urlscan.io logo urlscan.io
SecurityTrails logo

spycloud.com Open in urlscan Pro
2606:4700:10::6816:2eea  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://itcuratedbriefsolutions.com/dcbl-spycloud-pilot-campaign-two-touch-email-nurture-dc13296/8367?uid=FZzGVZ3uBZaW16JrueT2EvyCJk...
Effective URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Submission: On July 01 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 6 countries across 47 domains to perform 223 HTTP transactions. The main IP is 2606:4700:10::6816:2eea, located in United States and belongs to CLOUDFLARENET, US. The main domain is spycloud.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 7th 2020. Valid for: a year.
This is the only time spycloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.73.113.112 14618 (AMAZON-AES)
53 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 151.101.66.133 54113 (FASTLY)
1 54.86.117.43 14618 (AMAZON-AES)
1 52.6.75.166 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 151.101.13.140 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.111.9.64 33438 (HIGHWINDS2)
3 65.9.77.41 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
68 65.9.77.7 16509 (AMAZON-02)
2 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.54.130.201 14618 (AMAZON-AES)
14 17 3.248.28.111 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 13.248.242.197 16509 (AMAZON-02)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.59.28.101 16509 (AMAZON-02)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 64.202.112.159 23352 (SERVERCEN...)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2 52.58.194.104 16509 (AMAZON-02)
1 2 35.158.179.12 16509 (AMAZON-02)
1 2 37.252.172.45 29990 (ASN-APPNEX)
1 2 34.98.64.218 15169 (GOOGLE)
2 2 142.250.186.162 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 54.147.21.139 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.77.61 16509 (AMAZON-02)
2 18.211.164.153 14618 (AMAZON-AES)
223 55
1    184.73.113.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
itcuratedbriefsolutions.com
53    2606:4700:10::6816:2eea (United States)

ASN13335 (CLOUDFLARENET, US)
spycloud.com
7    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.google.de
1    2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)
ipapi.co
3    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
embed-fastly.wistia.com
1    54.86.117.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-117-43.compute-1.amazonaws.com
distillery.wistia.com
1    52.6.75.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-75-166.compute-1.amazonaws.com
pipedream.wistia.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.redditstatic.com
alb.reddit.com
1    2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    23.111.9.64 (United States)

ASN33438 (HIGHWINDS2, US)
scout-cdn.salesloft.com
3    65.9.77.41 (United States)

ASN16509 (AMAZON-02, US)
vidassets.terminus.services
1    2606:4700::6812:1abe (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.g2crowd.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a02:26f0:6c00::210:bac8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.adroll.com
68    65.9.77.7 (United States)

ASN16509 (AMAZON-02, US)
js.driftt.com
2    2620:119:50e1:101::6cae:b25 (San Jose, United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    52.54.130.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-130-201.compute-1.amazonaws.com
scout.salesloft.com
17    3.248.28.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org
d.adroll.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
2    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    52.59.28.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-28-101.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    52.58.194.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-194-104.eu-central-1.compute.amazonaws.com
eb2.3lift.com
2    35.158.179.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-179-12.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
forms.hubspot.com
1    2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
9    54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com
metrics.api.drift.com
bootstrap.api.drift.com
targeting.api.drift.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    65.9.77.61 (United States)

ASN16509 (AMAZON-02, US)
embeds.driftcdn.com
2    18.211.164.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-164-153.compute-1.amazonaws.com
event.api.drift.com
Apex Domain
Subdomains		 Transfer
68 driftt.com
js.driftt.com
730 KB
53 spycloud.com
spycloud.com
626 KB
22 adroll.com
s.adroll.com
d.adroll.com
30 KB
12 wistia.com
fast.wistia.com
embed-fastly.wistia.com
distillery.wistia.com
pipedream.wistia.com
428 KB
11 drift.com
metrics.api.drift.com
bootstrap.api.drift.com
targeting.api.drift.com
event.api.drift.com
4 KB
7 googleapis.com
fonts.googleapis.com
6 KB
6 gstatic.com
fonts.gstatic.com
95 KB
5 google-analytics.com
www.google-analytics.com
ssl.google-analytics.com
37 KB
4 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
2 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
3 KB
4 crazyegg.com
script.crazyegg.com
25 KB
3 facebook.com
www.facebook.com
400 B
3 facebook.net
connect.facebook.net
173 KB
3 terminus.services
vidassets.terminus.services
4 KB
3 salesloft.com
scout-cdn.salesloft.com
scout.salesloft.com
4 KB
2 hubspot.com
track.hubspot.com
forms.hubspot.com
2 KB
2 openx.net
us-u.openx.net
478 B
2 adnxs.com
ib.adnxs.com
2 KB
2 bidswitch.net
x.bidswitch.net
869 B
2 3lift.com
eb2.3lift.com
740 B
2 outbrain.com
sync.outbrain.com
832 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 adsrvr.org
match.adsrvr.org
1015 B
2 google.de
www.google.de
171 B
2 google.com
www.google.com
171 B
2 googletagmanager.com
www.googletagmanager.com
91 KB
1 driftcdn.com
embeds.driftcdn.com
8 KB
1 googleadservices.com
www.googleadservices.com
14 KB
1 hubapi.com
api.hubapi.com
964 B
1 taboola.com
sync.taboola.com
248 B
1 yahoo.com
ads.yahoo.com
445 B
1 pubmatic.com
simage2.pubmatic.com
548 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 advertising.com
pixel.advertising.com
125 B
1 hs-banner.com
js.hs-banner.com
15 KB
1 hsleadflows.net
js.hsleadflows.net
80 KB
1 hsadspixel.net
js.hsadspixel.net
3 KB
1 hs-analytics.net
js.hs-analytics.net
19 KB
1 reddit.com
alb.reddit.com
125 B
1 consensu.org
d.adroll.mgr.consensu.org
137 B
1 g2crowd.com
tracking.g2crowd.com
1 KB
1 hs-scripts.com
js.hs-scripts.com
979 B
1 redditstatic.com
www.redditstatic.com
6 KB
1 licdn.com
snap.licdn.com
2 KB
1 ipapi.co
ipapi.co
913 B
1 cloudflare.com
cdnjs.cloudflare.com
28 KB
1 itcuratedbriefsolutions.com
itcuratedbriefsolutions.com
440 B
223 47
Domain Requested by
68 js.driftt.com spycloud.com
js.driftt.com
53 spycloud.com spycloud.com
16 d.adroll.com 13 redirects
7 fast.wistia.com spycloud.com
fast.wistia.com
7 fonts.googleapis.com spycloud.com
js.driftt.com
6 s.adroll.com 1 redirects www.googletagmanager.com
s.adroll.com
d.adroll.com
6 fonts.gstatic.com fonts.googleapis.com
4 metrics.api.drift.com js.driftt.com
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
3 bootstrap.api.drift.com js.driftt.com
3 www.facebook.com connect.facebook.net
3 connect.facebook.net spycloud.com
connect.facebook.net
3 vidassets.terminus.services www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 embed-fastly.wistia.com fast.wistia.com
2 event.api.drift.com js.driftt.com
2 targeting.api.drift.com js.driftt.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 x.bidswitch.net 1 redirects
2 eb2.3lift.com 1 redirects
2 sync.outbrain.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 match.adsrvr.org 2 redirects
2 www.google.de
2 www.google.com
2 scout.salesloft.com scout-cdn.salesloft.com
2 px.ads.linkedin.com 2 redirects
2 ssl.google-analytics.com spycloud.com
2 www.googletagmanager.com spycloud.com
js.hsadspixel.net
1 embeds.driftcdn.com js.driftt.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 forms.hubspot.com js.hsleadflows.net
1 api.hubapi.com js.hsadspixel.net
1 track.hubspot.com
1 sync.taboola.com
1 ads.yahoo.com
1 simage2.pubmatic.com
1 pixel.rubiconproject.com
1 pixel.advertising.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 alb.reddit.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d.adroll.mgr.consensu.org 1 redirects
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 tracking.g2crowd.com spycloud.com
1 scout-cdn.salesloft.com spycloud.com
1 js.hs-scripts.com www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 pipedream.wistia.com fast.wistia.com
1 distillery.wistia.com fast.wistia.com
1 ipapi.co cdnjs.cloudflare.com
1 cdnjs.cloudflare.com spycloud.com
1 itcuratedbriefsolutions.com 1 redirects
223 61
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-07 -
2021-08-07		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
embed-fastly.wistia.com
R3		 2021-05-27 -
2021-08-25		 3 months crt.sh
*.wistia.com
Amazon		 2021-04-01 -
2022-04-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-23 -
2021-11-18		 6 months crt.sh
salesloft.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-10 -
2022-04-09		 a year crt.sh
*.terminus.services
Amazon		 2020-12-16 -
2022-01-14		 a year crt.sh
*.g2crowd.com
Sectigo ECC Domain Validation Secure Server CA		 2020-08-30 -
2021-09-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
adroll.com
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
drift.com
Amazon		 2020-09-21 -
2021-10-23		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
adroll.mgr.consensu.org
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-14 -
2021-09-06		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-23 -
2021-11-18		 6 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2019-10-29 -
2021-11-23		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-06-16 -
2021-07-28		 a month crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.driftcdn.com
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh

This page contains 3 frames:

Primary Page: https://spycloud.com/thank-you-keylogger-malware-webinar/
Frame ID: 80BC8EC594A40D424835FAC50D6EB91D
Requests: 141 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Frame ID: C59E50846B4585AE6909B3B1662399BE
Requests: 39 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Frame ID: BF2E1C97C5A325AC1A8F7A95B02AFF25
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://itcuratedbriefsolutions.com/dcbl-spycloud-pilot-campaign-two-touch-email-nurture-dc13296/8367?uid=FZzGVZ... HTTP 302
    https://spycloud.com/thank-you-keylogger-malware-webinar/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

223
Requests

100 %
HTTPS

54 %
IPv6

47
Domains

61
Subdomains

55
IPs

6
Countries

2434 kB
Transfer

7989 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://itcuratedbriefsolutions.com/dcbl-spycloud-pilot-campaign-two-touch-email-nurture-dc13296/8367?uid=FZzGVZ3uBZaW16JrueT2EvyCJk2knnm&prom_type=nurturing&prom_id=4193&pld=26L81sNgpwNGg5 HTTP 302
    https://spycloud.com/thank-you-keylogger-malware-webinar/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1559690&time=1625107639030&url=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1559690%26time%3D1625107639030%26url%3Dhttps%253A%252F%252Fspycloud.com%252Fthank-you-keylogger-malware-webinar%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1559690&time=1625107639030&url=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1559690&time=1625107639030&url=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&liSync=true&e_ipv6=AQKitpwg1QU5mgAAAXpf9qzxoPNEStaFUkT3_P3TjR0_Qpf7ZCUYR9uOfh1kHOUPhCJ9yedM
Request Chain 95
  • https://s.adroll.com/j/exp/RKDO7VUK5BB37LG565TIKM/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 97
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/RKDO7VUK5BB37LG565TIKM?_s=22fdb9a012b3efb94a84838910f4e50f&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/RKDO7VUK5BB37LG565TIKM/?_s=22fdb9a012b3efb94a84838910f4e50f&_b=2
Request Chain 103
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=c8ee85f6-0548-40bc-b45f-64d4e3714571|cb117a14-8507-4e9b-b018-b071a7621092 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=c8ee85f6-0548-40bc-b45f-64d4e3714571|cb117a14-8507-4e9b-b018-b071a7621092 HTTP 302
  • https://vidassets.terminus.services/s.gif?d=c8ee85f6-0548-40bc-b45f-64d4e3714571|cb117a14-8507-4e9b-b018-b071a7621092&t=7ed77b91-9d65-4f95-bc1f-1ddaec939207
Request Chain 106
  • https://d.adroll.com/pixel/RKDO7VUK5BB37LG565TIKM/OUEVN2DEVNBMLJCDGYOSL2?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&pv=63949533105.20526&cookie=&adroll_s_ref=&keyw= HTTP 302
  • https://s.adroll.com/pixel/RKDO7VUK5BB37LG565TIKM/OUEVN2DEVNBMLJCDGYOSL2/JREF6ZCBPJF5ZCS3S2TGD6.js
Request Chain 115
  • https://d.adroll.com/cm/aol/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 116
  • https://d.adroll.com/cm/index/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&expiration=1656643639 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&expiration=1656643639&C=1
Request Chain 117
  • https://d.adroll.com/cm/n/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&expires=365
Request Chain 118
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&rdrctExp=true
Request Chain 119
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 120
  • https://d.adroll.com/cm/r/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 121
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
Request Chain 122
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Request Chain 123
  • https://d.adroll.com/cm/b/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
Request Chain 124
  • https://d.adroll.com/cm/x/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
Request Chain 126
  • https://d.adroll.com/cm/o/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=20ac7692c43d7da932a2d835500f0b4a HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=20ac7692c43d7da932a2d835500f0b4a
Request Chain 127
  • https://d.adroll.com/cm/g/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM&google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=IKx2ksQ9fakyotg1UA8LSg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=IKx2ksQ9fakyotg1UA8LSg&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in

