GET
H2 200 grp0jzg.css
use.typekit.net/ 2 KB
862 B 25ms
13ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/grp0jzg.css?family=Open+Sans:300,400,600,700&display=swap

Requested by

Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/css/head-85a21130da5cc54e974072b8142d4d8e08518c24.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

ed6f5f1b4824511de4da4fc92704af90a93027aaeeeed6723d6f192c70f63ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 17 Aug 2021 19:29:05 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 630

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 18ms
6ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=grp0jzg&ht=tk&f=32231.32232&a=82983317&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css?family=Open+Sans:300,400,600,700&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:06 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
53 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV

Requested by

Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

260c5125f4cba0ac68c89ddde072ebc7cfbc100bdb7466efedc4acbbb0a76ba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54612
x-xss-protection: 0
last-modified: Tue, 17 Aug 2021 18:45:53 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 Aug 2021 19:29:06 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e91702114615d08c84ca195be675d70366b0e49ce0a6111226fcd4af43adf1b1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a43534ed5185c9118b4f08536062eab774cbdf95e39a9daf4d2798686f339a1e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 267bd619de3ebf2118926fb75d91805ad2d08c7f7553ccb6344c348c659b477c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71268763a3396c2ab4b56f604265775da1a7b6e0f155abe5d6c19357c6a439d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/ 16 KB
16 KB 17ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css?family=Open+Sans:300,400,600,700&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c

Request headers

Origin: https://www.digitalshadows.com
Referer: https://use.typekit.net/grp0jzg.css?family=Open+Sans:300,400,600,700&display=swap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:06 GMT
server: nginx
etag: "b9e1ecdf0fe601a7e9dfc362b400290203e7b31c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16456

GET
H2 200 fa-solid-900.woff2
www.digitalshadows.com/wp-content/themes/new-ds/assets/css/webfonts/ 76 KB
77 KB 32ms
31ms Font
font/woff2 2600:9000:21f3:9e00:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/themes/new-ds/assets/css/webfonts/fa-solid-900.woff2
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/css/head-85a21130da5cc54e974072b8142d4d8e08518c24.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9e00:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

:path: /wp-content/themes/new-ds/assets/css/webfonts/fa-solid-900.woff2
pragma: no-cache
origin: https://www.digitalshadows.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.digitalshadows.com
referer: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/css/head-85a21130da5cc54e974072b8142d4d8e08518c24.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.digitalshadows.com
Referer: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/css/head-85a21130da5cc54e974072b8142d4d8e08518c24.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:30:52 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 21:12:12 GMT
server: AmazonS3
age: 28695
etag: "e8a427e15cc502bef99cfd722b37ea98"
x-cache: Hit from cloudfront
content-type: font/woff2
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 78196
x-amz-cf-id: gx6KDsSycultALugRZMkU0klYxSK8LFStiWTb_VzQrZhDkL6zbPDwA==

GET
H2 200 fa-brands-400.woff2
www.digitalshadows.com/wp-content/themes/new-ds/assets/css/webfonts/ 75 KB
75 KB 36ms
36ms Font
font/woff2 2600:9000:21f3:9e00:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/themes/new-ds/assets/css/webfonts/fa-brands-400.woff2
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/css/head-85a21130da5cc54e974072b8142d4d8e08518c24.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9e00:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

:path: /wp-content/themes/new-ds/assets/css/webfonts/fa-brands-400.woff2
pragma: no-cache
origin: https://www.digitalshadows.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.digitalshadows.com
referer: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/css/head-85a21130da5cc54e974072b8142d4d8e08518c24.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.digitalshadows.com
Referer: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/css/head-85a21130da5cc54e974072b8142d4d8e08518c24.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:30:52 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 21:12:11 GMT
server: AmazonS3
age: 28695
etag: "f7307680c7fe85959f3ecf122493ea7d"
x-cache: Hit from cloudfront
content-type: font/woff2
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 76764
x-amz-cf-id: QHJdoQG5xMGOsYcEa69iR-C389MVh6R0QqhwKR6-GX8QOWMoAd8W6Q==

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.digitalshadows.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:29:17 GMT
x-content-type-options: nosniff
age: 68389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:29:17 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.digitalshadows.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:27 GMT
x-content-type-options: nosniff
age: 68199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:27 GMT

GET
H2 200 ds-aerial-01-3x2.jpg
www.digitalshadows.com/uploads/2019/09/ 1 MB
1 MB 18ms
18ms Image
image/jpeg 2600:9000:21f3:9e00:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/uploads/2019/09/ds-aerial-01-3x2.jpg
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9e00:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e599593de0c6e9970308b73ee132398a6574324c5b1e91205d657a213669867

Request headers

:path: /uploads/2019/09/ds-aerial-01-3x2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.digitalshadows.com
referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:38:57 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Fri, 20 Sep 2019 19:33:37 GMT
server: AmazonS3
age: 28210
etag: "60301525963df1efae31e68df17ce1ab"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1423935
x-amz-cf-id: 4myxAV_MIaQWBDMs2wMe52PiZkLYLJlluQ-QDKg5ILD59q_-hLurPA==

GET
H2 200 l
use.typekit.net/af/7f09be/00000000000000003b9b0acb/27/ 15 KB
16 KB 28ms
21ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7f09be/00000000000000003b9b0acb/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css?family=Open+Sans:300,400,600,700&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 490a471eb1956df4e31c8cb7d9e0d0d3062bd51e8a60b8f26b63cb7b50103501

Request headers

Origin: https://www.digitalshadows.com
Referer: https://use.typekit.net/grp0jzg.css?family=Open+Sans:300,400,600,700&display=swap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:06 GMT
server: nginx
etag: "46b57e3bdcaac36d275304ba2c6a88f5f3981efb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15860

GET
H2 200 / Show response
ipapi.co/json/ 718 B
912 B 273ms
255ms XHR
application/json 2606:4700:20::681a:82c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/

Requested by

Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/js/head-a414ccf27ac45084d28fcccc551176349fa483bc.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:82c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a03b6b1ded84bb5ecbf3596c59445ae86a1e500c103542ae1f560a8539972af2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:06 GMT
content-encoding: br
allow: OPTIONS, OPTIONS, POST, HEAD, GET
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8Wy0SmBUBbCkEOFVTSppuBdLOy33TZnHfC5uKdfViiw4sSprRvpSzkrrBBFNrS3Rug0EB3LOSd5rIXKPqMoXXfiUwg1HcwmCo%2Fa%2BfJWt6d5Hg5%2BoQ5xc5ai9KCDqCagITystGyg"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.digitalshadows.com
cf-ray: 68054f2e2d0ce003-FRA

GET
H2 200 logo.svg
www.digitalshadows.com/wp-content/themes/new-ds/assets/images/ 3 KB
2 KB 21ms
20ms Image
image/svg+xml 2600:9000:21f3:9e00:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/wp-content/themes/new-ds/assets/images/logo.svg
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9e00:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47036c6546adb51c4a0f5c80986edcdd0dacae68b27ea6456a1f7b923ee0cff7

Request headers

:path: /wp-content/themes/new-ds/assets/images/logo.svg
pragma: no-cache
cookie: cookielawinfo-checkbox-analytics-and-marketing-cookies-es=yes
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.digitalshadows.com
referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:38:57 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 12:44:13 GMT
server: AmazonS3
age: 28210
etag: W/"583031fb4ffc6aa9208f1e5e135e34ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 3vcaaKqsLqvGs_9I-bS2xc6Jd2jrfZDQ29WMe0hKreifPIISO5JDoQ==

GET
H2 200 Screen-Shot-2021-08-04-at-3.24.31-PM.png
www.digitalshadows.com/uploads/2021/08/ 3 KB
3 KB 21ms
21ms Image
image/png 2600:9000:21f3:9e00:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/uploads/2021/08/Screen-Shot-2021-08-04-at-3.24.31-PM.png
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9e00:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f977f83c04d507e3653f917bb084f86ce1a7c2166853d2f140f84e6aa183118a

Request headers

:path: /uploads/2021/08/Screen-Shot-2021-08-04-at-3.24.31-PM.png
pragma: no-cache
cookie: cookielawinfo-checkbox-analytics-and-marketing-cookies-es=yes
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.digitalshadows.com
referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:43:05 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Wed, 11 Aug 2021 10:34:26 GMT
server: AmazonS3
age: 27962
etag: "5fc8cbcfe385a913091a8e9bf02f608b"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2704
x-amz-cf-id: ljDPClm7C3hZ7mmxdAqZwpi0sB22AnAgvazBmkflw8Nmoc_b94Ozpw==

GET
H2 200 Michael-Marriott-Digital-Shadows.png
www.digitalshadows.com/uploads/2017/11/ 57 KB
57 KB 24ms
23ms Image
image/png 2600:9000:21f3:9e00:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/uploads/2017/11/Michael-Marriott-Digital-Shadows.png
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9e00:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc8d80a0b5aa5fee961be81e0904bb808096b1682c9d6a25274f0050be46a06f

Request headers

:path: /uploads/2017/11/Michael-Marriott-Digital-Shadows.png
pragma: no-cache
cookie: cookielawinfo-checkbox-analytics-and-marketing-cookies-es=yes
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.digitalshadows.com
referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 12:36:23 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Thu, 18 Feb 2021 11:40:33 GMT
server: AmazonS3
age: 24764
etag: "cbc230806de8387281c36b1a1df16363"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 58241
x-amz-cf-id: FnZkr5btGRsuqd8YmXu8d8aDF5_YA4HA1zXtyGTChajvxrQum4TL8Q==

GET
H2 200 Image-from-iOS-2-2.jpeg
www.digitalshadows.com/uploads/2021/08/ 17 KB
17 KB 144ms
143ms Image
image/jpeg 2600:9000:21f3:9e00:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/uploads/2021/08/Image-from-iOS-2-2.jpeg
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9e00:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a95238ead9ee13b212ebd7f60e8909ad6e81a1e7a386f50c2ebd378f9f9c9d8

Request headers

:path: /uploads/2021/08/Image-from-iOS-2-2.jpeg
pragma: no-cache
cookie: cookielawinfo-checkbox-analytics-and-marketing-cookies-es=yes
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.digitalshadows.com
referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:07 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Wed, 11 Aug 2021 10:34:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "41ae77b95e51ad86d36818c0e4ed5944"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 16932
x-amz-cf-id: bv0sdGsx69WizJG9aeTtFuWEtrbllnhGkBNmAhDum9s59LiLectwtg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 925
date: Tue, 17 Aug 2021 19:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Tue, 17 Aug 2021 21:13:41 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:29:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=59519
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 60ms
59ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: mailer.digitalshadows.com
URL: https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF-2V-ookcybe9NrJuuYQQt0R2Hr3AlQELeCmwBlYG21bhJQ58t-_N46E-tnXvcfgyESUsi1yg=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:29:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 01:40:41 GMT
Server: AkamaiNetStorage
ETag: "5379c4a40ff8ae9d2fc6484dd1c57349:1622166041.794746"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H/1.1 200
OK rtp.js Show response
lonrtp1-cdn.marketo.com/rtp-api/v1/ 151 KB
42 KB 228ms
92ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Requested by

Host: mailer.digitalshadows.com
URL: https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF-2V-ookcybe9NrJuuYQQt0R2Hr3AlQELeCmwBlYG21bhJQ58t-_N46E-tnXvcfgyESUsi1yg=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-226.deploy.static.akamaitechnologies.com

Software

Jetty(7.3.1.v20110307) /

Resource Hash

cf6eac849a3f90d66b855f66b7d76259c12c153d4491ffa37cff58085dd2f4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Last-Modified: Tue, 22 Jun 2021 21:24:24 GMT
Server: Jetty(7.3.1.v20110307)
Date: Tue, 17 Aug 2021 19:29:06 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=236
Connection: keep-alive
Content-Length: 42412

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/14433/ 28 KB
9 KB 219ms
97ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/14433/Bootstrap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 374be07315aca8f5bffc3a07dd2cf4a3adb59c50ece78dc3230b3fac209c181f

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:06 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 14:18:18 GMT
server: nginx
etag: W/"60e5b7aa-7076"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 44 KB
15 KB 7ms
7ms Script
text/javascript 2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 222f47a5e4e424714c9f9198001e343610ab1616ac4c7f585c85ab70ff616e1a

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fqsssg89_BmJPAP8by9dhQEwQhKvwF2Y
Content-Encoding: gzip
ETag: "a1f84e5b42f0e9274c1d471f5ef477f3"
x-amz-request-id: BGHE9YQ3TWJ9YXT1
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 14412
x-amz-id-2: lvuXMqJlEd/CyIbJwBJPSwSQmV2lZgMI3Nqc40aXa1qDfDH5YxcYiGBv1u8YwrTGZq1atUFmNEE=
Last-Modified: Thu, 12 Aug 2021 22:50:35 GMT
Server: AmazonS3
Date: Tue, 17 Aug 2021 19:29:06 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 103 KB
41 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-M7472C6&t=gtm4&cid=1776325683.1629228546

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bafc5c95b511cfa556c18a946aea0b7c52691d80b311c26d11a1a110e19c0f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41510
x-xss-protection: 0
expires: Tue, 17 Aug 2021 19:29:06 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1629228546314&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2017233%26time%3D1629228546314%26url%3Dhttps%253A%252F%252Fwww.digitalshadows.com...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1629228546314&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1629228546314&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFW...

0
371 B

456ms
194ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1629228546314&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&liSync=true&e_ipv6=AQLl2JjRGqXrdAAAAXtVlrqXZ7veB5P9Czi3Ky0cCkhS67ukM_0blTDc9yd6sSC7zBxitFgi
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:07 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: 6f4RSLsunBagurWqOCsAAA==

Redirect headers

date: Tue, 17 Aug 2021 19:29:06 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1629228546314&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&liSync=true&e_ipv6=AQLl2JjRGqXrdAAAAXtVlrqXZ7veB5P9Czi3Ky0cCkhS67ukM_0blTDc9yd6sSC7zBxitFgi
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: L8vILrsunBbQIYMS6ioAAA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

8ms
8ms

Script
application/javascript

2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: negMAsSEs.M1Zq1srV8VMS7DU8lxhds7
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: PVEJB32D62PZ7QQB
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: +lA2lXF/kq/ujOvt+INtw08Fx4bZTFRaEiOA0eOd2jl3+U7b/XkzWjlVjEUaPxszx8mmbr8ofFk=
Last-Modified: Mon, 19 Jul 2021 22:23:14 GMT
Server: AmazonS3
Date: Tue, 17 Aug 2021 19:29:06 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Tue, 17 Aug 2021 19:29:06 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/ 0
773 B 11ms
11ms Script
text/javascript 2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: BQHR1Xg08hB1Clf5FRB5PBFUMsZDQwAW
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: BYFG81Z5WRY1M4KH
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: aoa2hjjrFsAU1hv42440kDurpVHPXVdcV8tRkvkPpNHv9c6tf4ZaA4rJRx21qWrd+xYuEUI7wu8=
Last-Modified: Mon, 16 Aug 2021 18:41:11 GMT
Server: AmazonS3
Date: Tue, 17 Aug 2021 19:29:06 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/M2GUWUTBBJFFRJ7RPYG7FT?_s=bdfd2889e70c20c3f991e290c7399853&_b=2
https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=bdfd2889e70c20c3f991e290c7399853&_b=2

395 B
864 B

200ms
66ms

Script
application/javascript

63.33.54.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=bdfd2889e70c20c3f991e290c7399853&_b=2
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.54.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-54-207.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 0882129e426a067f2e9880622f3ea5b9053d667d9fa4ac4aadc7f181819d66bf

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:29:06 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 395
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location: https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=bdfd2889e70c20c3f991e290c7399853&_b=2
date: Tue, 17 Aug 2021 19:29:06 GMT
server: nginx/1.20.0
content-length: 105

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=987412710&t=pageview&_s=1&dl=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&dr=https%3A%2F%2Fmailer.digitalshadows.com%2F&ul=en-us&de=UTF-8&dt=Understanding%20Smishing%20Attacks%20%7C%20Digital%20Shadows&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=2123095909&gjid=515963667&cid=1776325683.1629228546&tid=UA-24205771-1&_gid=538938020.1629228546&_r=1&gtm=2wg8g0PG934MV&cd1=Michael%20Marriott&cd2=August%2010%2C%202021&cd3=1&cd4=Understanding%20Smishing%20Attacks%20%7C%20Digital%20Shadows&cd5=general-cyber-security&cd6=brand-protection%2Cphishing%2Csmishing&z=940457008

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:29:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.digitalshadows.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/160/ 11 KB
5 KB 62ms
62ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/160/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:29:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 02:54:38 GMT
Server: AkamaiNetStorage
ETag: "19a9335fd71267d56e65bc19390f3100:1613703278.138281"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4811
Expires: Thu, 25 Nov 2021 19:29:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-24205771-1&cid=1776325683.1629228546&jid=2123095909&gjid=515963667&_gid=538938020.1629228546&_u=aGDAAEACQAAAAC~&z=884509609

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 17 Aug 2021 19:29:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.digitalshadows.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-24205771-1&cid=1776325683.1629228546&jid=2123095909&_u=aGDAAEACQAAAAC~&z=262814284

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:29:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-24205771-1&cid=1776325683.1629228546&jid=2123095909&_u=aGDAAEACQAAAAC~&z=262814284

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:29:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/14433/ 485 B
627 B 74ms
73ms Script
text/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/14433/serverComponent.php?r=33317.38875417227&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/14433/code/&publishedOn=Wed%20Jul%2007%2014:18:16%20GMT%202021&ClientID=923&PageID=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/14433/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3e9d13bafa23be66a00cb84fffa901a05b3bf94e832ec3fc927216e4dee74470

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:06 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 485
expires: Tue, 17 Aug 2021 19:29:05 GMT

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/ 91 KB
33 KB 250ms
92ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:29:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2015 11:20:15 GMT
Server: AkamaiNetStorage
ETag: "3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 33467

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 22 KB
4 KB 217ms
60ms Stylesheet
text/css 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:29:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: AkamaiNetStorage
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3752

GET
H/1.1 200
OK trw Show response
lonrtp1.marketo.com/gw1/ 0
436 B 321ms
57ms Script
application/x-javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/trw?aid=digitalshadows&ref=https%3A%2F%2Fmailer.digitalshadows.com%2F&trwv.uid=digitalshadows-1629228546568-0150861e&trwv.vc=1&trwsa.sid=digitalshadows-1629228546570-8248e22d&trwsb.cpv=1&ctzo=+02:00&uri=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&pm=1116&viewedTypes=&rts=1629228546572