223 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
spycloud.com/thank-you-keylogger-malware-webinar/
Redirect Chain
  • https://itcuratedbriefsolutions.com/dcbl-spycloud-pilot-campaign-two-touch-email-nurture-dc13296/8367?uid=FZzGVZ3uBZaW16JrueT2EvyCJk2knnm&prom_type=nurturing&prom_id=4193&pld=26L81sNgpwNGg5
  • https://spycloud.com/thank-you-keylogger-malware-webinar/
96 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ec41b500c827277d054feac7201092140033ddc0801709d2d2b482ae7d225c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
spycloud.com
:scheme
https
:path
/thank-you-keylogger-malware-webinar/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
content-type
text/html
last-modified
Thu, 24 Jun 2021 19:12:13 GMT
x-amz-version-id
7RaDuzvPmN0zDWS5OsskhmidSg3pdz9v
x-cache
Miss from cloudfront
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
P1V02ZYV9gNvf_1HG3oBTfh9b9lh5Ec6TOA1DHHZuRZlvvKmjm_aGA==
cf-cache-status
DYNAMIC
cf-request-id
0b018f9f2c0000c2fedd8bb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
667c4edead42c2fe-FRA
content-encoding
gzip

Redirect headers

Date
Thu, 01 Jul 2021 02:47:09 GMT
Server
Apache/2.4.29 (Ubuntu)
Strict-Transport-Security
max-age=63072000; includeSubdomains
X-Frame-Options
SAMEORIGIN
Connection
keep-alive, Keep-Alive
X-Powered-By
PHP/7.4.16
Location
https://spycloud.com/thank-you-keylogger-malware-webinar/
Cache-Control
no-cache, private
Content-Length
0
Keep-Alive
timeout=5, max=500
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		5 KB
564 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Exo:300,400,500,700,800&display=swap
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7b47d671a4c37574f31b78f66febf0f0d8e6ef94f4ef7083959ab4d33d45cc90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 02:47:10 GMT
server
ESF
date
Thu, 01 Jul 2021 02:47:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Jul 2021 02:47:10 GMT
css
fonts.googleapis.com/ 		8 KB
827 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d46c61f4cb4a1550d261861139170a2bc1019b65c29fcf40bf1b8ca98d7f50e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 01:49:24 GMT
server
ESF
date
Thu, 01 Jul 2021 02:47:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Jul 2021 02:47:10 GMT
css
fonts.googleapis.com/ 		7 KB
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&display=swap
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f454fde17fa6bf2c65d4cf5f445bf90ff15a7c3c65c21483d1901c53071d59e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 01:40:01 GMT
server
ESF
date
Thu, 01 Jul 2021 02:47:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Jul 2021 02:47:10 GMT
fontface.css
spycloud.com/wp-content/themes/spycloud/assets/fonts/ 		4 KB
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/themes/spycloud/assets/fonts/fontface.css
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13decc1c5615b82e35fe2e7b9764158fdfc47953b5ef27f995bb6e467ac91ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/spycloud/assets/fonts/fontface.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-polished
origSize=4882
cf-ray
667c4ee05ea0c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0390000c2fe3813f000000001
last-modified
Thu, 24 Jun 2021 19:12:44 GMT
server
cloudflare
etag
W/"8bc3c628abca64117ec19e2b978af761"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
nmEgAzFnEfJhNK37GCJLn2fREboZnT74
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
PysjVJKxoiwUNO0L3hI69PTO96ZUKm4oF5vYuL2XHOyZI9P7UBsKww==
cf-bgj
minify
template.css
spycloud.com/wp-content/themes/spycloud/assets/css/ 		169 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/themes/spycloud/assets/css/template.css
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22aaeed60aebeb623724d8988481d906ccafd99c5ffa5e1923287cbdf3ddd9f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/spycloud/assets/css/template.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-polished
origSize=220495
cf-ray
667c4ee05ea1c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0390000c2fe32a91000000001
last-modified
Thu, 24 Jun 2021 19:12:44 GMT
server
cloudflare
etag
W/"515aa5dcf333c7b32fd094fc272c4be8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
JdEe8CaWBEaVWWYQvoOmauULWVMnCRZh
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
efL18SgD2NrfOBWEHCYO3uJ791R0w0NMFuKVHNaMD5aeI_qb2qh1mw==
cf-bgj
minify
style.min.css
spycloud.com/wp-includes/css/dist/block-library/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee05ea4c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa03a0000c2fe592cf000000001
last-modified
Thu, 24 Jun 2021 19:13:39 GMT
server
cloudflare
etag
W/"b5d1e2c87b60ce71c3fd90ca27073250"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
TFJn5tTzWYSzj.BGuXf_LfdqV0Q_dFP.
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
y7m2pAkM4vsigfmI3yLZEnRpJGDPOqLom80onE0G6gWFxATp6-ll7w==
styles.css
spycloud.com/wp-content/plugins/contact-form-7/includes/css/ 		1 KB
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3edcd46e69f4bbe85bc3ed9120df6b7d4fe487c01628215c783d6e12adecfa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-polished
origSize=1645
cf-ray
667c4ee05ea5c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa03a0000c2fe6aa3d000000001
last-modified
Thu, 24 Jun 2021 19:12:16 GMT
server
cloudflare
etag
W/"e029929a3396d833554ec4e31a7afb2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
mJtvv4apWkUu2bbcbV57daqtIyu2XK9l
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
_knEHEWBhibTe1cHZOWG_6_YfyRNLeJKR55zNzs8acakS8oJbUk16w==
cf-bgj
minify
cookie-law-info-public.css
spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-public.css?ver=2.3.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e74df990fc2870bec563c9c8f7e343dcda30fd8e4689aeeab5e82b060d714d6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-public.css?ver=2.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-polished
origSize=3967
cf-ray
667c4ee05ea6c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa03c0000c2fe60918000000001
last-modified
Thu, 24 Jun 2021 19:12:28 GMT
server
cloudflare
etag
W/"93eaf136daecb1bc47a2bd32ca924cee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
7Kpu0EwLfGRqiwJGQ0Gs9GAMpKl.Os1O
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
BUOP0vQXsIGtMBu2fRK-UFphXNe3ZxJ16hH6thexv2NFUK3gHbvl9w==
cf-bgj
minify
cookie-law-info-gdpr.css
spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-gdpr.css?ver=2.3.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bbc099826baec7ed7c060cae18f6f3fcadc241b96e3a6ad675b4c4ee3e7e046
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-gdpr.css?ver=2.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-polished
origSize=21962
cf-ray
667c4ee06ea9c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa03c0000c2fe1d192000000001
last-modified
Thu, 24 Jun 2021 19:12:28 GMT
server
cloudflare
etag
W/"c5150a570c713c386570126cc74df3fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
ESdrGCR9Lb9S7BxGjH_mMkY7WWQUZ6Aj
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
6miYWGnwE3L05fQMQws9fVfxysr8OeRCkxVzcXUHbZhwTLSNarE7aw==
cf-bgj
minify
dashicons.min.css
spycloud.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-includes/css/dashicons.min.css?ver=5.7.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/css/dashicons.min.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee06eabc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0400000c2fe6382a000000001
last-modified
Thu, 24 Jun 2021 19:13:39 GMT
server
cloudflare
etag
W/"d68d6bf519169d86e155bad0bed833f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
pttg2uNYUt7S8GWQmp_tKlEbnlq7YINb
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
FQd-1wm4zSrP9o2Hfc9b_Bq6AK_rhvO4IfqmA_suNxbCQYcEsnOSIQ==
font-awesome.min.css
spycloud.com/wp-content/plugins/wp-megamenu/assets/font-awesome-4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/wp-megamenu/assets/font-awesome-4.7.0/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/wp-megamenu/assets/font-awesome-4.7.0/css/font-awesome.min.css?ver=4.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee06eacc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa03d0000c2fe5c10c000000001
last-modified
Thu, 24 Jun 2021 19:12:36 GMT
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
1u5w31QsYRRdniJOrK9poerSX.seekIP
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
tGi-I2DJ0mWfzebws3EAzJRZR9OeAjAJLjloPkTc1ieBFjMcHxRxIw==
icofont.min.css
spycloud.com/wp-content/plugins/wp-megamenu/assets/icofont/ 		90 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/wp-megamenu/assets/icofont/icofont.min.css?ver=1.0.1
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ad8b399b615ecfc8f63628c1bad71cf11477002a51390fd1dcca1f2b34381e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/wp-megamenu/assets/icofont/icofont.min.css?ver=1.0.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee06eadc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0480000c2fe5b912000000001
last-modified
Thu, 24 Jun 2021 19:12:36 GMT
server
cloudflare
etag
W/"bc3386881ee767bbb22f98017933f769"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
1B.IfzElFoK92J.tymqBTgBpdtHsqINx
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
05N5Q2Tq2YlufXTDveDQHkP8AYPD-aaFgeaHsfAj9WazjWQodD5how==
wpmm.css
spycloud.com/wp-content/plugins/wp-megamenu/assets/css/ 		34 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/wp-megamenu/assets/css/wpmm.css?ver=1.3.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff0b86be19103a07f740ad9bfdbd1a29ae83b9497e765723b15146fef38fab93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/wp-megamenu/assets/css/wpmm.css?ver=1.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-polished
origSize=42665
cf-ray
667c4ee06ebfc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa04e0000c2fe53b10000000001
last-modified
Thu, 24 Jun 2021 19:12:36 GMT
server
cloudflare
etag
W/"b2cac94a089f1e1dfb2e897182582b2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
.iH.h.E9jzP7RCYONyBTmz5GacfAYOPU
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
qyTfYglGjr1H6rJn1ccKgPaAc-OOYWB7kgkha5j_CjqwQWM_-2Pkkw==
cf-bgj
minify
wpmm-featuresbox.css
spycloud.com/wp-content/plugins/wp-megamenu/addons/wpmm-featuresbox/ 		718 B
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/wp-megamenu/addons/wpmm-featuresbox/wpmm-featuresbox.css?ver=1
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f82466637e0dad096b437968aac04ecb23103270477144f8d88d7514eedfd38
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/wp-megamenu/addons/wpmm-featuresbox/wpmm-featuresbox.css?ver=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-polished
origSize=868
cf-ray
667c4ee06ec3c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa04e0000c2fe17224000000001
last-modified
Thu, 24 Jun 2021 19:12:36 GMT
server
cloudflare
etag
W/"33f7ac2d842254dc95ac9314ba196aaa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
wsr7AHzoZFm875yEVnPCSWjRJsqPWN5l
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
lSZVMPDg_GJxP1fr1M0OxH0OfLRQVDJpmxY-fS_33udR4p9lU3Qr7w==
cf-bgj
minify
wpmm-gridpost.css
spycloud.com/wp-content/plugins/wp-megamenu/addons/wpmm-gridpost/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/wp-megamenu/addons/wpmm-gridpost/wpmm-gridpost.css?ver=1
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3170dad42fb5331b23acc8f0a8c943f618a4402da80acdb89b76a426c1983737
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/wp-megamenu/addons/wpmm-gridpost/wpmm-gridpost.css?ver=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-polished
origSize=6642
cf-ray
667c4ee06ec4c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa04e0000c2fe3cad0000000001
last-modified
Thu, 24 Jun 2021 19:12:36 GMT
server
cloudflare
etag
W/"c1dbb330330b32850edd034213da2268"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
1cTFHFvQD_rbLzUvHtORVGs27nVPemeL
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
kaRhAa0r_O3P10lelfc8Wo1JUgJQZfyZfNqP_vata8Ru2V-l5twT7A==
cf-bgj
minify
search-filter.min.css
spycloud.com/wp-content/plugins/search-filter-pro/public/assets/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=2.5.0
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbdee6a5cee7911ffed204b01e8798ff1ab500d754e0db2ae6be306c3567a37b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=2.5.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee06ec5c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa04f0000c2fe11a3c000000001
last-modified
Thu, 24 Jun 2021 19:12:27 GMT
server
cloudflare
etag
W/"24cdd4f8c69ea55cdcd2abffe80e9e02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
HgHOaURLJ05uHdT9CMYU3Yd4H8wdpuQ0
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
lQbmFW5t3o4zdLyoXX4QeMww0t7YU_tqiZZou0coWTTskdU31Vu90A==
style.css
spycloud.com/wp-content/themes/spycloud/ 		0
254 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/themes/spycloud/style.css?ver=5.7.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/spycloud/style.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee06ec7c2fe-FRA
x-cache
Miss from cloudfront
vary
Accept-Encoding
content-length
0
cf-request-id
0b018fa04f0000c2fe0c888000000001
last-modified
Thu, 24 Jun 2021 19:12:45 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
Tfzq8CNtYEFtBKl7SpqygQqvK.I4777X
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
uiQ9XfWHkEkUE-Gx0jKGawcSWx_RyIAkc_HwQygRJQbn_mRNCOksKQ==
cf-bgj
minify
style.css
spycloud.com/wp-content/plugins/newsletter/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/newsletter/style.css?ver=6.4.0
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
355e5f895dd35426f038c161603704cce0a9860126cec81cfb0df9e60f76179e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/newsletter/style.css?ver=6.4.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-polished
origSize=6344
cf-ray
667c4ee06ec8c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa04f0000c2fe750be000000001
last-modified
Thu, 24 Jun 2021 19:12:21 GMT
server
cloudflare
etag
W/"ee015a37901c28b7c6daaf313299fcb1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
PZRtpQCB5AuEsk2lWRZg.AxJCt_zMYn3
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
V5q5CzqQdtCivmPpl5eAkTd8Ya1zhQA3EBz3M8pKES0Wwqqcbw5nbA==
cf-bgj
minify
elementor-icons.min.css
spycloud.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.5.0
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b139bad4a379071939c14743f6e792e6478cd4493b62ad32012efd59df3259c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.5.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee06ecac2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa04f0000c2fee084d000000001
last-modified
Thu, 24 Jun 2021 19:12:18 GMT
server
cloudflare
etag
W/"4ee01eefe0c66e76e74334775dbdee8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
Znv.fhwC1YV8FuwFoBm4bnNFV0szf5v_
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
TITaOMNRzn5CO7Kdmzt0wgUw2Jkwxat5qkNsOz7kS7wRhwOUUtHClA==
animations.min.css
spycloud.com/wp-content/plugins/elementor/assets/lib/animations/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.8.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.8.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee06ecbc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0500000c2fe1a00d000000001
last-modified
Thu, 24 Jun 2021 19:12:18 GMT
server
cloudflare
etag
W/"4601ba55044413706c2022cb6c1c3d05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
HuFbiTfSjZN_.Q2RjWVFU6SBGD7xEpWy
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
g0sXOQteYBzGXiul5Fz-vBwF93PwH6_w8YNXS_hUGe9uhux_Urn1XA==
frontend.min.css
spycloud.com/wp-content/plugins/elementor/assets/css/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.8.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf03320b30ecfa9e97c9983182ca4b6268bb516f02d41b3bb88a75b7f5977e83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.8.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee06ecdc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0500000c2fe07b81000000001
last-modified
Thu, 24 Jun 2021 19:12:18 GMT
server
cloudflare
etag
W/"d7cb214b467d3e6e62d5f53fd4d7ec27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
jC17C4CADcZMvFA2zypykEzUjYy9p4Qw
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
yZYOJJY9y-Bbwe8SJEKdFT5OYWSGWzgyvgYiEw6iezu-7Qv8bQDY1w==
frontend.min.css
spycloud.com/wp-content/plugins/elementor-pro/assets/css/ 		187 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.6.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b45935c1055d89acd905c34474a19ecdb32491298ad177418c044d28e51e1bd6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.6.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee06ecec2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0500000c2fe2c867000000001