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:29:06 GMT
Cache-Control: no-cache
Server: Jetty(7.3.1.v20110307)
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Content-Type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK ga-integration-2.0.4.js Show response
rtp-static.marketo.com/rtp/libs/ 17 KB
6 KB 235ms
68ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js
Requested by: Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:29:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 07:56:23 GMT
Server: AkamaiNetStorage
ETag: "cfd84ea6865e772828527b0485a0eb7e:1622706982.648039"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5540

GET
H/1.1 200
OK msg Show response
lonrtp1.marketo.com/gw1/ 0
495 B 285ms
63ms Script
text/javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/msg?a=2&sid=digitalshadows-1629228546570-8248e22d&aid=digitalshadows&viewedTypes=&0.12752495308157563&rts=1629228546623

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:29:06 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H2 200 18fc5a6d895cd46ef07cd43186523526.js Show response
nexus.ensighten.com/choozle/14433/code/ 4 KB
962 B 60ms
60ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/14433/code/18fc5a6d895cd46ef07cd43186523526.js?conditionId0=4908771&conditionId1=4906998&conditionId2=4908774&conditionId3=4908772&conditionId4=4906997&conditionId5=4908773
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/14433/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1d692f45f83761efc989e280fa440bd5a4f6e493cf7c0c40229728b3594aae95

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:06 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 14:18:18 GMT
server: nginx
etag: W/"60e5b7aa-1166"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 7e3bcccbe9be6061a65a6eb142929580.js Show response
nexus.ensighten.com/choozle/14433/code/ 2 KB
558 B 61ms
60ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/14433/code/7e3bcccbe9be6061a65a6eb142929580.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/14433/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 20:56:02 GMT
server: nginx
etag: W/"60c12ae2-746"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2

200

47154.gif
idsync.rlcdn.com/
Redirect Chain

https://cs.choozle.com/dp/chz/23707?d=www.digitalshadows.com&cb=5861806780
https://cs.choozle.com/sync
https://cs.choozle.com/sync?v=true&cid=9d73589a-5e22-49c9-9206-f4205df1c78f
https://tags.bluekai.com/site/48443?id=9d73589a-5e22-49c9-9206-f4205df1c78f&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3D9d73589a-5e22-49c9-9206-f4205...
https://cs.choozle.com/sync?pid=LwWFmx99999TLhhC&dpsync=bk&cid=9d73589a-5e22-49c9-9206-f4205df1c78f
https://match.adsrvr.org/track/cmf/generic?ttd_puid=9d73589a-5e22-49c9-9206-f4205df1c78f&ttd_pid=gdmv7qs&ttd_tpi=1
https://cs.choozle.com/sync?pid=77f804d3-910a-41f1-9601-16c5975f3312&dpsync=ttd&cid=9d73589a-5e22-49c9-9206-f4205df1c78f
https://idsync.rlcdn.com/459489.gif?partner_uid=9d73589a-5e22-49c9-9206-f4205df1c78f
https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=8d38611c-0e04-4700-b415-884ffea1b724

42 B
315 B

49ms
49ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=8d38611c-0e04-4700-b415-884ffea1b724
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 19:29:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Date: Tue, 17 Aug 2021 19:29:08 GMT
Server: MT3 3842 1127766 master zrh-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=8d38611c-0e04-4700-b415-884ffea1b724
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 17 Aug 2021 19:29:07 GMT

GET
H2

200

47154.gif
idsync.rlcdn.com/
Redirect Chain

https://cs.choozle.com/dp/chz/24190?d=www.digitalshadows.com&cb=555898069
https://cs.choozle.com/sync
https://cs.choozle.com/sync?v=true&cid=c68d3f2b-6051-41b9-8a43-e9292ed2ee1d
https://tags.bluekai.com/site/48443?id=c68d3f2b-6051-41b9-8a43-e9292ed2ee1d&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3Dc68d3f2b-6051-41b9-8a43-e9292...
https://cs.choozle.com/sync?pid=0jb6B999999TLhhC&dpsync=bk&cid=c68d3f2b-6051-41b9-8a43-e9292ed2ee1d
https://match.adsrvr.org/track/cmf/generic?ttd_puid=c68d3f2b-6051-41b9-8a43-e9292ed2ee1d&ttd_pid=gdmv7qs&ttd_tpi=1
https://cs.choozle.com/sync?pid=77f804d3-910a-41f1-9601-16c5975f3312&dpsync=ttd&cid=c68d3f2b-6051-41b9-8a43-e9292ed2ee1d
https://idsync.rlcdn.com/459489.gif?partner_uid=c68d3f2b-6051-41b9-8a43-e9292ed2ee1d
https://idsync.rlcdn.com/1000.gif?memo=COGFHBIwCiwIARCp7AEaJGM2OGQzZjJiLTYwNTEtNDFiOS04YTQzLWU5MjkyZWQyZWUxZBAAGg0IhJzwiAYSBQjoBxAAQgBKAA
https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=8a06611c-0e04-4400-b037-ad783b87f516

42 B
315 B

49ms
49ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=8a06611c-0e04-4400-b037-ad783b87f516
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 19:29:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Date: Tue, 17 Aug 2021 19:29:08 GMT
Server: MT3 3842 1127766 master zrh-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=8a06611c-0e04-4400-b037-ad783b87f516
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 17 Aug 2021 19:29:07 GMT

GET
H2

200

362358.gif
idsync.rlcdn.com/
Redirect Chain

https://cs.choozle.com/dp/chz/24191?d=www.digitalshadows.com&cb=9006783852
https://cs.choozle.com/sync
https://cs.choozle.com/sync?v=true&cid=418d623b-b7fe-4353-b9e6-25371a0c0ec1
https://tags.bluekai.com/site/48443?id=418d623b-b7fe-4353-b9e6-25371a0c0ec1&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3D418d623b-b7fe-4353-b9e6-25371...
https://cs.choozle.com/sync?pid=durZBQ99999TLhhC&dpsync=bk&cid=418d623b-b7fe-4353-b9e6-25371a0c0ec1
https://match.adsrvr.org/track/cmf/generic?ttd_puid=418d623b-b7fe-4353-b9e6-25371a0c0ec1&ttd_pid=gdmv7qs&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_puid=418d623b-b7fe-4353-b9e6-25371a0c0ec1&ttd_pid=gdmv7qs&ttd_tpi=1
https://cs.choozle.com/sync?pid=77f804d3-910a-41f1-9601-16c5975f3312&dpsync=ttd&cid=418d623b-b7fe-4353-b9e6-25371a0c0ec1
https://idsync.rlcdn.com/459489.gif?partner_uid=418d623b-b7fe-4353-b9e6-25371a0c0ec1
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHzV92wcCFzldUJkZGE9PeQ&google_cver=1

42 B
326 B

50ms
50ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHzV92wcCFzldUJkZGE9PeQ&google_cver=1
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 19:29:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:29:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHzV92wcCFzldUJkZGE9PeQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

IANINNYENVANJHID2VKV5Q.js Show response
s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/
Redirect Chain

https://d.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2F...
https://s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/IANINNYENVANJHID2VKV5Q.js

4 KB
2 KB

11ms
11ms

Script
text/javascript

2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/IANINNYENVANJHID2VKV5Q.js
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89363313b6a176df6776e3201ceb0cb88e007e9d679af05295e4978382b909b5

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Q1c00haY9JV0hYM5sJDOIEfWIMkH_Xye
Content-Encoding: gzip
ETag: "8fcfd4dd2f59ff3997c5dfb98e51fc73"
x-amz-request-id: AY6M9QYAAPW4MNAK
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1358
x-amz-id-2: GE4MlsT7uymesruB8rjYBpDacM/9sunaRk7mWbuerwdvsOjvS0DjKGDxQfyDCPbXlgl5nSNA4HI=
Last-Modified: Wed, 14 Jul 2021 10:41:14 GMT
Server: AmazonS3
Date: Tue, 17 Aug 2021 19:29:06 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.20.0
x-rule: *
date: Tue, 17 Aug 2021 19:29:06 GMT
x-segment-eid: IANINNYENVANJHID2VKV5Q
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/IANINNYENVANJHID2VKV5Q.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: Visitors to Unsegmented Pages
x-pixel-eid: VD4NA2LPTRDHFCOWWLH536
x-segment-name: *
x-advertisable-eid: M2GUWUTBBJFFRJ7RPYG7FT
content-length: 0
x-conversion-currency

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 126 KB
35 KB 74ms
74ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by: Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:29:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: AkamaiNetStorage
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 35484

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 11 KB
3 KB 8ms
8ms Script
text/javascript 2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&pv=28058558127.331646&cookie=&adroll_s_ref=https%3A//mailer.digitalshadows.com/&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c04b8d937f8fae8ee529150c99e9994b2791022d6c9e2749aa47510668474042

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FDjG9Vr_odYCV4QpyLD3IRUtTn8Z3Soa
Content-Encoding: gzip
ETag: "f2e861b5f8acd6b51e3f658bf9efc7f3"
x-amz-request-id: VCVA5T6RE95H525D
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2711
x-amz-id-2: m0LxVubSeF5Olj8ogK5VaAmfCij6KvzXCUGjvmLT1tyjEWtHqqU7dVHa1VA+2AlUN0DdoftH71M=
Last-Modified: Tue, 17 Aug 2021 14:44:54 GMT
Server: AmazonS3
Date: Tue, 17 Aug 2021 19:29:06 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&expiration=1660764546
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&expiration=1660764546&C=1