last-modified
Thu, 24 Jun 2021 19:12:17 GMT
server
cloudflare
etag
W/"0dbf8d97c1f44211c3415d34eb024411"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
kPh5Tv71PZARntAAFwgO87bWcnnXFnfF
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
mZ7Id1gKdmadV8rAplcCvLGWDBzZFu42NJvgYcjUlayWTkwFuojaZg==
global.css
spycloud.com/wp-content/uploads/elementor/css/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/uploads/elementor/css/global.css?ver=1582305479
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c00a5d5376385d59df5eeed6ff558a88aa2ab6f925f1e433f620c47d704374ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/elementor/css/global.css?ver=1582305479
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-polished
origSize=19231
cf-ray
667c4ee06ecfc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0500000c2fe38140000000001
last-modified
Thu, 24 Jun 2021 19:13:36 GMT
server
cloudflare
etag
W/"7e26241912943cc54bfb94a1070a9489"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
X8JO7ldm2XbVBxoVZ.8bVpKMpk0hm9Is
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
euSFx03GT3dub0uDkYy5m0R6CphgjnbdG0JFP4dXIOLKohgftw5Pcw==
cf-bgj
minify
post-18617.css
spycloud.com/wp-content/uploads/elementor/css/ 		2 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/uploads/elementor/css/post-18617.css?ver=1587739810
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4223aec97638aa5cd8a7768383c49279e11174858336d67871753572d268484b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/elementor/css/post-18617.css?ver=1587739810
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-cf-pop
FRA50-C1
cf-ray
667c4ee08ed0c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0510000c2fe2f8d0000000001
last-modified
Thu, 24 Jun 2021 19:13:37 GMT
server
cloudflare
etag
W/"27220de13a9c1857b33c2eacc1b4ecaf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
ROeUoylUUoDhBVGT2xQhVjPGrPbkqA86
cache-control
max-age=14400
content-type
text/css
x-amz-cf-id
1AswWRRlSZVwHZx8cTMWOSpVkXNf800GxGwhqOXeO1SsSJ6DczJEiw==
/
spycloud.com/ 		0
0
css
fonts.googleapis.com/ 		9 KB
696 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A200%2C300%2Cregular%2C500%2C600%2C700&ver=1.3.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb54321d72896f9db33897fd543c09aec72ea0f39258abfebb3dbf6947288961
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 02:10:41 GMT
server
ESF
date
Thu, 01 Jul 2021 02:47:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Jul 2021 02:47:10 GMT
css
fonts.googleapis.com/ 		42 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 01:47:33 GMT
server
ESF
date
Thu, 01 Jul 2021 02:47:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Jul 2021 02:47:10 GMT
jquery.min.js
spycloud.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee08ed4c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0510000c2fe4412b000000001
last-modified
Thu, 24 Jun 2021 19:13:42 GMT
server
cloudflare
etag
W/"b6f7093369a0e8b83703914ce731b13c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
qUFThnjQpm.eQ4Pqe1qnpuASIC1t0zbU
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
JrJzge0fHmGf0Kx7LEhuTOXy32wdxrYqjwvRhYnHcf2SHPkbaOZXNA==
jquery-migrate.min.js
spycloud.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee08ed5c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0520000c2fe60919000000001
last-modified
Thu, 24 Jun 2021 19:13:42 GMT
server
cloudflare
etag
W/"79b4956b7ec478ec10244b5e2d33ac7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
LQWWX3QGVcKfTtkOswL5253pnDXyKuhV
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
hXGWVrYJGjMWcfV0Oh1V_uCgNGmMB34qyd1RHd7z8STUKoR-5RVqPA==
wp-emoji-release.min.js
spycloud.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
1144
cf-ray
667c4ee0ff19c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa09a0000c2fe3cad3000000001
last-modified
Thu, 24 Jun 2021 19:13:44 GMT
server
cloudflare
etag
W/"eaa8641bcda2371f4024a71fbb67de3b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
ytdR1vC9tPOtaFW7Plcjrk7QK_p_GMT6
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
35f4n1B_7kVvTCM7yOY2k_TSALrkD1QVEHyxQug6c5EEqLYpX43Neg==
print.css
spycloud.com/wp-content/themes/spycloud/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/themes/spycloud/print.css?ver=5.7.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8ed0f5e35f50e97bcfe50eed0eac8e1d3997128055c943e35d38edd8d0aa773
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/spycloud/print.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-polished
origSize=2574
cf-ray
667c4ee14f4cc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0d00000c2fe020ff000000001
last-modified
Thu, 24 Jun 2021 19:12:45 GMT
server
cloudflare
etag
W/"374837a28a67bfec747ebdddfbc7be5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
nGdEiqr5mYVO6E2Ov69Xia9htKidSi0o
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
tDYhLaXnPIa7sFe7728H2mYBwHvPVj7kgeLoEChjtgJ59R89jAfheQ==
cf-bgj
minify
cookie-law-info-public.js
spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4c63359568628ef82a87692160e5bfca23b4951bf5db652a1f92dc9945ad53
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee0ff1bc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa09b0000c2fe0c88a000000001
last-modified
Thu, 24 Jun 2021 19:12:28 GMT
server
cloudflare
etag
W/"ecccd24a4fbd1bba5afdb61339bd774e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
7mt_ky3hsqCb57dMF_M_FyAD_61LJ3ki
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
W58wZfVnTQ9BkTFtMsgh31Hbv6-Jr4PEYRZl5_DpK8kKYKnL0Q3y2w==
wpmm-featuresbox.js
spycloud.com/wp-content/plugins/wp-megamenu/addons/wpmm-featuresbox/ 		488 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/wp-megamenu/addons/wpmm-featuresbox/wpmm-featuresbox.js?ver=1
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eff0e1854fa55be60eda0bdadc46196855405268c7dd0bfa17bbc659f04c1ae6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/wp-megamenu/addons/wpmm-featuresbox/wpmm-featuresbox.js?ver=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee0ff1cc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa09b0000c2fe3fa33000000001
last-modified
Thu, 24 Jun 2021 19:12:36 GMT
server
cloudflare
etag
W/"54b4fd33a80ff61fb8f5a44f2f31f413"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
7l0.GWl85Z3uc.To5ObKL6Ap3C62LCcu
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
i4U5RhQG8kD8GOacxVDh5hQXUKIBZAcBZznXKWPyACMbUigt_31lmg==
wpmm-gridpost.js
spycloud.com/wp-content/plugins/wp-megamenu/addons/wpmm-gridpost/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/wp-megamenu/addons/wpmm-gridpost/wpmm-gridpost.js?ver=1
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e770bd9e02e484d6aacb06aa5a10129a2a21082b03e3dadeb283c045f61b33e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/wp-megamenu/addons/wpmm-gridpost/wpmm-gridpost.js?ver=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee0ff1dc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa09c0000c2fee0851000000001
last-modified
Thu, 24 Jun 2021 19:12:36 GMT
server
cloudflare
etag
W/"252ad7745fbf90bb01472e065a93642d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
u03l.Uusf7BupkNAM54mb.nMbfXzt7s6
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
J2OBBjzBib4BXwJ3vZAlW6e7-b4rXFWRR_YqjGqHQ7sZr74_xqgNdw==
search-filter-build.min.js
spycloud.com/wp-content/plugins/search-filter-pro/public/assets/js/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/search-filter-pro/public/assets/js/search-filter-build.min.js?ver=2.5.0
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8611d56d67b7b90bd10267ecc7a63f8d9c9380803dbba9bd35fc60b00312e738
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/search-filter-pro/public/assets/js/search-filter-build.min.js?ver=2.5.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee0ff1ec2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa09f0000c2fee0852000000001
last-modified
Thu, 24 Jun 2021 19:12:27 GMT
server
cloudflare
etag
W/"9755fa3e2ce739dc30d5660d77c854d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
rTV116VhmB2t.h1lbZjeVFLk5ck5TPIW
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
Fy24qZhk6YSUoLujG9PQAFWTlVaNAKQ0yJmHivkqV-z-3jFN2La40g==
chosen.jquery.min.js
spycloud.com/wp-content/plugins/search-filter-pro/public/assets/js/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/search-filter-pro/public/assets/js/chosen.jquery.min.js?ver=2.5.0
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/search-filter-pro/public/assets/js/chosen.jquery.min.js?ver=2.5.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee0ff1fc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa09c0000c2fe6a02c000000001
last-modified
Thu, 24 Jun 2021 19:12:27 GMT
server
cloudflare
etag
W/"3e9f1dcb9cc75169765265133fb815a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
5CUhCuPl5pqNv4IXX9dXgw.ON5nMHx3n
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
JgHhXQK2mQPvQDviJUP99WK-VfzCEdoUQ1fRClxDzsrPeeale413Pw==
index.js
spycloud.com/wp-content/themes/spycloud/assets/js/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/themes/spycloud/assets/js/index.js?ver=5.7.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec0fb9102bab2564738de8103fb202852eca53ee13e2e3087055981d61ea0d77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/spycloud/assets/js/index.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee12f3cc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0b70000c2fe72111000000001
last-modified
Thu, 24 Jun 2021 19:12:44 GMT
server
cloudflare
etag
W/"04b4a23a4412c2cf023ddc4f17230628"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
9mkIuFQ5tqSulDwmkhejCQHMSX5ef.6q
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
l7hUtwpj9JnUKN_UZNXOW3Smaioqj6tfW6Mb9eo-ScsAOkyqSbV5ew==
custom-theme.css
spycloud.com/wp-content/themes/spycloud/assets/css/ 		124 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/themes/spycloud/assets/css/custom-theme.css
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
455eff4abe7ea104b2db349b84466870acec7941833b8390b08979bbfa20f967
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/spycloud/assets/css/custom-theme.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-polished
origSize=175513
cf-ray
667c4ee17f65c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa0e60000c2fe472d4000000001
last-modified
Thu, 24 Jun 2021 19:12:44 GMT
server
cloudflare
etag
W/"74d978063e486318187a00ed29e2ae59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
dLFCgy_d4jWQYdEnnK.QSHBTytbrhwNf
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
X06mtwXzsZ4MidnQe0Kg2t2NBFueQejlhE12Dm6kA7_CRMma3cfxow==
cf-bgj
minify
SpyCloud-Logo-Black.svg
spycloud.com/wp-content/uploads/2019/12/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spycloud.com/wp-content/uploads/2019/12/SpyCloud-Logo-Black.svg
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f11164ae8e4f4842249f899ba88b53e69f84a3859ae21c4f69c505b53c53c94
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2019/12/SpyCloud-Logo-Black.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6846
cf-ray
667c4ee22fdac2fe-FRA
x-cache
Hit from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa15a0000c2fe5c114000000001
last-modified
Thu, 24 Jun 2021 19:13:00 GMT
server
cloudflare
etag
W/"cf5ec7a069801a461df31efa9a18e97f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
XT7KEmmCPZgfkG3QBewhTHO9Ux6nIgkI
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
image/svg+xml
x-amz-cf-id
SQYQvcJZotCzDYXvyzqqOleyiF4HX7mMWHblBdznRq0mIky4bGjCpw==
rsxq1mn6w7.jsonp
fast.wistia.com/embed/medias/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/rsxq1mn6w7.jsonp
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d124beefbbf540b2a158fe7c7a0209fcfd65242a8aab28802e2e5c4f797712d0
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:13 GMT
content-encoding
br
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
0
x-cache
HIT, MISS
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length
1344
x-request-id
58a47e4d25ba31d50545e21edea23176
x-served-by
cache-dca17721-DCA, cache-fra19156-FRA
x-runtime
0.043262
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
x-timer
S1625107633.165210,VS0,VE156
etag
W/"d124beefbbf540b2a158fe7c7a0209fc"
x-download-options
noopen
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control
public, no-cache
x-browser
chrome
x-browser-version
89
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 0
E-v1.js
fast.wistia.com/assets/external/ 		598 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c02a0dccbd29f12aa4c327743517123bd4831d67ba495aec05a91fe5303df5fb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:13 GMT
content-encoding
br
vary
Accept-Encoding
age
1672
x-cache
HIT, HIT
content-length
115205
x-served-by
cache-dca12923-DCA, cache-fra19156-FRA
access-control-allow-origin
*
x-browser-version
89
last-modified
Mon, 28 Jun 2021 19:41:52 GMT
x-timer
S1625107633.165195,VS0,VE0
etag
"60da2600-1c205"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 22
swatch
fast.wistia.com/embed/medias/rsxq1mn6w7/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/embed/medias/rsxq1mn6w7/swatch
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd4088e078f8c62569a0dadbc6829c923696a6d3b63c70f3735573a2045fbc14
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:13 GMT
access-control-request-method
*
age
0
x-cache
MISS, MISS
content-disposition
inline
content-length
2536
x-served-by
cache-dca12925-DCA, cache-fra19156-FRA
access-control-allow-origin
*, *
x-browser-version
89
last-modified
Fri, 24 Apr 2020 14:48:31 UTC
x-timer
S1625107633.165187,VS0,VE123
strict-transport-security
max-age=0
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control
public, no-cache, max-age=31419310
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://spycloud.com
Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1131681
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27748
cf-request-id
0b018fa10200004dd064262000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wrquRi%2FEMfvfaa3HgmHyCMHau%2FStT0OT2l%2BTEfNTUz%2FBXnCu6UNCOiYPjpQ3hjAzqemqUaUe%2F0tkIHKC11Tu%2B2QbouvlQfL0gbCnsUZ70BavcIGGwpdsonInd0lQqKGe6DMvZD3UtzG5Li0dtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
667c4ee19f0e4dd0-FRA
expires
Tue, 21 Jun 2022 02:47:10 GMT
template-min.js
spycloud.com/wp-content/themes/spycloud/assets/js/ 		205 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/themes/spycloud/assets/js/template-min.js
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b36e04ba1430ea50d851c08818532a927889957322680957b13771642a10db5b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/spycloud/assets/js/template-min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee1bf91c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa1120000c2fe4f9b7000000001
last-modified
Thu, 24 Jun 2021 19:12:45 GMT
server
cloudflare
etag
W/"b8759ed1ee069be5d2d499053693a544"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
xYxKiS3IPyvNkiRiKYz13We6t5rs.7zl
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
zi9K5rsE0vpwLlB7c2swx4hpjEe7ix_blHIigPQDKnr1Ro_RCnumvQ==
custom.js
spycloud.com/wp-content/themes/spycloud/assets/js/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/themes/spycloud/assets/js/custom.js
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7846bb11c3fc4f1e89758b5d34fadfd38c9b4e34ba888510034401beedfd12bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/spycloud/assets/js/custom.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee1ffb3c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa1380000c2fe351ac000000001
last-modified
Thu, 24 Jun 2021 19:12:44 GMT
server
cloudflare
etag
W/"d00542161af21bbdc3fac0d4983818b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
F9cYeaJhGEp7mn5eLwNUfRzSjNKZ54HL
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
VHG7f5VsqO-arB3esJ68oU7oiOJL5dNG_3z_gFZciAyQCdu-j74W1g==
custom-2.js
spycloud.com/wp-content/themes/spycloud/assets/js/ 		829 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/themes/spycloud/assets/js/custom-2.js
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1500c4676a461f3e9467c763aac175f5f97b6f44e6027e5d1af5bd962d1063cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/spycloud/assets/js/custom-2.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee20fb9c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa1440000c2fe4f9b8000000001
last-modified
Thu, 24 Jun 2021 19:12:44 GMT
server
cloudflare
etag
W/"23bf2d79a5d24b90a4bf9cfbf84dec70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
G2EQ9aXVt5Z36Es0YYzvaiX8vdZNAQRC
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
g7jeL24nRm2LTRJ-po3cwmLuXSWW20RPFgs0BBReByCM8xDOVQ60Kw==
scripts.js
spycloud.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fc9c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa1580000c2fee0856000000001
last-modified
Thu, 24 Jun 2021 19:12:16 GMT
server
cloudflare
etag
W/"1534f06aa2b1b721a45372f8238e2461"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
A.1_WX6gyf4qNp2vARcvk8oqsU8kIRIv
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
Cho4qFGoFrP_meafOCZkA2bxY0XPbHyC4L-SwM5nf7_frrEGJDad_g==
wpmm.js
spycloud.com/wp-content/plugins/wp-megamenu/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/wp-megamenu/assets/js/wpmm.js?ver=1.3.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa5a336f0d04002197ebc3c79a957c7c28024ca6fbe9f21ad62c27d4a80bed50
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/wp-megamenu/assets/js/wpmm.js?ver=1.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fcac2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa1580000c2fe750c5000000001
last-modified
Thu, 24 Jun 2021 19:12:37 GMT
server
cloudflare
etag
W/"5da9b03ccc41716a12d318317d679c24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
EAQZWeBfvvf5FOVH_KlLHV4FAwMMyuF2
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
n9BTPZmpE3ktBSht3zJ99_A2So4oXnF2IUoDyreoQXioZOQj4JRHrA==
core.min.js
spycloud.com/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fcbc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa1580000c2fe2c86e000000001
last-modified
Thu, 24 Jun 2021 19:13:42 GMT
server
cloudflare
etag
W/"49fa677b9cd7ddf221dc06537b35e10f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
SiB1Q1zbq1w.BY6KzngLHNwjCt1mjqgy
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
fWpX7_1fxwqy4h506QiYqodH-EQKX_ZfNPA3c4c5pgQL28dRf10rPQ==
datepicker.min.js
spycloud.com/wp-includes/js/jquery/ui/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60e04dcb9483e44801771aab65df07bfa3fabbaf9a4386fd05f568d0e4d8710d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fcdc2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa1580000c2fe02103000000001
last-modified
Thu, 24 Jun 2021 19:13:42 GMT
server
cloudflare
etag
W/"94347d976158326e48afc6475778de7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
Xqy66okdWO7ywik1Nd5rvTBwukkEb8Wu
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
dayRxVOrty0amfELlCo5FPm5NdgL6CC-fQjjJVrUcXEKksD9R5Iz5g==
new-tab.js
spycloud.com/wp-content/plugins/page-links-to/dist/ 		1 KB
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.2.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a3acbabd08cec6c15bfb3596f63945ea34547d16495ac5dda42f002b0f5154
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.2.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fcec2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa15c0000c2fe02104000000001
last-modified
Thu, 24 Jun 2021 19:12:22 GMT
server
cloudflare
etag
W/"f0d9f8d12825ab5afc62d0f0cb861eb1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
iSwpvEpIEdC67tiPwW1tbugXwz27aSnZ
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
RtXW7S8-NA1lX8OFGIUwDLkce_YotQUhwc1FnbttXXuM3yM8_QBVPg==
validate.js
spycloud.com/wp-content/plugins/newsletter/subscription/ 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/newsletter/subscription/validate.js?ver=6.4.0
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
717c288dc6b91d3c1774be2fcf06f0eccd923966e3df65bef32b78e26cc18b75
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/newsletter/subscription/validate.js?ver=6.4.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fcfc2fe-FRA
x-cache
Hit from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa1580000c2fe2f8d8000000001
last-modified
Thu, 24 Jun 2021 19:12:21 GMT
server
cloudflare
etag
W/"b562667fe2faa8b03924bed00a98d7ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
izBoEi8xm3cTG0Ejp1.bmuTTiiIT3Ezr
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
Jpz08g1xp53-buGgo-1gM82fgArTb6-dnPgVQq_d7I_5lo4E80LxMA==
frontend-modules.min.js
spycloud.com/wp-content/plugins/elementor/assets/js/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.8.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de69c35f0f111abfe4e39623b55ee46d9813270923a206f756a0841aac5ffb82
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.8.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fd0c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa1590000c2fe0a2c5000000001
last-modified
Thu, 24 Jun 2021 19:12:18 GMT
server
cloudflare
etag
W/"b5911aadec431e35b2dc4324fb7d213a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
xr1U76py.hSA86Pm8EhAMdkdqLbQvnJK
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
byh_6aNYV85pChh1p_YcS_a4-Jqpy1SYP87puA0Ba3dQ2z7zbORPRQ==
jquery.sticky.min.js
spycloud.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.6.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.6.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fd1c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa1590000c2fe07b88000000001
last-modified
Thu, 24 Jun 2021 19:12:18 GMT
server
cloudflare
etag
W/"e16a8821e5f099c3a619889ea7cf0399"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
bOts6bA5NCkMQZv6YFvM_AEkIGYwv6u.
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
QW5v5EHlSkTBI2lN8L3Sdgr7f0nEY1DpjCm1PgEEFTj9n56zLh2ClA==
frontend.min.js
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 		101 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.6.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd940080d20e8a56f460ca26797cbf7a400757343a4c47c3bbc7acd9de53747e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.6.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fd2c2fe-FRA
x-cache
Hit from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa1590000c2fe592d9000000001
last-modified
Thu, 24 Jun 2021 19:12:17 GMT
server
cloudflare
etag
W/"86a1d5e831d6d802e80fbfe0d80f9cf2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
jE2d60.MZqEmkwonVsDHWUr.GtfqH8p9
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
tgAW8ECTyJcO4fJe7lOViyibhVDgHkhDO_-kBoClRE7zUMAGa37kMA==
dialog.min.js
spycloud.com/wp-content/plugins/elementor/assets/lib/dialog/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.3
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fd3c2fe-FRA
x-cache
Hit from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa15a0000c2fe6aa44000000001
last-modified
Thu, 24 Jun 2021 19:12:18 GMT
server
cloudflare
etag
W/"cca3df5fbe168ec27e08558cd91dd46c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
WAXnVg06cpGVb3eOtA2xaPv_ylREdcjT
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
ynwCbSE6o0fycqrCi97ktgTE9Y6a1PlUmmpc0yXwc7YvA3UyS2D1Zg==
waypoints.min.js
spycloud.com/wp-content/plugins/elementor/assets/lib/waypoints/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fd6c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa15a0000c2fe44133000000001
last-modified
Thu, 24 Jun 2021 19:12:19 GMT
server
cloudflare
etag
W/"3819c3569da71daec283a75483735f7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
tRROd0XHt28IlwAXHa8KSkKW9tTub02k
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
SpH9paQk4o3tmgoyeTHMvCvEtCB3R_9QoxxV2OWg12gGfedNhCkY0A==
swiper.min.js
spycloud.com/wp-content/plugins/elementor/assets/lib/swiper/ 		123 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fd7c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa15a0000c2fe60920000000001
last-modified
Thu, 24 Jun 2021 19:12:19 GMT
server
cloudflare
etag
W/"384b75728637af20c6beb2ca53b790e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
GI4hPGz94scuwx9L99fmCWsOTuQea77s
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
PeQphGb581TKLKyI4ttfWu_6RydUeo3og8CxI6j0f3e8mDDNKsGUjQ==
frontend.min.js
spycloud.com/wp-content/plugins/elementor/assets/js/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.8.2
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c6c480165f4b5ee4e5fc515bbc2cf5cfe9b4fd3095d637773cc6ede9ebef6f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.8.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
spycloud.com
referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/thank-you-keylogger-malware-webinar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
6845
cf-ray
667c4ee22fd9c2fe-FRA
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
cf-request-id
0b018fa15a0000c2fe05165000000001
last-modified
Thu, 24 Jun 2021 19:12:18 GMT
server
cloudflare
etag
W/"0bce949e6a50a1a053c089146ae2dac9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
UhSWR_pOaUT3nCwnqZZYUT7CIuGF9h.l
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
Hs_2lfWR3NwdCcKenQpPAhok82KLPWUpeLFocHxt6Qhe0rJ7yOLU0w==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://spycloud.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 10:48:51 GMT
x-content-type-options
nosniff
age
57499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 10:48:51 GMT
4UaOrEtFpBISc36j.woff2
fonts.gstatic.com/s/exo/v12/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo/v12/4UaOrEtFpBISc36j.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Exo:300,400,500,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
913fa20d5140a33381f1493b95e376816fe14df66cc44c09856fac80eac16903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://spycloud.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:57:05 GMT
x-content-type-options
nosniff
age
3005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20280
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 21:01:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Jul 2022 01:57:05 GMT
type-shape.png
spycloud.com/wp-content/themes/spycloud/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spycloud.com/wp-content/themes/spycloud/assets/images/type-shape.png
Requested by
Host: spycloud.com
URL: https://spycloud.com/wp-content/themes/spycloud/assets/css/custom-theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d651ff02e940d4f5cc1278683d76438acdff6f949aa07bc38658e291843a6757
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/spycloud/assets/images/type-shape.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
spycloud.com
referer
https://spycloud.com/wp-content/themes/spycloud/assets/css/custom-theme.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://spycloud.com/wp-content/themes/spycloud/assets/css/custom-theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA50-C1
cf-polished
origFmt=png, origSize=7298
cf-ray
667c4ee26ffcc2fe-FRA
x-cache
Hit from cloudfront
content-disposition
inline; filename="type-shape.webp"
vary
Accept
content-length
1726
cf-request-id
0b018fa1860000c2fe2f8d9000000001
last-modified
Thu, 24 Jun 2021 19:12:44 GMT
server
cloudflare
etag
"c69230ce7d6eda8d769aa86308c25a89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
MfIplsMJo7amIeP_dg4xQ3VWNRyZEU7t
cache-control
max-age=14400
accept-ranges
bytes
content-type
image/webp
x-amz-cf-id
edENH59_1-xrPxksjgRj_l5xNeWUpqC64OtDVUglH3Icl2BdOo437Q==
cf-bgj
imgq:85,h2pri
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://spycloud.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:13:20 GMT
x-content-type-options
nosniff
age
128030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 15:13:20 GMT
fa-brands-400.woff2
spycloud.com/wp-content/themes/spycloud/assets/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/themes/spycloud/assets/webfonts/fa-brands-400.woff2
Requested by
Host: spycloud.com
URL: https://spycloud.com/wp-content/themes/spycloud/assets/css/template.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d640e72dbf82134a0a6970da3460c18c27ab9c3cc5dcefb6206ccc05a83bc270
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/spycloud/assets/webfonts/fa-brands-400.woff2
pragma
no-cache
origin
https://spycloud.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
spycloud.com
referer
https://spycloud.com/wp-content/themes/spycloud/assets/css/template.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://spycloud.com
Referer
https://spycloud.com/wp-content/themes/spycloud/assets/css/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
75308
cf-request-id
0b018fa1890000c2fe2f8da000000001
last-modified
Thu, 24 Jun 2021 19:12:45 GMT
server
cloudflare
etag
"10591474ee3e18d1e6aa6a24ded22f42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
75PlUAZeKzlSU33OqRI4sWdHCTDFCiLz
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
667c4ee26ffdc2fe-FRA
x-amz-cf-id
RWSusUP6DE24EXZ_eWarZ0btT7eNVRim72bVwBB2zMvxzA3injNY6w==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://spycloud.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 22:51:50 GMT
x-content-type-options
nosniff
age
100520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 22:51:50 GMT
fontawesome-webfont.woff2
spycloud.com/wp-content/plugins/wp-megamenu/assets/font-awesome-4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spycloud.com/wp-content/plugins/wp-megamenu/assets/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: spycloud.com
URL: https://spycloud.com/wp-content/plugins/wp-megamenu/assets/font-awesome-4.7.0/css/font-awesome.min.css?ver=4.7.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/wp-megamenu/assets/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
origin
https://spycloud.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
spycloud.com
referer
https://spycloud.com/wp-content/plugins/wp-megamenu/assets/font-awesome-4.7.0/css/font-awesome.min.css?ver=4.7.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://spycloud.com
Referer
https://spycloud.com/wp-content/plugins/wp-megamenu/assets/font-awesome-4.7.0/css/font-awesome.min.css?ver=4.7.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
via
1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
77160
cf-request-id
0b018fa1c80000c2fe6aa48000000001
last-modified
Thu, 24 Jun 2021 19:12:36 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
tbbtyKvQ5bg1yZe0nk_yePIPiEa70H1C
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
667c4ee2d85dc2fe-FRA
x-amz-cf-id
v6lS3nQ2btx5O6hbNI9Wpqa276-3vVFHFTFHRZ9uB-VyQbwD8uu7OA==
/
ipapi.co/json/ 		722 B
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipapi.co/json/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99f4280af713a2cde4aff7921755122e64e052373f25a5401f90b56ebfa57f29
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:10 GMT
content-encoding
br
allow
GET, POST, OPTIONS, OPTIONS, HEAD
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Pgfi%2FgFcs5kjH%2FdLLhfKMdWwbNl7%2FpABX8XewIzkR9OyWjD%2BpJgW9Z%2FExDi5S21MkC4aEjCNmGXKj0DqBoPLbMd7B7z%2FIJYBje5ZdTi8q1FYaXghtNB6S4UmuaH9AwZO7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://spycloud.com
cf-ray
667c4ee30e914ece-FRA
cf-request-id
0b018fa1e200004ecee8859000000001
playPauseLoadingControl.js
fast.wistia.com/assets/external/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b923ac810a4f853fdd1263525e2a89aa55dac196445a270b5acd311ba427487
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:13 GMT
content-encoding
br
vary
Accept-Encoding
age
1672
x-cache
HIT, HIT
content-length
12667
x-served-by
cache-dca17768-DCA, cache-fra19156-FRA
access-control-allow-origin
*
x-browser-version
89
last-modified
Mon, 28 Jun 2021 19:41:52 GMT
x-timer
S1625107633.358337,VS0,VE0
etag
"60da2600-317b"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 16
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Origin
https://spycloud.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
swatch
fast.wistia.com/embed/medias/rsxq1mn6w7/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/embed/medias/rsxq1mn6w7/swatch
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd4088e078f8c62569a0dadbc6829c923696a6d3b63c70f3735573a2045fbc14
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:13 GMT
access-control-request-method
*
age
0
x-cache
MISS, HIT
content-disposition
inline
content-length
2536
x-served-by
cache-dca12925-DCA, cache-fra19156-FRA
access-control-allow-origin
*, *
x-browser-version
89
last-modified
Fri, 24 Apr 2020 14:48:31 UTC
x-timer
S1625107633.393478,VS0,VE0
strict-transport-security
max-age=0
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control
public, no-cache, max-age=31419310
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 1
d3d960f15e36360c347a6592cca97ac6.webp
embed-fastly.wistia.com/deliveries/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-fastly.wistia.com/deliveries/d3d960f15e36360c347a6592cca97ac6.webp?image_crop_resized=1920x1080
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1a520725d941cb4bc804d488bdab5badf90826900774e29bfe8c34bc1b2851db