43 B
1 KB

89ms
85ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&expiration=1660764546&C=1
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 19:29:07 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 19:29:07 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 19:29:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&expiration=1660764546&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Tue, 17 Aug 2021 19:29:07 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&expires=365

0
239 B

198ms
53ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&expires=365
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&expires=365
pragma: no-cache
date: Tue, 17 Aug 2021 19:29:06 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/onevideo/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3F...
https://pixel.advertising.com/ups/55980/sync?uid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
125 B

259ms
138ms

Image
text/plain

18.184.95.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.95.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-95-242.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:07 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55980/sync?uid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Tue, 17 Aug 2021 19:29:06 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 167
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3F...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&rdrctExp=true

0
477 B

126ms
125ms

Image
text/plain

64.202.112.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&rdrctExp=true
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:29:07 GMT
Cache-Control: no-cache
X-TraceId: 33fc7aef5ea064cc01ee87092a5a7183
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&rdrctExp=true
Date: Tue, 17 Aug 2021 19:29:07 GMT
X-TraceId: badc1feb73ace3c5a22ff16ffa90167a
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3F...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
547 B

159ms
52ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:05 GMT
cache-control: no-store, no-cache, private
x-lat: amspug006:0:411
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Tue, 17 Aug 2021 19:29:06 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 220
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fm...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E

0
222 B

158ms
49ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21671

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E
pragma: no-cache
date: Tue, 17 Aug 2021 19:29:06 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%...
https://eb2.3lift.com/xuid?mid=4714&xuid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

49ms
48ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date: Tue, 17 Aug 2021 19:29:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok...
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
299 B

9ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:06 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Tue, 17 Aug 2021 19:29:06 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok...
https://x.bidswitch.net/sync?dsp_id=44&user_id=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E

43 B
343 B

66ms
66ms

Image
image/gif

18.196.76.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.76.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-76-242.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E
date: Tue, 17 Aug 2021 19:29:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok...
https://ib.adnxs.com/setuid?entity=172&code=NDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E

43 B
1 KB

52ms
50ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 19:29:07 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c36ac8d8-5c81-4b1e-8151-9e6971754f6b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 19:29:07 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6001a519-79c6-4394-a37f-6584e5c05dee
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNDViYTM0NGQ4ZmFmOGUwMzRhZDE3NzE2M2IwZjJmY2E
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 106ms
104ms Image
image/gif 63.33.54.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.54.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-54-207.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:06 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.20.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=45ba344d8faf8e034ad177163b0f2fca
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=45ba344d8faf8e034ad177163b0f2fca

43 B
180 B

56ms
55ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=45ba344d8faf8e034ad177163b0f2fca
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:29:07 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=45ba344d8faf8e034ad177163b0f2fca
date: Tue, 17 Aug 2021 19:29:07 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=a0d35647bd27dcab643261bce0bca621-1629228546764&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Funderstanding-smishing-attacks%2F%3Fmkt_tok...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=Rbo0TY-vjgNK0XcWOw8vyg
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=Rbo0TY-vjgNK0XcWOw8vyg&google_tc=
https://d.adroll.com/cm/g/in

42 B
536 B

66ms
66ms

Image
image/gif

63.33.54.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/understanding-smishing-attacks/?mkt_tok=NDU3LVhFWS02NzEAAAF-2V-oopsKI-ulNB_G8ewUIkbjU7e97uOtE4VQ3jZu3JQgZzPCZVT8mPP32iTV_lgLgR9JUKO7_5TRYqWlXihJVfXFOpE-Ql7Tk2Qj1RD0C-_B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.54.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-54-207.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:29:07 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:29:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK msg Show response
lonrtp1.marketo.com/gw1/ 0
495 B 183ms
62ms Script
text/javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/msg?a=2&sid=digitalshadows-1629228546570-8248e22d&aid=digitalshadows&viewedTypes=&0.00781678573501332&rts=1629228546895

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:29:07 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H2 200 8z7ynkcdvg2s.js Show response
js.driftt.com/include/1629228600000/ 214 KB
61 KB 337ms
194ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1629228600000/8z7ynkcdvg2s.js

Requested by

Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/cache/asset-cleanup/js/body-cde415677d8757ebbe633d4ded15924fcded97db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f6fa33fc1844f1583f7d793f2564beddecbe68c6920027846b82dd6900424fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MCE2g3ApAWNbKeBaPuJl9i3p6_QPRflv
content-encoding: gzip
etag: W/"bb5381869db285085ea0846f170f9227"
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 13 Aug 2021 15:07:33 GMT
server: nginx
date: Tue, 17 Aug 2021 19:29:11 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5fBsk7mTcwulfRuZatyBCeJihBESApIM3rbS3zV014E2otHzj5FGag==

GET
H2 200 core Show response
js.driftt.com/ Frame 38A9 2 KB
1 KB 175ms
174ms Document
text/html 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1629228600000/8z7ynkcdvg2s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

0a8983e031a642b41435adedc77e32a7495de254be8d074296f2dc18d2781d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.digitalshadows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.digitalshadows.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 13 Aug 2021 15:07:26 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 1KE3um.sVo8C5eKpMMDeXzb4ff1qTGS1
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 17 Aug 2021 19:29:11 GMT
cache-control: no-cache
etag: W/"97feb8c8c4875a1cd603fe9f20895d0a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ffixK_5dPRZtJSM4FJRadxPP4lvZtaT1FYPLnOLbRygybLjem4jQKA==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 4204 2 KB
1 KB 167ms
167ms Document
text/html 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1629228600000/8z7ynkcdvg2s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

0a8983e031a642b41435adedc77e32a7495de254be8d074296f2dc18d2781d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.digitalshadows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.digitalshadows.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 13 Aug 2021 15:07:26 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 1KE3um.sVo8C5eKpMMDeXzb4ff1qTGS1
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 17 Aug 2021 19:29:11 GMT
cache-control: no-cache
etag: W/"97feb8c8c4875a1cd603fe9f20895d0a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: WhAqdvud1ROsCTf9DiqSwEKk-BTAZYuEhMrsWz3OWeQ8uJG0C1KqUA==

GET
H2 200 runtime~main.d55596fb.js Show response
js.driftt.com/core/assets/js/ Frame 4204 6 KB
3 KB 64ms
63ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

4b337cf48d1a59d20b1bbb8c9e7f28b0f8c97a5fe2dcd3363c76992aaa92e64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:07:25 GMT
content-encoding: gzip
age: 361306
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 13 Aug 2021 14:43:54 GMT
server: nginx
etag: W/"8f69e1fb729aa4739fad0a5d7a340d03"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: at81wzdCVteCKFV9opnXqyfW5MPJQ55k
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3culqmbOUJ2-YDemQf_TmHsTCP3dpZUAfBFd6xOMVkGZemB8ZlJarg==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 58 KB
20 KB 69ms
69ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 00:17:01 GMT
content-encoding: gzip
age: 933130
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3A99N_7Tioo3QpdFCzYHk2cEDq8AclEMmnf1gQMUpxFzJvLqus0b-Q==

GET
H2 200 main~493df0b3.6a891983.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 6 KB
3 KB 72ms
72ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.6a891983.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b09e3b9615210dde8e0f0594ec34271b5a9847d755de80f7c8459860fa6a380e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:27 GMT
server: nginx
etag: W/"31470d5e039dd5d20457533806f15f82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4on25oB445WeNX23BljWSRDX2DgBIfh3
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: m1IkcSAsRzTqT-7uosInPTVxB4VbtiN9t1qpWnkKMpUZ2VoVrozS4w==

GET
H2 200 runtime~main.d55596fb.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 6 KB
3 KB 69ms
68ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

4b337cf48d1a59d20b1bbb8c9e7f28b0f8c97a5fe2dcd3363c76992aaa92e64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:07:25 GMT
content-encoding: gzip
age: 361306
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 13 Aug 2021 14:43:54 GMT
server: nginx
etag: W/"8f69e1fb729aa4739fad0a5d7a340d03"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: at81wzdCVteCKFV9opnXqyfW5MPJQ55k
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p1oRd78p3L3hRlw-m1GHYhk1KoeLtCEkzaqGpBN0Ra1jzVZUDzUTbw==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 58 KB
20 KB 74ms
73ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 00:17:01 GMT
content-encoding: gzip
age: 933130
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Gi_c9W5GNEmrcdRDPrknN7xtU7Dy2vo_nf161ILdfE3Oisuoltr8PA==

GET
H2 200 main~493df0b3.6a891983.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 6 KB
3 KB 74ms
74ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.6a891983.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b09e3b9615210dde8e0f0594ec34271b5a9847d755de80f7c8459860fa6a380e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:27 GMT
server: nginx
etag: W/"31470d5e039dd5d20457533806f15f82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4on25oB445WeNX23BljWSRDX2DgBIfh3
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ryNT7DuY2WPP_jZzzhN-FwGzVg4hrgjAdPAew1Bv6K6xoYpZNVOTzg==

GET
H2 200 41.5ac1924a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 44 KB
13 KB 78ms
78ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 2781038
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:29 GMT
server: nginx
etag: W/"27492691be2f532304605f9b1f52707d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fjHErLkQGuw8KCHe6nsXBZY1ZP6a0E9m
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SpuxJmdt8ZQetcsxKTH-QgVrW7Jg633SamQe_Qo-RbxY-LIcEUrY9A==