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:11 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
d3d960f15e36360c347a6592cca97ac6
access-control-request-method
*
x-cache-hits
0, 0
x-cache
MISS, MISS
x-served-by
cache-dca17780-DCA, cache-hhn4032-HHN
last-modified
Fri, 24 Apr 2020 14:48:31 UTC
x-timer
S1625107631.714243,VS0,VE367
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/webp
access-control-allow-origin
*
content-disposition
inline
cache-control
max-age=31536000
accept-ranges
bytes
access-control-expose-headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
hls_video.js
fast.wistia.com/assets/external/engines/ 		347 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d2b4ee466fc48a4d85be7023166b0ebff30eb65e0f33ada1a7ca097b849cff7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:13 GMT
content-encoding
br
vary
Accept-Encoding
age
1672
x-cache
HIT, HIT
content-length
83492
x-served-by
cache-dca17729-DCA, cache-fra19156-FRA
access-control-allow-origin
*
x-browser-version
89
last-modified
Mon, 28 Jun 2021 19:41:52 GMT
x-timer
S1625107634.822050,VS0,VE0
etag
"60da2600-14624"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 13
blank.gif
fast.wistia.com/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/assets/images/blank.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Origin
https://spycloud.com
Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:11 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
age
26872
x-cache
HIT, HIT
x-cache-hits
1, 576
content-length
1214
x-served-by
cache-dca17766-DCA, cache-fra19183-FRA
x-browser-version
89
last-modified
Wed, 30 Jun 2021 19:16:16 GMT
x-timer
S1625107631.210181,VS0,VE0
etag
"60dcc300-4be"
strict-transport-security
max-age=0
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
ce12b25857d97f7c1d54039ff681e05f942196f5.m3u8
embed-fastly.wistia.com/deliveries/ 		104 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-fastly.wistia.com/deliveries/ce12b25857d97f7c1d54039ff681e05f942196f5.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c68d69f0a21b1fa652709158776ff79ab7ae434648fc872cfe050a140cfd15d8

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:11 GMT
content-encoding
gzip
age
0
edge-cache-tag
ce12b25857d97f7c1d54039ff681e05f942196f5
access-control-request-method
*
x-cache
MISS, MISS
via
1.1 varnish, 1.1 varnish
x-served-by
cache-dca12928-DCA, cache-hhn4064-HHN
expires
Fri, 01 Jul 2022 02:47:11 GMT
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
x-timer
S1625107631.190190,VS0,VE398
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
0, 0
x
distillery.wistia.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.117.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-117-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 01 Jul 2021 02:47:11 GMT
cache-control
max-age=0, private, must-revalidate
seg-1-v1-a1.ts
embed-fastly.wistia.com/deliveries/ce12b25857d97f7c1d54039ff681e05f942196f5.m3u8/ 		153 KB
153 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-fastly.wistia.com/deliveries/ce12b25857d97f7c1d54039ff681e05f942196f5.m3u8/seg-1-v1-a1.ts
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c0a3f9d22ae37a2e54ca11bffd7be7982ca7bbbabb2e3c9d2971cb141c0ca00

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:11 GMT
via
1.1 varnish, 1.1 varnish
age
116601
edge-cache-tag
ce12b25857d97f7c1d54039ff681e05f942196f5
access-control-request-method
*
x-cache
HIT, MISS
content-length
156792
x-served-by
cache-dca17745-DCA, cache-hhn4064-HHN
expires
Wed, 29 Jun 2022 18:23:50 GMT
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
x-timer
S1625107632.600170,VS0,VE97
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1, 0
mput
pipedream.wistia.com/ 		2 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.75.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-75-166.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 01 Jul 2021 02:47:12 GMT
content-length
2
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
gtm.js
www.googletagmanager.com/ 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WJDJZ6
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f01df939f1a508a38ffa9b7c2b090ca418df31289c62f071765728e2950c30e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58362
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 00:12:40 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Jul 2021 02:47:18 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDJZ6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
4534
date
Thu, 01 Jul 2021 01:31:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Thu, 01 Jul 2021 03:31:45 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDJZ6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 02:47:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 01:25:13 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=21708
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2079
pixel.js
www.redditstatic.com/ads/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDJZ6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
44b72af014f383676fe6b8f48bb8b4b6c0d9bad9b479ec0b432e1819d124180d

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:20 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 01 Jun 2021 21:43:38 GMT
server
snooserv
etag
"c51e34a5b277e70d9c56b25264388b0d"
vary
Accept-Encoding,Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-encoding
gzip
content-length
6058
3791228.js
js.hs-scripts.com/ 		2 KB
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/3791228.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDJZ6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5901303af569a30f801c0aa2d9cfe01205d43f182275f0141748d59f784791dd

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
0ab982d6-32af-4a26-995d-b87e3ad995b8
cf-request-id
0b018fc30000002bf67009c000000001
server
cloudflare
x-trace
2B21E88F941568AE842757DA99FBD0216EFFB6E545000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://spycloud.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
667c4f17ff6e2bf6-FRA
expires
Thu, 01 Jul 2021 02:48:19 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1734
date
Thu, 01 Jul 2021 02:18:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 01 Jul 2021 04:18:25 GMT
3660.js
script.crazyegg.com/pages/scripts/0087/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0087/3660.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDJZ6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b98572f31790983b4895341e0e9e2a5285f8bacfd9c1522c18285964c6f375d

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
content-encoding
gzip
cf-cache-status
HIT
age
33176
cf-polished
origSize=4864
ce-version
11.1.309
cf-request-id
0b018fc2f200003250bd878000000001
timing-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:34:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
cf-ray
667c4f17e8133250-FRA
cf-bgj
minify
sl.js
scout-cdn.salesloft.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scout-cdn.salesloft.com/sl.js
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
a959317813b70f3a91aceafa835bee05b1cf81ca27f7d2b7acbaed4a9c7a8762

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 18:38:20 GMT
server
NetDNA-cache/2.2
x-amz-request-id
MGS4N0F86G2SFGHB
etag
W/"f39a9ee69f7c11a788f004f2b71ace38"
x-cache
HIT
x-amz-version-id
null
content-type
application/javascript
x-amz-id-2
xNyWLR75bIjH/e3l4rsoVzMLLhF0k1/wPHd45ZK4cfIrau86f7VT3uLH1LMrxdd+IxnXQnCYieU=
t.js
vidassets.terminus.services/c8ee85f6-0548-40bc-b45f-64d4e3714571/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidassets.terminus.services/c8ee85f6-0548-40bc-b45f-64d4e3714571/t.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDJZ6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0e4b8d24a97bf67e39fcebe6b138ff9db6a5a01b38b3f2d2d2ab0ee90f44a729
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
AMS1-C1
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 21:36:07 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript;charset=utf-8
via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control
public, s-maxage=2700
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id
XERrxG4-I5W6DXvGF2j6bk2GQW04tipOa8xFd1V7Cr5F_gW-JrQAsw==
4863.js
tracking.g2crowd.com/attribution_tracking/conversions/ 		16 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/4863.js?p=https://spycloud.com/thank-you-keylogger-malware-webinar/&e=
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-encoding
br
x-xss-protection
1; mode=block
x-request-id
b8639938-3246-4506-9e3f-66d91af30299
x-runtime
0.016178
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
x-download-options
noopen
content-type
text/javascript; charset=utf-8
cache-control
max-age=600, public
content-security-policy
default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id
0b018fc30c00004e0e7eaf5000000001
cf-ray
667c4f1818b04e0e-FRA
fbevents.js
connect.facebook.net/en_US/ 		95 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31a54a93488f9711927aeb875ff1dd63a8c41359847f10f9cea7488dc65179b7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24675
x-xss-protection
0
pragma
public
x-fb-debug
xBkftboRq+00myJzop+eDql7dlTfOwkwebRdImZlQ/1M/AtK/uZtOYu+cPZ1WJw7UFcEp/DNDemP7TVaZluqfA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Thu, 01 Jul 2021 02:47:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
roundtrip.js
s.adroll.com/j/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDJZ6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1bf333796f692318dd70e062d1efe63338e020114d1ee5847055bc82f501f44

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pAM0.euFDysO58MEarE8oeehvhlA2XbA
Content-Encoding
gzip
ETag
"a392494e5ef76458b487317c249101f0"
x-amz-request-id
GFC88ABM5Z2RT2ET
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
13710
x-amz-id-2
TvEDMOabTBEBYHsC2LGUou2fSYFopQgXagfBlQIxp26nFbNnpsvtb6qfxVs2dCSiiuSGXrgu3fw=
Last-Modified
Wed, 23 Jun 2021 15:49:39 GMT
Server
AmazonS3
Date
Thu, 01 Jul 2021 02:47:19 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
i8ss4t6wz65v.js
js.driftt.com/include/1625107800000/ 		214 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/include/1625107800000/i8ss4t6wz65v.js
Requested by
Host: spycloud.com
URL: https://spycloud.com/thank-you-keylogger-malware-webinar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0563baf9f84e7fd604ee8637282ef9de23d5da3f31d7758d80f86c742ce018dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
content-encoding
gzip
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 18:17:45 GMT
server
nginx
etag
W/"717248813ad8ba3a89a47c0ed9bc0056"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
UHLc_Xb5mWcbkKrswbmH3Cv4a2iMCm5U
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
42bP7CKLa9sjK-q3XKG6AcT2aDhAdN_IxKhjD4fsmbmmfizX-z5wbA==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1559690&time=1625107639030&url=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1559690%26time%3D1625107639030%26url%3Dhttps%253A%252F%252Fspycloud.com%252Fthank...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1559690&time=1625107639030&url=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1559690&time=1625107639030&url=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&liSync=true&e_ipv6=AQKitpwg1QU5mgAAAXpf9qzxoPN...
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1559690&time=1625107639030&url=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&liSync=true&e_ipv6=AQKitpwg1QU5mgAAAXpf9qzxoPNEStaFUkT3_P3TjR0_Qpf7ZCUYR9uOfh1kHOUPhCJ9yedM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
fpU7zcmKjRbwW33ASCsAAA==

Redirect headers

date
Thu, 01 Jul 2021 02:47:19 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1559690&time=1625107639030&url=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&liSync=true&e_ipv6=AQKitpwg1QU5mgAAAXpf9qzxoPNEStaFUkT3_P3TjR0_Qpf7ZCUYR9uOfh1kHOUPhCJ9yedM
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
IOKGtsmKjRYwVJxutSoAAA==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=148508096&t=pageview&_s=1&dl=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&ul=en-us&de=UTF-8&dt=Thank%20You%20-%20I%20Put%20a%20Keylogger%20on%20You%2C%20and%20Now%20You%27re%20Mine%20%7C%20SpyCloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1377221006&gjid=482563247&cid=2063614221.1625107639&tid=UA-84143732-1&_gid=333623582.1625107639&_r=1&gtm=2wg6n05WJDJZ6&z=392276154
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://spycloud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=148508096&t=event&ni=0&_s=1&dl=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&ul=en-us&de=UTF-8&dt=Thank%20You%20-%20I%20Put%20a%20Keylogger%20on%20You%2C%20and%20Now%20You%27re%20Mine%20%7C%20SpyCloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Goal%20-%20Tier%202&ea=Form%20Submit&el=&_u=YGDACEABBAAAAC~&jid=&gjid=&cid=2063614221.1625107639&tid=UA-84143732-1&_gid=333623582.1625107639&gtm=2wg6n05WJDJZ6&z=843616863
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:24:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4959
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
2773416552923716
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2773416552923716?v=2.9.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1f3cdbd85206ca6c5a3b18eb00c549847497d92a59332941a00048c08e149660
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
snQ6fKcUvW+XAq2hCIBWqn868khU7Ny5fBQ8I0lZK1lKIID8zvlnfoxWhAs2Tm7Fa0eI0pysZgh+9ixLTvkCRg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 01 Jul 2021 02:47:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
r
scout.salesloft.com/ 		41 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDI4MTh9.vsHZsaHm7HJjrbZNvieObWAucWGV2aFnrSBi1EwqQvw
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.130.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-130-201.compute-1.amazonaws.com
Software
/
Resource Hash
aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://spycloud.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
41
x-request-id
10a70b2a26f62a52c2646aa42eabf8c7
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/RKDO7VUK5BB37LG565TIKM/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
E6Gl9B7gPbHVX38jHWUJV0Im5cXEZg8.
Content-Encoding
gzip
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
6J6WV6RWN730WHRP
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48
x-amz-id-2
5fY3mOf86PHfXzznpqyZ93VnsPjHl6TGgYcWIYb8oAwsAUfC3CR9Q6oHbvANb3at/wFXTkgrlzE=
Last-Modified
Thu, 20 May 2021 19:48:38 GMT
Server
AmazonS3
Date
Thu, 01 Jul 2021 02:47:19 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Thu, 01 Jul 2021 02:47:19 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/RKDO7VUK5BB37LG565TIKM/OUEVN2DEVNBMLJCDGYOSL2/ 		0
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/RKDO7VUK5BB37LG565TIKM/OUEVN2DEVNBMLJCDGYOSL2/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4VpWmXIzQ1BJQkXFonMT4sDkVA6Z3A5y
Content-Encoding
gzip
ETag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id
RC7VY4VZ1HPE2TZG
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
x-amz-id-2
frI2wHPGdFGk6oARE0PdaZB35J2MB4G7J6/5vAWe+58bgn8Y5mRht9qzNShHkGEZCza4UBwtFXc=
Last-Modified
Wed, 30 Jun 2021 08:38:19 GMT
Server
AmazonS3
Date
Thu, 01 Jul 2021 02:47:19 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/RKDO7VUK5BB37LG565TIKM/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/RKDO7VUK5BB37LG565TIKM?_s=22fdb9a012b3efb94a84838910f4e50f&_b=2
  • https://d.adroll.com/consent/check/RKDO7VUK5BB37LG565TIKM/?_s=22fdb9a012b3efb94a84838910f4e50f&_b=2
395 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/RKDO7VUK5BB37LG565TIKM/?_s=22fdb9a012b3efb94a84838910f4e50f&_b=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
8e38a944c622506a8d39a23f027b96d00716e7bc7bfdfaa687200d6d46d18b8f