GET
H2 200 18.9c5cc161.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 44 KB
13 KB 82ms
81ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c5cc161.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

346d5677067b66df66edce6e6aba42394964c00e6de1daf7cda1005fdca27bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 1135931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"9628e411ea23d2bee3311d3ce5be363c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gKLNlue.uzN77IPXPW_MnMmQxrKeoE2X
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ee_hlNnocbZEwuL59EbaCPqSTgPgZQ-D_Cflm78nzCXlOZEyaCslTw==

GET
H2 200 34.73f521ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 25 KB
8 KB 84ms
83ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.73f521ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f7091ce8a9a66189bf5348e3af60a5705a9a6302f505339f051ad59ce894d568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 1135931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"d69dcbbb307d841744f818ddc6861a56"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jp8CuiDazFvZSYli910XK68x2F8gkbyt
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: byMeum6CK_oQdj7crVxsOm_Asfu_TYguwAmYmTN1EcxzvKE23Zb48g==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 16 KB
5 KB 85ms
84ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yJzurBF3P4QoKVvaddRGTKT2VYQcDNmDaRnQUUKUI6lWW48Aum5alA==

GET
H2 200 16.257925d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 83 KB
26 KB 89ms
88ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.257925d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

2454ec519e24ef9423ec7a339a25425d51d91098a1ea1f580b2fc84ec935d19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"e01f689afdf7b5830142f42ae4ee09bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9beqkj8VSI6eAcjaIi_Gh2CsKspyGkMp
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CLaz52gllG1y4Q1zfYH84RkRbGd2nBoghqFDBN9PhlEq1y-x4ZKOsQ==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 59 KB
19 KB 96ms
96ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J4Lkbqysnf2vg9LX5CmiipePNECRRRBf6CigHMBkms8-U8hcgqBcbw==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 91 KB
28 KB 65ms
64ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 00:17:01 GMT
content-encoding: gzip
age: 933131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QTc8DJ8iUh1eHiMGkVFZxLngmyWefgb18IZ0y7bWLNTTXZHzu2LQwA==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 23 KB
7 KB 67ms
67ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fI7OE5O2JYVAtKfCaoJ_RL_QcyD1yx3GabNuTboqXqGFf9dMe-iAIw==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 62 KB
19 KB 66ms
66ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Spo9QMlorFTnPsAuACRDigk17XWBm1WrMmJDvKzJD7xgUss0OnFHOw==

GET
H2 200 39.a5b56347.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 105 KB
34 KB 64ms
63ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.a5b56347.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d57c9ea10eb85de4cc1f71452737728de84fc986ad19f1835d82aad6a814cfa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 1135932
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"838b1df72227501d09348b5af290c40a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eEwBi4Gr92N2FILUHMD4W69ZILAjLoGe
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5givajxNSSkksUDSS-rZkTtauKhviIRCl_cC2d4PlHmkmAtdGxh45Q==

GET
H2 200 32.f0210426.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 12 KB
4 KB 64ms
64ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.f0210426.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fe47f22e3fc1c2249fec433edab6fa51acc3daccb2558204af5b2d627b2e6808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"2a252030aae2ea989e972f252034bfc3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: yFE6TMHTKBR2MeahX77xuFFC6uywsPre
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 90VghwgZhNAYSniduaFzAl7OQTkk6tsSBJ_uz5oV6NF9qbVAMsjK5w==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 12 KB
5 KB 65ms
65ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nX3w2c9yL2W1TE-gPb8RYfFBrl7XIsxB4PsnMyzpWpjvxBeQPgJnRQ==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 17 KB
7 KB 64ms
63ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: go5bgLz1uqH1mXEw3Tl.DlYL4V5K21A_
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vOrIP1E52no0oGwvuVDYH4Uu0XTKdYTTFuy8R-zceDRdg4txdCzsew==

GET
H2 200 7.004395ae.chunk.css
js.driftt.com/core/assets/css/ Frame 4204 11 KB
3 KB 97ms
97ms Stylesheet
text/css 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.004395ae.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d3d1211071d1961b504b36fa6754a09c7feb9e2b923c53d41399166106c6878e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:16:50 GMT
content-encoding: gzip
age: 443541
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 15:09:35 GMT
server: nginx
etag: W/"559577b02e08d038ea08b39691db92db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SSjK0M1BkHlo.72r.TJWo50rv3d0Fwcn
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hkxH7Fw_oWV3-d2qp-_-Wja8n3nlYvmWV_of5VG1AGSyRcrBEFVTIw==

GET
H2 200 7.275375de.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 70 KB
21 KB 66ms
66ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.275375de.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1336386616a05e47a33c5a4f189afe6eeb923faa6b7d0a4c55a153bfdf5cac7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 441740
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:55 GMT
server: nginx
etag: W/"9d7219a0a1173ab931a3cbf999911624"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ihGrkvo0yI_eKU9llvi4uXbGAevlAwa_
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JpnsaTg8fEqtXivp4XTWA1U91fU00cJJOTVOVGHs1_zlGwCNesZrdA==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 4204 24 B
664 B 96ms
95ms Stylesheet
text/css 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
age: 950213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KCvoF7sWfOKWHUGUt8yvunMc1o9b3FeMDcHjfCQnDg4Rc1snooQkSw==

GET
H2 200 14.304dd045.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 70 KB
18 KB 63ms
62ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.304dd045.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

7624f30c9e70e36751d7505cc475c452b5e3ddf28bea4812df168446fbab637f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 441740
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"87e4ec92f99844d9567d7b6b63e4427f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bvm51Pu_m9MdwNnlRKhZQYk68cVBc23O
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wq0wvB93FNPLfYYEyJeEFc5EoArt2PFqKp6kSXZmMqQfqcH3N3Yf_g==

GET
H2 200 21.dfc7462a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 43 KB
12 KB 64ms
63ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.dfc7462a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

63724b7e3e4fc3e457c30303fbcfcbe678ac6f9eaf36b37a8ea46251656183fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 441740
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"8b0844eac1933fab73d67b6b12749f99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: j_RfUwVYV76uZYYXPaIyploQ0XIevKCY
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fqzY0_cnNbqGUDdp5KxwCXEaCYiCbC70AFmsLt-PlP9q7zB-rxx6GA==

GET
H2 200 13.a73a51b1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 37 KB
12 KB 64ms
63ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.a73a51b1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5d46bd1ca592faf307a18106f751c6bd14e68071a6922c231ef03302ba330322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:07:25 GMT
content-encoding: gzip
age: 361307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 13 Aug 2021 14:43:51 GMT
server: nginx
etag: W/"7782ac54ff10345a70a89cc318ffd191"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5V8k8PHBBQxWmVGd49V5L3w1__CYkire
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6nRGVno473mZPb_046p6t1Npb1LzRiC47AhiCJHFd6wqHJEAb9ejNQ==

GET
H2 200 41.5ac1924a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 44 KB
13 KB 91ms
90ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 2781038
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:29 GMT
server: nginx
etag: W/"27492691be2f532304605f9b1f52707d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fjHErLkQGuw8KCHe6nsXBZY1ZP6a0E9m
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eW2fro2RH2WGl5aC67GFZ27i_lf-FtS0pq4JzPo5E2lO5eL-F_pxVw==

GET
H2 200 18.9c5cc161.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 44 KB
13 KB 93ms
92ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c5cc161.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

346d5677067b66df66edce6e6aba42394964c00e6de1daf7cda1005fdca27bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 1135931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"9628e411ea23d2bee3311d3ce5be363c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gKLNlue.uzN77IPXPW_MnMmQxrKeoE2X
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OtfNPQCcEWCN9fiCtuo59VIbEcIk0T2-Bn7QxusfQdXt2GWIzWUv-g==

GET
H2 200 34.73f521ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 25 KB
8 KB 95ms
94ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.73f521ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f7091ce8a9a66189bf5348e3af60a5705a9a6302f505339f051ad59ce894d568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 1135931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"d69dcbbb307d841744f818ddc6861a56"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jp8CuiDazFvZSYli910XK68x2F8gkbyt
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mxOP2WFAkf0iBCIbsQyejivbAx9j7Jkiq80UYTyD4zpkRG99tdmjfg==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 16 KB
5 KB 95ms
94ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7wMLLprOPqTAkTlmV-cRwZ4O84kk4hUBtGmQK4y30kDuyh29aL0U4w==

GET
H2 200 16.257925d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 83 KB
26 KB 100ms
99ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.257925d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

2454ec519e24ef9423ec7a339a25425d51d91098a1ea1f580b2fc84ec935d19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"e01f689afdf7b5830142f42ae4ee09bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9beqkj8VSI6eAcjaIi_Gh2CsKspyGkMp
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Y0eDdIBhS1tJz_ABAaLzSHoJySKRceltk5jLxh5sHQe3sOIKctF4ZA==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 59 KB
19 KB 107ms
106ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EA3v1IhcOsT6a_i62C3zq46dbbOu27GRYxtl5LDQdJYk3zDqycoAlA==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 91 KB
28 KB 65ms
65ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 00:17:01 GMT
content-encoding: gzip
age: 933131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nWQQNvDX6iWOWSx8inFGB8rXS_EZhLCKOjOpFulJIPoVUX5iIaBgzA==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 23 KB
7 KB 67ms
67ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0zDeJ-mKyaII53sstrFIM4VD8lYPSukPDE_ffygsfk1n8M6ZZ1RAkA==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 62 KB
19 KB 63ms
63ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Hrzgw5O_bcvOu8zXa8PAiH3nZBuWE3ibSE1eHSGEB_DH0cWQhfQQ_g==

GET
H2 200 39.a5b56347.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 105 KB
34 KB 63ms
63ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.a5b56347.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d57c9ea10eb85de4cc1f71452737728de84fc986ad19f1835d82aad6a814cfa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 1135932
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"838b1df72227501d09348b5af290c40a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eEwBi4Gr92N2FILUHMD4W69ZILAjLoGe
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UCFMYncFio7FVovcCxohKj3Iq-rNFKwoa7BwdsHAPbj1oLn2WiwoRw==

GET
H2 200 32.f0210426.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 12 KB
4 KB 64ms
63ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.f0210426.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fe47f22e3fc1c2249fec433edab6fa51acc3daccb2558204af5b2d627b2e6808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"2a252030aae2ea989e972f252034bfc3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: yFE6TMHTKBR2MeahX77xuFFC6uywsPre
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QlxfzGIybopOIUrLA6Qy4cMVz9H06v7frKMqOD4U0cK5FOZeRrojLQ==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 12 KB
5 KB 64ms
64ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wvdeJuAKf4ti-POBtwzdsDm5SCFqbHWvw1FGMmW6TPUPpHTlRU-yFA==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 17 KB
7 KB 65ms
65ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: go5bgLz1uqH1mXEw3Tl.DlYL4V5K21A_
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Imfo3czntJVboY99zNVMmPU4-kO6Z-Nl2N8V3wti3y5XDVwE3I5fWw==

GET
H2 200 7.004395ae.chunk.css
js.driftt.com/core/assets/css/ Frame 38A9 11 KB
3 KB 107ms
107ms Stylesheet
text/css 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.004395ae.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d3d1211071d1961b504b36fa6754a09c7feb9e2b923c53d41399166106c6878e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:16:50 GMT
content-encoding: gzip
age: 443541
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 15:09:35 GMT
server: nginx
etag: W/"559577b02e08d038ea08b39691db92db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SSjK0M1BkHlo.72r.TJWo50rv3d0Fwcn
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xDuonLKEQHpAKdbpCvI1qv8K-6XSPhog0C8U0cssKH3f4q1kLi6pLw==

GET
H2 200 7.275375de.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 70 KB
21 KB 66ms
66ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.275375de.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1336386616a05e47a33c5a4f189afe6eeb923faa6b7d0a4c55a153bfdf5cac7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 441740
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:55 GMT
server: nginx
etag: W/"9d7219a0a1173ab931a3cbf999911624"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ihGrkvo0yI_eKU9llvi4uXbGAevlAwa_
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GGCrlb0APJS6vN0BhBKHkGgUPOWEvIF2oeZumZQZV63Ttb4DsteZHg==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 38A9 24 B
664 B 107ms
107ms Stylesheet
text/css 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
age: 950213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yGy1hjrxH3YrnjbtaD08oFbtpkQ0TsU7K8A6sqPq6ePjtd-udR3HlA==

GET
H2 200 14.304dd045.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 70 KB
18 KB 64ms
64ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.304dd045.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

7624f30c9e70e36751d7505cc475c452b5e3ddf28bea4812df168446fbab637f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 441740
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"87e4ec92f99844d9567d7b6b63e4427f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bvm51Pu_m9MdwNnlRKhZQYk68cVBc23O
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8aE_KbF1ycZ4bzsAgMRwsccdYG_e8DhrG8317XznRgnB1R3BZzCpsQ==

GET
H2 200 21.dfc7462a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 43 KB
12 KB 68ms
67ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.dfc7462a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

63724b7e3e4fc3e457c30303fbcfcbe678ac6f9eaf36b37a8ea46251656183fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 441740
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"8b0844eac1933fab73d67b6b12749f99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: j_RfUwVYV76uZYYXPaIyploQ0XIevKCY
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GAw7fjAHE8_9kvB2vbcLWt0T61_wWPZ0pI3Sls7B3GV6ikUPwL4Kew==

GET
H2 200 13.a73a51b1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 37 KB
12 KB 68ms
67ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.a73a51b1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5d46bd1ca592faf307a18106f751c6bd14e68071a6922c231ef03302ba330322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:07:25 GMT
content-encoding: gzip
age: 361307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 13 Aug 2021 14:43:51 GMT
server: nginx
etag: W/"7782ac54ff10345a70a89cc318ffd191"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5V8k8PHBBQxWmVGd49V5L3w1__CYkire
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VWS_KVb1Qmed5AmLZvWBn6vsS4ri1foi7UbP8Ypx14dS1jzDDhNQPw==

POST
H/1.1 429
Too Many Requests / Show response
sentry.io/api/1485028/envelope/ Frame 4204 3 B
210 B 630ms
156ms Fetch
text/plain 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 15.42.188.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 17 Aug 2021 19:29:12 GMT
Server: nginx
Connection: keep-alive
ETag: "60e405a0-3"
Content-Length: 3
Content-Type: text/plain

GET
H2 200 30.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame 4204 6 KB
1 KB 64ms
63ms Stylesheet
text/css 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:29:47 GMT
content-encoding: gzip
age: 4247965
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 29 Jun 2021 15:10:44 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fetckuyHy7tVJ3YvictsA_agqEVkirdd
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tjIYR0IB-x2xO-k5YKHUXZ6qTwqkdH41NeohxsD8GI55WcKOA4MFkg==

GET
H2 200 30.5070bbde.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 2 KB
2 KB 64ms
63ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5070bbde.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"a4c169519747a3283936a635381e7676"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: CFPUVjYb649i3kVl6K_oER41eqaej1oX
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rkPP3b2Bqh9LWhQFTUegkIvMxQSNA1r9UqhXw-kzTmJixuhdv_yLxw==

POST
H/1.1 200
OK / Show response
sentry.io/api/1485028/envelope/ Frame 38A9 2 B
403 B 631ms
157ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 17 Aug 2021 19:29:12 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://js.driftt.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 20.2c0861e6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 44 KB
13 KB 65ms
64ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2c0861e6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 1135931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"c767d19b675d51ecfc93c77b8fa0f24d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U7TgEocsNTUyqtvAMfmAhBAaJWnrpVQx
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 35HwxUG364ouJQQOyXfAxMaTNVKZH86OzUplELqvGzLJWrONA-SMLQ==

GET
H2 200 19.4751f621.chunk.css
js.driftt.com/core/assets/css/ Frame 38A9 8 KB
2 KB 66ms
65ms Stylesheet
text/css 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.4751f621.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f57c4be503d6f4ba9a0ca03dfcfc87094c35c51887a25669d84fbc5e5e701fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 1135931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:58 GMT
server: nginx
etag: W/"029a883905ad20930f71f89ac0560a17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: N8v6pXkvkC2.KU.VFYkzepuu6NKNvxQ0
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a82c9n6ovmLem9rM3OdbhMGQW9PFjxCjXIFGPMHD0ZZT9_59wT_ctQ==

GET
H2 200 19.bf146149.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 15 KB
6 KB 66ms
65ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.bf146149.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

74a10bdeae0680612d7a944ebec7618f29c8d20a5c367927b0d719546b3e7e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 1135931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"a1a0554918be1e889111d5b344851906"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WR7M3EbElNylsRkJC8hO7jHISaf37erg
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 50I56Uq85taFkbuQ4wKcu4nArAmY2a7f4bNtD5MkwU_RnzKa4_ECvQ==

GET
H2 200 26.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 38A9 365 B
1007 B 66ms
66ms Stylesheet
text/css 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/26.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _znxfoUn6UUBgSii2qRzwRRP.d4zXKBH
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rfnqDp0Jj3rWMKxvndJzGqJoIbsjsV43S-0L_2cY_PHhdgD1BJvNfA==

GET
H2 200 26.13a86265.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 77 KB
21 KB 69ms
68ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.13a86265.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

debc45b48cab924d279e5e3211166cad98e435122537ae8218d8e94cf87d65ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:07:25 GMT
content-encoding: gzip
age: 361307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 13 Aug 2021 14:43:51 GMT
server: nginx
etag: W/"086ea0488ef9590bb73e9bbc133d9bb6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NhZ5eLef_.0JizZzl3xwQiONfIOzaA74
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BdQgX4tOm3WU3-2MwtbmnI4kccvdEW4b6EAH8RomI5gctLNzh0cTbg==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 4204 7 KB
2 KB 63ms
62ms Stylesheet
text/css 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 3541471
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hdWMgNKvLwZcep5QH7m9bqoRE1.SuP2b
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hmB9CAeURKuDNAsSE420wv8g-P7THdT9IKScCNSw4iX4SMm1LKzALA==

GET
H2 200 1.187c50a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 54 KB
16 KB 63ms
63ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.187c50a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 1135931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:59 GMT
server: nginx
etag: W/"eeccccb655ee3b6bcb8b1a9b1da4fd30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bVTg0MSlE6rXjintZc.g75plFKA2.sd
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 66jDBoWegF7WNBboIsR54HRQX3y7iW1SUWyF7jVGN9Zs4FEObUDCzA==