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-type
application/javascript
content-length
395
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location
https://d.adroll.com/consent/check/RKDO7VUK5BB37LG565TIKM/?_s=22fdb9a012b3efb94a84838910f4e50f&_b=2
date
Thu, 01 Jul 2021 02:47:19 GMT
server
nginx/1.20.0
content-length
105
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1997065637&utmhn=spycloud.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Thank%20You%20-%20I%20Put%20a%20Keylogger%20on%20You%2C%20and%20Now%20You%27re%20Mine%20%7C%20SpyCloud&utmhid=148508096&utmr=-&utmp=%2Fthank-you-keylogger-malware-webinar%2F&utmht=1625107639074&utmac=UA-XXXYYYZZZ-1&utmcc=__utma%3D183290084.2063614221.1625107639.1625107639.1625107639.1%3B%2B__utmz%3D183290084.1625107639.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2012076344&utmredir=1&utmu=qhAgAAAAAAAAAAAAAAABAAAE~
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-84143732-1&cid=2063614221.1625107639&jid=1377221006&gjid=482563247&_gid=333623582.1625107639&_u=YEBAAEAAAAAAAC~&z=1633158366
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 01 Jul 2021 02:47:19 GMT
content-type
text/plain
access-control-allow-origin
https://spycloud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
rp.gif
alb.reddit.com/ 		42 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1625107639081&id=t2_a928j2qo&event=PageVisit&uuid=b49f892d-da4b-4a36-9e73-9cb6ae17a28a&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_87c5745b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:18 GMT
via
1.1 varnish
server
Varnish
accept-ranges
bytes
content-length
42
retry-after
0
content-type
image/gif
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-84143732-1&cid=2063614221.1625107639&jid=1377221006&_u=YEBAAEAAAAAAAC~&z=1008258947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-84143732-1&cid=2063614221.1625107639&jid=1377221006&_u=YEBAAEAAAAAAAC~&z=1008258947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s.gif
vidassets.terminus.services/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=c8ee85f6-0548-40bc-b45f-64d4e3714571|cb117a14-8507-4e9b-b018-b071a7621092
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=c8ee85f6-0548-40bc-b45f-64d4e3714571|cb117a14-8507-4e9b-b018-b071a7621092
  • https://vidassets.terminus.services/s.gif?d=c8ee85f6-0548-40bc-b45f-64d4e3714571|cb117a14-8507-4e9b-b018-b071a7621092&t=7ed77b91-9d65-4f95-bc1f-1ddaec939207
42 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidassets.terminus.services/s.gif?d=c8ee85f6-0548-40bc-b45f-64d4e3714571|cb117a14-8507-4e9b-b018-b071a7621092&t=7ed77b91-9d65-4f95-bc1f-1ddaec939207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:38:10 GMT
via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
562
x-cache
Hit from cloudfront
content-length
42
last-modified
Thu, 17 Jun 2021 21:36:07 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control
public, s-maxage=2700
x-amz-cf-pop
AMS1-C1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id
C49iZu740eEds-Dn85qgD6vC3M9PcgDKnawLR9caVSAjFqMnZ-Tt7w==

Redirect headers

pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://vidassets.terminus.services/s.gif?d=c8ee85f6-0548-40bc-b45f-64d4e3714571|cb117a14-8507-4e9b-b018-b071a7621092&t=7ed77b91-9d65-4f95-bc1f-1ddaec939207
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
343
t.gif
vidassets.terminus.services/c8ee85f6-0548-40bc-b45f-64d4e3714571/ 		42 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidassets.terminus.services/c8ee85f6-0548-40bc-b45f-64d4e3714571/t.gif?d=cb117a14-8507-4e9b-b018-b071a7621092&s=30f1c8ae-5646-4603-9e3a-0c69cc6cdd87&p=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&cb=1625107639095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Thu, 17 Jun 2021 21:36:07 GMT
server
nginx/1.10.3 (Ubuntu)
x-amz-cf-pop
AMS1-C1
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control
public, s-maxage=2700
x-cache
Hit from cloudfront
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
content-length
42
x-amz-cf-id
vNfBQ1K6l30aB02oJcMApIqhK24ge7_qpNrNz4LF7WidnKzIyu7D9Q==
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2773416552923716&ev=PageView&dl=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&rl=&if=false&ts=1625107639131&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=30&fbp=fb.1.1625107639130.2051372773&it=1625107639055&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 01 Jul 2021 02:47:19 GMT
JREF6ZCBPJF5ZCS3S2TGD6.js
s.adroll.com/pixel/RKDO7VUK5BB37LG565TIKM/OUEVN2DEVNBMLJCDGYOSL2/
Redirect Chain
  • https://d.adroll.com/pixel/RKDO7VUK5BB37LG565TIKM/OUEVN2DEVNBMLJCDGYOSL2?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-we...
  • https://s.adroll.com/pixel/RKDO7VUK5BB37LG565TIKM/OUEVN2DEVNBMLJCDGYOSL2/JREF6ZCBPJF5ZCS3S2TGD6.js
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/RKDO7VUK5BB37LG565TIKM/OUEVN2DEVNBMLJCDGYOSL2/JREF6ZCBPJF5ZCS3S2TGD6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e36c6a844f2eeb3b3aaf80d5e15ff6735fac97f71a9e73a43b16d3b4355dc09

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
WYwS7BEAp6zfaB4tD_h030AlW0j9qZPh
Content-Encoding
gzip
ETag
"41099332842bf5fd1aa741e27ddfb733"
x-amz-request-id
Z8H3HXJS6NHTERFB
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1833
x-amz-id-2
PlBT/dmdDjZIOHzWQVeOpJfkrP9b53tb+LJ3LZqwUgp2rwF6uBbP0uIOLsRsoqrAyIArwvwxGBE=
Last-Modified
Tue, 08 Dec 2020 23:59:10 GMT
Server
AmazonS3
Date
Thu, 01 Jul 2021 02:47:19 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
x-conversion-value
0.00
server
nginx/1.20.0
x-rule
*/thank-you-*
date
Thu, 01 Jul 2021 02:47:19 GMT
x-segment-eid
JREF6ZCBPJF5ZCS3S2TGD6
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://s.adroll.com/pixel/RKDO7VUK5BB37LG565TIKM/OUEVN2DEVNBMLJCDGYOSL2/JREF6ZCBPJF5ZCS3S2TGD6.js
cache-control
no-store, no-cache, must-revalidate
x-segment-display-name
Resource Download - Thank You Page View
x-pixel-eid
OUEVN2DEVNBMLJCDGYOSL2
x-segment-name
e4659b49
x-advertisable-eid
RKDO7VUK5BB37LG565TIKM
content-length
0
x-conversion-currency
i
scout.salesloft.com/ 		48 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/i
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.130.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-130-201.compute-1.amazonaws.com
Software
/
Resource Hash
716132feaaa09d95ac7f90748ee09418312e7e30da4882ba7db2c921e2d97842
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://spycloud.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
48
x-request-id
d96055df01b6ef30ccdd6ad0010d34a3
3791228.js
js.hs-analytics.net/analytics/1625107500000/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1625107500000/3791228.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3791228.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc66eb6906c49b19223f329f95cfbfbec6f0e051cd824f58150f345c20ed432

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
Z8H9AAHZAZ2VQWZP
x-amz-server-side-encryption
AES256
cf-ray
667c4f1a8b6d05b7-FRA
x-amz-id-2
OxzJr5rMFN/Z06HiEJI8fT4ot1jb7UdFFQrbfrwMbI5fsyOXhbtO3ggEpLSS3aKGpFiT2AERZEQ=
last-modified
Wed, 12 May 2021 19:24:32 GMT
server
cloudflare
etag
W/"25b4500d72025075eb01b84a1858ab2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-request-id
0b018fc49c000005b7a7281000000001
content-type
text/javascript
expires
Thu, 01 Jul 2021 02:52:19 GMT
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3791228.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947678fccd0d637da1d4ae67ad7b74cf8ad6cfc11e86ac75554b38ea7d28037f

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
via
1.1 47c0295005ec7d8570406951491004c3.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
571
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.238/bundles/pixels-release.js&cfRay=667c41279dc44ed9-EWR
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
0b018fc498000005e4a1bde000000001
last-modified
Fri, 25 Jun 2021 07:24:42 UTC
server
cloudflare
etag
W/"061519308a1db0a6d139576dca0de86c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
8gkiM8TAIY24hypoOf97jK4fww2ofOd8
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
667c4f1a8c8a05e4-FRA
x-amz-cf-id
kDNYee5o3GkM4G3hBO7NbYXOiJ9DSVNqTPs1SmqFEEgPlw5aKht6og==
x-hs-target-asset
adsscriptloaderstatic/static-1.238/bundles/pixels-release.js
leadflows.js
js.hsleadflows.net/ 		475 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3791228.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e734e59613ad8acfa314df40d191a7ffc831d35ce0409836d712e6233ade125a

Request headers

Origin
https://spycloud.com
Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
via
1.1 224f09e9c236b40d399a8b2851ac0069.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
33176
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1029/bundle/main/lead-flows-release.js&cfRay=66792525fd812b22-EWR
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
0b018fc49900004e0dc1b25000000001
cf-ray
667c4f1a8afa4e0d-FRA
last-modified
Mon, 28 Jun 2021 03:28:39 UTC
server
cloudflare
etag
W/"16c85022f7119b37a5c687536a0fc6c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
2ZrFT_N1HUqNtLS_U.sDzHSxM6LIMAgx
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
deW8uzo3wjxnp8r6YsuOeWBop34-lveJYiuRX9bYnBWI9Log5KkmvA==
x-hs-target-asset
lead-flows-js/static-1.1029/bundle/main/lead-flows-release.js
3791228.js
js.hs-banner.com/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/3791228.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3791228.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc97aeed6c8d121f1d852949d6068b8b016c4ca63ed10350716b8eafe32b928a