GET
H2 200 0.d96f2542.chunk.css
js.driftt.com/core/assets/css/ Frame 4204 39 KB
7 KB 64ms
63ms Stylesheet
text/css 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.d96f2542.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9e0a3c01cfa8ff75022fbbc9d6203baeb139b32da3a6d816fb88c52056bf0bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:16:50 GMT
content-encoding: gzip
age: 443542
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 15:09:35 GMT
server: nginx
etag: W/"b4f7fd91fa3ccd73aeb2688b17c6fa11"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4QsbYDsOr2gMh8AzBgSQJycdf_cNiy5V
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fp7_9Z7GmM36J7Mf52TUGskhJyjHDY5-61DgEq_CtdEwuzZ1QO7eQQ==

GET
H2 200 0.bdaa0679.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 59 KB
20 KB 65ms
64ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.bdaa0679.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

78f8fb3c2f1f7bdbfda489516bba2c7c7cfd61908104bc0f5680d20a3b5fd500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:04:59 GMT
content-encoding: gzip
age: 429853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 19:36:10 GMT
server: nginx
etag: W/"6817cb0c6c41290178722ca6506410d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7KD2hJe0ZUOHvn.nPtI.kSYE0PBYQyco
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: g_wnTaLErGL5pEJykhX5ef9-F-TBwr3HuKy1YLJrDnl87iS9czbsOw==

GET
H2 200 28.55f88a7d.chunk.css
js.driftt.com/core/assets/css/ Frame 4204 11 KB
2 KB 65ms
65ms Stylesheet
text/css 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.55f88a7d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fde247cb6279540b89d49510e8a03ab31a90b69d3da48d21268104cceead3848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: W/"a1edc67f80fa4d2930e0e949b8c47368"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: s7EnEI9BxpvdcrCDALBwrAEOxiEZt_Ad
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: O8Rd8-q6m6XVsPskVegD1Ck-lJD2kX6TehCSnJq9Vg28X1HtOklqPg==

GET
H2 200 28.8afe478b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 11 KB
5 KB 65ms
65ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.8afe478b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

6d441ffc2a8afd48b6c1d05988aecd664f36021739c916c207b1eca144caae70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
content-encoding: gzip
age: 950214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"09e18c7798d522e01840d4f263591af0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: etkYcrBQlfN8U2IMxEHm6.hSYLgOyCP4
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eB_pRetrfCvUHrOMWqx3jlu0ipeeOXHJxETyCKinaTfyzjbGADZ9zQ==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 417ms
140ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 17 Aug 2021 19:29:12 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift4014274477fba40cb010027c9c0
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 38A9 25 B
123 B 152ms
151ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Aug 2021 19:29:12 GMT
server: istio-envoy
requestid: 65b8690294acdd63
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 38A9 103 B
199 B 137ms
136ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

29644f74f320bde3a6e3a7f8902ff883f7e791ed509409f2be0390f1ea8156b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Aug 2021 19:29:12 GMT
server: istio-envoy
requestid: e2d6cb3cabe2aaaf
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 103
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 405ms
137ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 17 Aug 2021 19:29:12 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift01e5d14409fbf4433040101f200
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 css
fonts.googleapis.com/ Frame 38A9 4 KB
752 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/13.a73a51b1.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 Aug 2021 17:45:32 GMT
server: ESF
date: Tue, 17 Aug 2021 19:29:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Aug 2021 19:29:12 GMT

GET
H2 200 8z7ynkcdvg2s.json Show response
embeds.driftcdn.com/embeds/ Frame 38A9 73 KB
14 KB 578ms
449ms XHR
application/json 13.224.196.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/8z7ynkcdvg2s.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-91.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe7911e2ab9cf5a71d3310b1704a8d0f6f05a240cf559f0f02c73170e3237fe2

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:29:14 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 17 Aug 2021 16:23:03 GMT
server: AmazonS3
etag: W/"cbecf30fd6fe344b99394a726e1f80a4"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: vxMjFR0T7S-vmOb87TxHosJOxlfovxQQuQhtoNch7wtlXbmZpNgjkg==

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 38A9 5 KB
2 KB 516ms
516ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

8812c5eb6d94750340a38775c7c4b1efdc621e766f3679baac74f204c768f3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 Aug 2021 19:29:13 GMT
content-encoding: gzip
server: istio-envoy
requestid: cc89f112fe617904
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 378
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2029
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 8z7ynkcdvg2s Show response
targeting.api.drift.com/hours/availability/combined/ Frame 38A9 60 B
124 B 1136ms
1134ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/8z7ynkcdvg2s

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

152ddd4f89c6ca3c33dc5f07ad3957ec7793b980cae7aec6a919607cd44b2284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTAwODY0NzgyMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwNDMyMzUiLCJleHAiOjE2NjA3NjQ1NTMsImlhdCI6MTYyOTIyODU1M30.QvTQC8GfQNVeTML-H3YYZVPMWm-2BCWcuHjr5xGBtuq05Mlj6TkZMomArVV2EjmyDlx9cm3hNkypWr8275FH3w

Response headers

date: Tue, 17 Aug 2021 19:29:14 GMT
server: istio-envoy
requestid: a1fed2f00709d997
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 997
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 60
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 8z7ynkcdvg2s
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 138ms
136ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/8z7ynkcdvg2s

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 17 Aug 2021 19:29:14 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: HEAD,GET,OPTIONS
requestid: drift547f16743adbeb23ea8fc3e3bff
content-length: 18
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 track Show response
event.api.drift.com/ Frame 38A9 805 B
1 KB 129ms
129ms XHR
application/json 34.234.150.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.150.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-150-139.compute-1.amazonaws.com

Software

Resource Hash

95831998b7f3ae325cf6693b486a5bf528ebb0eac99d453aea6db5bfd8de436d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTAwODY0NzgyMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwNDMyMzUiLCJleHAiOjE2NjA3NjQ1NTMsImlhdCI6MTYyOTIyODU1M30.QvTQC8GfQNVeTML-H3YYZVPMWm-2BCWcuHjr5xGBtuq05Mlj6TkZMomArVV2EjmyDlx9cm3hNkypWr8275FH3w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Aug 2021 19:29:14 GMT
requestid: 9b7d6f184e906b80
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 805

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 420ms
129ms Preflight
text/plain 34.234.150.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

34.234.150.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-150-139.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 17 Aug 2021 19:29:14 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift2b34f2f47a7875f6439e7447ceb

GET
H2 200 46.67acb4b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38A9 17 KB
6 KB 64ms
64ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.67acb4b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&region=US&forceShow=false&skipCampaigns=false&sessionId=dc8bf0d8-04e1-4294-8bcf-fccdf0f469d5&sessionStarted=1629228551.633&campaignRefreshToken=ed1f37d2-1606-4bf1-a85f-e6875c98491b&hideController=false&pageLoadStartTime=1629228545951&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:07 GMT
content-encoding: gzip
age: 3550267
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"a31f16ddeb870cf86efd9070460b1ca5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HRF16KWFqyFRUpbi5VZWxhcRiBUrjrTa
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Eof2hexbGbuIKrNf1hFDeE-A1nJAIKgbTgp2VKsUG6f89Klz3tkQPA==

GET
H2 200 46.67acb4b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 4204 17 KB
6 KB 62ms
62ms Script
application/javascript 13.224.196.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.67acb4b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d55596fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-41.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1629228545951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:07 GMT
content-encoding: gzip
age: 3550267
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"a31f16ddeb870cf86efd9070460b1ca5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HRF16KWFqyFRUpbi5VZWxhcRiBUrjrTa
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UCathS6JiQ7hTFFMrLpwAVhQFmQVa8wWNMnQv5xrabiJ6jU0LD5kWw==

GET
H3-29 200 css
fonts.googleapis.com/ Frame 4204 4 KB
633 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Roboto:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/13.a73a51b1.chunk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 Aug 2021 19:29:14 GMT
server: ESF
date: Tue, 17 Aug 2021 19:29:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Aug 2021 19:29:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 4204 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto:bold&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 90170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 18:26:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 4204 15 KB
16 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto:bold&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 26953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:00:01 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 38A9 25 B
83 B 154ms
154ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTAwODY0NzgyMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwNDMyMzUiLCJleHAiOjE2NjA3NjQ1NTMsImlhdCI6MTYyOTIyODU1M30.QvTQC8GfQNVeTML-H3YYZVPMWm-2BCWcuHjr5xGBtuq05Mlj6TkZMomArVV2EjmyDlx9cm3hNkypWr8275FH3w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Aug 2021 19:29:14 GMT
server: istio-envoy
requestid: 272a41f22a8fad1d
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 136ms
136ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 17 Aug 2021 19:29:14 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drifte35cbf6475ca51d176e20da003f
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 38A9 1 KB
525 B 138ms
138ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

9705becb46210482013cb2ead2c4f8457910a39cb06eb86f663ee1121f985894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTAwODY0NzgyMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwNDMyMzUiLCJleHAiOjE2NjA3NjQ1NTMsImlhdCI6MTYyOTIyODU1M30.QvTQC8GfQNVeTML-H3YYZVPMWm-2BCWcuHjr5xGBtuq05Mlj6TkZMomArVV2EjmyDlx9cm3hNkypWr8275FH3w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Aug 2021 19:29:15 GMT
content-encoding: gzip
server: istio-envoy
requestid: 42a08a7b5407ef85
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 457
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 137ms
136ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 17 Aug 2021 19:29:15 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift88cc27c47e698b6d2e06f2a5b0a
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST admin-ajax.php
corpweb.prod.ds.local/wp-admin/ 0
0

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 38A9 25 B
84 B 136ms
136ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTAwODY0NzgyMiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwNDMyMzUiLCJleHAiOjE2NjA3NjQ1NTMsImlhdCI6MTYyOTIyODU1M30.QvTQC8GfQNVeTML-H3YYZVPMWm-2BCWcuHjr5xGBtuq05Mlj6TkZMomArVV2EjmyDlx9cm3hNkypWr8275FH3w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Aug 2021 19:29:17 GMT
server: istio-envoy
requestid: 845be3b69787fc1e
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 136ms
136ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 17 Aug 2021 19:29:17 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift4b6de1a495185f615d65afdc5e5
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: corpweb.prod.ds.local
URL: https://corpweb.prod.ds.local/wp-admin/admin-ajax.php

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://js.driftt.com/core/assets/js/18.9c5cc161.chunk.js(Line 1) Message: DRIFT_WIDGET:: widget_core:bootstrap_api finished in 520.2999954223633 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-THuPtUY+JLtvzF+RhOOJlVASlLbn1kExPI1BwC+j06I=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
bootstrap.api.drift.com
cm.g.doubleclick.net
corpweb.prod.ds.local
cs.choozle.com
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
embeds.driftcdn.com
event.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
ipapi.co
js.driftt.com
lonrtp1-cdn.marketo.com
lonrtp1.marketo.com
mailer.digitalshadows.com
match.adsrvr.org
metrics.api.drift.com
munchkin.marketo.net
nexus.ensighten.com
p.typekit.net
pixel.advertising.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
rtp-static.marketo.com
s.adroll.com
sentry.io
simage2.pubmatic.com
snap.licdn.com
stats.g.doubleclick.net
sync.mathtag.com
sync.outbrain.com
sync.taboola.com
tags.bluekai.com
targeting.api.drift.com
us-u.openx.net
use.typekit.net
www.digitalshadows.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
corpweb.prod.ds.local
104.111.215.191
104.111.216.226
104.111.234.67
104.17.73.206
108.174.10.14
13.224.196.41
13.224.196.91
141.226.228.48
142.250.184.194
162.13.202.201
18.184.95.242
18.196.76.242
18.197.253.20
185.29.132.241
185.64.189.110
2.18.234.21
2600:9000:21f3:9e00:9:91af:d140:93a1
2606:4700:20::681a:82c
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1288:80:800::7001
2a00:1450:4001:800::2003
2a00:1450:4001:802::200e
2a00:1450:4001:803::2008
2a00:1450:4001:809::200a
2a00:1450:4001:811::2004
2a00:1450:4001:813::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c08::9a
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:baab
34.234.150.139
34.98.64.218
35.188.42.15
35.244.174.68
37.252.173.38
50.16.7.188
54.225.93.124
54.73.110.124
63.33.54.207
64.202.112.63
69.173.144.165
76.223.111.131
76.223.111.18
026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429
0882129e426a067f2e9880622f3ea5b9053d667d9fa4ac4aadc7f181819d66bf
0a8983e031a642b41435adedc77e32a7495de254be8d074296f2dc18d2781d46
0d3b756491fc9e76c2bffd856ce0cbd0e5b290daec2578c66f4b64bf485777cd
0e599593de0c6e9970308b73ee132398a6574324c5b1e91205d657a213669867
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1336386616a05e47a33c5a4f189afe6eeb923faa6b7d0a4c55a153bfdf5cac7c
152ddd4f89c6ca3c33dc5f07ad3957ec7793b980cae7aec6a919607cd44b2284
1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d692f45f83761efc989e280fa440bd5a4f6e493cf7c0c40229728b3594aae95
222f47a5e4e424714c9f9198001e343610ab1616ac4c7f585c85ab70ff616e1a
2454ec519e24ef9423ec7a339a25425d51d91098a1ea1f580b2fc84ec935d19d
260c5125f4cba0ac68c89ddde072ebc7cfbc100bdb7466efedc4acbbb0a76ba9
267bd619de3ebf2118926fb75d91805ad2d08c7f7553ccb6344c348c659b477c
278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7
29644f74f320bde3a6e3a7f8902ff883f7e791ed509409f2be0390f1ea8156b1
2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58
333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
346d5677067b66df66edce6e6aba42394964c00e6de1daf7cda1005fdca27bef
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
374be07315aca8f5bffc3a07dd2cf4a3adb59c50ece78dc3230b3fac209c181f
3a95238ead9ee13b212ebd7f60e8909ad6e81a1e7a386f50c2ebd378f9f9c9d8
3e9d13bafa23be66a00cb84fffa901a05b3bf94e832ec3fc927216e4dee74470
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47036c6546adb51c4a0f5c80986edcdd0dacae68b27ea6456a1f7b923ee0cff7
490a471eb1956df4e31c8cb7d9e0d0d3062bd51e8a60b8f26b63cb7b50103501
4b337cf48d1a59d20b1bbb8c9e7f28b0f8c97a5fe2dcd3363c76992aaa92e64c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4849329855f04b847b923fc72de03af0d9ab0c7d38e6dee9e92d84f5d33d6b
5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056
5d46bd1ca592faf307a18106f751c6bd14e68071a6922c231ef03302ba330322
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
63724b7e3e4fc3e457c30303fbcfcbe678ac6f9eaf36b37a8ea46251656183fe
6d441ffc2a8afd48b6c1d05988aecd664f36021739c916c207b1eca144caae70
71268763a3396c2ab4b56f604265775da1a7b6e0f155abe5d6c19357c6a439d7
74a10bdeae0680612d7a944ebec7618f29c8d20a5c367927b0d719546b3e7e52
75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b
7624f30c9e70e36751d7505cc475c452b5e3ddf28bea4812df168446fbab637f
78f8fb3c2f1f7bdbfda489516bba2c7c7cfd61908104bc0f5680d20a3b5fd500
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85eda7dbd842798f57f4e31d53fa4af060efc7de91531de1b567dd14742d8cb0
8812c5eb6d94750340a38775c7c4b1efdc621e766f3679baac74f204c768f3ab
89363313b6a176df6776e3201ceb0cb88e007e9d679af05295e4978382b909b5
8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31
9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d
95831998b7f3ae325cf6693b486a5bf528ebb0eac99d453aea6db5bfd8de436d
9705becb46210482013cb2ead2c4f8457910a39cb06eb86f663ee1121f985894
97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c
99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1
9ad463f6431a140ca68467f83a580a6f856ed6842033d7cc2745dc758d4385bf
9e0a3c01cfa8ff75022fbbc9d6203baeb139b32da3a6d816fb88c52056bf0bad
a03b6b1ded84bb5ecbf3596c59445ae86a1e500c103542ae1f560a8539972af2
a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517
a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a43534ed5185c9118b4f08536062eab774cbdf95e39a9daf4d2798686f339a1e
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
b09e3b9615210dde8e0f0594ec34271b5a9847d755de80f7c8459860fa6a380e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bafc5c95b511cfa556c18a946aea0b7c52691d80b311c26d11a1a110e19c0f59
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c04b8d937f8fae8ee529150c99e9994b2791022d6c9e2749aa47510668474042
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc8d80a0b5aa5fee961be81e0904bb808096b1682c9d6a25274f0050be46a06f
cf6eac849a3f90d66b855f66b7d76259c12c153d4491ffa37cff58085dd2f4f7
cfd05e463ed81dea01ebc89be35ef52ac48149fe7f04d74178d6c24defcf0be3
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d3d1211071d1961b504b36fa6754a09c7feb9e2b923c53d41399166106c6878e
d57c9ea10eb85de4cc1f71452737728de84fc986ad19f1835d82aad6a814cfa6
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
debc45b48cab924d279e5e3211166cad98e435122537ae8218d8e94cf87d65ce
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e91702114615d08c84ca195be675d70366b0e49ce0a6111226fcd4af43adf1b1
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed6f5f1b4824511de4da4fc92704af90a93027aaeeeed6723d6f192c70f63ea9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8
f57c4be503d6f4ba9a0ca03dfcfc87094c35c51887a25669d84fbc5e5e701fbd
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6fa33fc1844f1583f7d793f2564beddecbe68c6920027846b82dd6900424fbd
f7091ce8a9a66189bf5348e3af60a5705a9a6302f505339f051ad59ce894d568
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
f977f83c04d507e3653f917bb084f86ce1a7c2166853d2f140f84e6aa183118a
f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d
fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf
fde247cb6279540b89d49510e8a03ab31a90b69d3da48d21268104cceead3848
fe47f22e3fc1c2249fec433edab6fa51acc3daccb2558204af5b2d627b2e6808
fe7911e2ab9cf5a71d3310b1704a8d0f6f05a240cf559f0f02c73170e3237fe2
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.digitalshadows.com Open in urlscan Pro 2600:9000:21f3:9e00:9:91af:d140:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

156 Requests

96 %HTTPS

37 %IPv6

38 Domains

49 Subdomains

39 IPs

6 Countries

2982 kBTransfer

5897 kBSize

0 Cookies

24 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.digitalshadows.com Open in urlscan Pro
2600:9000:21f3:9e00:9:91af:d140:93a1 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

96 %
HTTPS

37 %
IPv6

38
Domains

49
Subdomains

39
IPs

6
Countries

2982 kB
Transfer

5897 kB
Size

0
Cookies

156 HTTP transactions
-1 data transactions