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
MT0SJ92BAVPXEP1W
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
NNYlu3PmxIvI0DbEZuAZsaKvbLgFxUCH0hyvSnAl924g8hhsMi1NOLudwv3Uvhg2p8w9xIr8T7o=
timing-allow-origin
*
last-modified
Thu, 27 May 2021 16:48:45 GMT
server
cloudflare
etag
W/"9bd2bbda4124ccc2befb16fcb370708a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
aJ7dqOB1fGctp5xsUA22Df3hpEJmBnhN
access-control-allow-origin
https://spycloud.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-request-id
0b018fc499000017626c9c3000000001
cf-ray
667c4f1a8d4f1762-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 01 Jul 2021 02:52:19 GMT
3660.json
script.crazyegg.com/pages/data-scripts/0087/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0087/3660.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0087/3660.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f171ac803f5630db1a5d94c481d30a6a4a3bddaf303a9fc24401c07b0b3af78

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
content-encoding
gzip
cf-cache-status
HIT
age
33175
ce-version
11.1.309
content-length
1295
cf-request-id
0b018fc49800004ec70c8c5000000001
timing-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:34:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
667c4f1a8f014ec7-FRA
sendrolling.js
s.adroll.com/j/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: d.adroll.com
URL: https://d.adroll.com/pixel/RKDO7VUK5BB37LG565TIKM/OUEVN2DEVNBMLJCDGYOSL2?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&pv=63949533105.20526&cookie=&adroll_s_ref=&keyw=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
982366f1ad02914ee8f64b7b11ac8a7f9902b6050e10c269b171cd2e51db3dee

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wbYjGSR.SUtyiP70Om2XSwXhD7m6RJQS
Content-Encoding
gzip
ETag
"5c44da3d0ddeac28ae4c1facdfbfa217"
x-amz-request-id
A1BAR845W96TXJSA
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2719
x-amz-id-2
sKgtcpyaUTo8MeH5uVVPddKc7dACqy0K0HeH1235iEkBN97okP2hviAm6/cyrXEh03vKmXPE210=
Last-Modified
Wed, 30 Jun 2021 20:06:12 GMT
Server
AmazonS3
Date
Thu, 01 Jul 2021 02:47:19 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
542278233170797
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/542278233170797?v=2.9.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b5d970d1e40e02ef28457d431254133d4f41c7b53d7166bb018e9eec550fc139
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
yH4vfsZXokFjj3peTAaLIGJnuzeHH7izawXHQMlYYNNQbJae2u7aPfXZVmU9b0LNWpenWl3Q5U7aPCZ+nOKxxA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 01 Jul 2021 02:47:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
pixel.advertising.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/aol/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5B...
  • https://pixel.advertising.com/ups/55980/sync?uid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55980/sync?uid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.28.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-28-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/55980/sync?uid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
167
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&expiration=1656643639
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&expiration=1656643639&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&expiration=1656643639&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 02:47:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jul 2021 02:47:19 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 02:47:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&expiration=1656643639&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Thu, 01 Jul 2021 02:47:19 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB3...
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&expires=365
pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&rdrctExp=true
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&rdrctExp=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 02:47:19 GMT
Cache-Control
no-cache
X-TraceId
2dbbbd26553aa512cf53be284abfd0f3
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&rdrctExp=true
Date
Thu, 01 Jul 2021 02:47:19 GMT
X-TraceId
b0e9e2ae306a979c9783c43fc9d62077
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...
1 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:411
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
220
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
v1
ads.yahoo.com/cms/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB3...
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

location
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
165
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7V...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Thu, 01 Jul 2021 02:47:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12747

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKD...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.194.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-194-104.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=4714&xuid=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB3...
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.179.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-179-12.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB3...
  • https://ib.adnxs.com/setuid?entity=172&code=MjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 02:47:19 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c175b1b3-6e00-4671-9673-bcc88386180c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 02:47:19 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a2b9d4a1-bee5-46d0-b886-fd3af9c235a4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjBhYzc2OTJjNDNkN2RhOTMyYTJkODM1NTAwZjBiNGE
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
out
d.adroll.com/cm/l/ 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/l/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB37LG565TIKM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB3...
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=20ac7692c43d7da932a2d835500f0b4a
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=20ac7692c43d7da932a2d835500f0b4a
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=20ac7692c43d7da932a2d835500f0b4a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=20ac7692c43d7da932a2d835500f0b4a
date
Thu, 01 Jul 2021 02:47:19 GMT
via
1.1 google
server
OXGW/16.210.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=b392039641114d39f5fd8212d7fb98c5-1625107639193&arrfrr=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&xid_ch=f&advertisable=RKDO7VUK5BB3...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=IKx2ksQ9fakyotg1UA8LSg
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=IKx2ksQ9fakyotg1UA8LSg&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
server
nginx/1.20.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Thu, 01 Jul 2021 02:47:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11.1.309.js
script.crazyegg.com/pages/versioned/common-scripts/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.309.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0087/3660.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d80f3bd222e336de545423e9fc389416507f3b7f75741b99e8365849e912794b

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
content-encoding
gzip
cf-cache-status
HIT
age
34262
cf-ray
667c4f1aa9e83250-FRA
content-length
21430
cf-request-id
0b018fc4a80000325086bc1000000001
last-modified
Wed, 16 Jun 2021 16:44:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
3660.json
script.crazyegg.com/pages/sampling-data-scripts/0087/ 		156 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0087/3660.json?t=451418
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.309.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
618a9261fe38710969e281fcde89e44c85edef110037765f650ab2afe3eed3f9

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
content-encoding
gzip
cf-cache-status
HIT
age
33175
ce-version
11.1.309
content-length
146
cf-request-id
0b018fc4c200004ec7c582a000000001
timing-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:34:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
667c4f1adf344ec7-FRA
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=542278233170797&ev=PageView&dl=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&rl=&if=false&ts=1625107639515&cd[segment_eid]=JREF6ZCBPJF5ZCS3S2TGD6&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=29&fbp=fb.1.1625107639130.2051372773&it=1625107639055&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 01 Jul 2021 02:47:19 GMT
__ptq.gif
track.hubspot.com/ 		45 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=3791228&pu=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&t=Thank+You+-+I+Put+a+Keylogger+on+You%2C+and+Now+You%27re+Mine+%7C+SpyCloud&cts=1625107639589&vi=ffbea287b487b1001c6bda0f155528c0&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:19 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
31b65699-4a53-4be3-9ad7-d5f97033ddd1
cf-ray
667c4f1c3ed64dd0-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
cf-request-id
0b018fc5a300004dd061b52000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0tyCCgktetwbku%2BH4M%2BR6DKx1FfnpE0qArReBziKM2%2FrcF5HcrUEuPmY%2F499FQJzDkWuBuB1%2BQCnQZDuh1yYlZodYU%2Fqjj9N5DyKsYgyv94IaQ3c9BAEfQ3mpr3di6%2FjCcBQqK5YI9Doiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
core
js.driftt.com/ Frame C59E 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1625107800000/i8ss4t6wz65v.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a1fcf63299ccd6947cb9ad993cac47c5c106195dc6600ad07327e72d808f636d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
js.driftt.com
:scheme
https
:path
/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spycloud.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spycloud.com/

Response headers

content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 30 Jun 2021 18:17:38 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
eL.qDnXZB4AZOEmaBxZ6JPTWAbxxBpfm
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-cache
etag
W/"06d7981abe7777c2e1c352dc87fae491"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
pJ82n-R3_hpNFSwQlLnYW3i3fpcqAGh-j8R6Q9gG6vhICyiLUg-Uew==
chat
js.driftt.com/core/ Frame BF2E 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1625107800000/i8ss4t6wz65v.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a1fcf63299ccd6947cb9ad993cac47c5c106195dc6600ad07327e72d808f636d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
js.driftt.com
:scheme
https
:path
/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spycloud.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spycloud.com/

Response headers

content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 30 Jun 2021 18:17:38 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
eL.qDnXZB4AZOEmaBxZ6JPTWAbxxBpfm
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Thu, 01 Jul 2021 02:47:19 GMT
cache-control
no-cache
etag
W/"06d7981abe7777c2e1c352dc87fae491"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
o-X5M5-sfOExhWH3dW-xs_WPL32pqWKXW-ZXHIYUCcAfet6_jo1tqQ==
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryCFuBbJOp4WGsRxvT

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 01 Jul 2021 02:47:19 GMT
content-type
text/plain
access-control-allow-origin
https://spycloud.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
runtime~main.6c1f5e80.js
js.driftt.com/core/assets/js/ Frame BF2E 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
00369dd44ac19615ea1dba16a54468c7f05cc97da8bdc39d252c7d8039b40092
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:17:37 GMT
content-encoding
gzip
age
30582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:10:49 GMT
server
nginx
etag
W/"3ddd480bc11a783dcf1e764fbcf53aba"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
ZRpuEn0_jfneqy3mp1afhizJzeyR2pzO
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
wIr-ggRZGuroA-uPld5Q_B3r0-Shkk1Ub169fSaPQQ5XcYWOpqxokA==
44.3bd3bb8d.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/44.3bd3bb8d.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c21d9e3445cb8790891cd27f74ee195ce4b0f07ef5e8cc2063ca4eab22d049d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"c06876f82f66d99256689810334899ca"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
zQoeCWQAg5G5PlJgRA3rlVkeXHARqB.U
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
2a0eOGAPqhHiFT8Xcq9xsYMElI-Kk9cR_gNwSmfOoKruicEZwgXSAg==
21.7c4ee8d6.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/21.7c4ee8d6.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3a2b8f3de356b1d9512f91b8aea011189a243cf1fc2ce1bd6b7626f839bc519e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"553c1451cc7e9e894b19ee5af409515c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
rHa9dxmkO0OPWyS2szXM2YqSlb5bKeoW
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
jMvVgT1nbB3MH09EVl16kZkL2S-GVYb-531iTBDDsxpZzy9ORZHZfg==
42.fed8a80f.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/42.fed8a80f.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a948615e74169bd67db05a943a6cd9b524cd4a6c923ed39c38febf2a953719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"6fd3fe14071f1b038f2bfba42db1ac3e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
NlSYAmLIpmYb4QLS8fjwUxsdC3.UyKty
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
byOIsptF7T-erlwo4OzBJNEughkUCqfLTSQdyqXwAa5ljJbLD9gTgg==
17.cc5ee1b8.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/17.cc5ee1b8.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3b21399359bef45fc2cb8de9474af101feedb9e924e654e4bb985e1d124d070
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"ca3eca8b3d7e83db62eaedac0cddd47a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
xKnvymNPAdlCIywxLoQrDNLdqh8KB6_Q
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
phQKFVUiJxW9Id832TFcJx8bloh82z1w2QA2IetiN1hMZrpRg1DMQA==
33.03a83594.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/33.03a83594.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9c27d79b770ba0eb5173b26b035ee87b2a2f1b20eee2735187f71ada88346fea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"ab50d24c40c3e6faf701ece17813529e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
8OuYLpTekyz7k2MVuuhxSMEZGo4Er2ut
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
yW5kpXjNCGRrzI4X2nUn6ukCXK6AUgEdzu9ubbvazLdIOPXij8Q6JQ==
28.0b81dd0a.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/28.0b81dd0a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
91466d577f7d047896b93425271249edcd58ed29a388c5c1069f662be611db5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 09:01:42 GMT
content-encoding
gzip
age
236737
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 18:28:46 GMT
server
nginx
etag
W/"df4d84fcfd4922ffba5f30ab776f6e32"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
OO1Dab5VD72AMX5ISc2q05Z.p8jrv.x.
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
rxQLRjj5sFUaL6WCOkrDZyCNICq9T4da-GCnw9JfnhR8eKDAmwoE5Q==
14.17f98f9d.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/14.17f98f9d.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d11032cfe587f0c79db9584b64f4b13cf82769d1f983108912337eee6ea56398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"ff5c5c24fc6dc18637ae590487dde29f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
1KcM8slesbFZ4EIVwg2bHAYaTeO7He_Z
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
8aoZNkRy2m2UVp7VdCoaA7D6u7EoMq5_D7ACg5cBWgIDfqfWdEkk_Q==
15.ba891359.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/15.ba891359.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2d3474f74f49ea05fe008ac0707fa6e2f3adba2b990b5c46d61f3a465023eae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 19:32:09 GMT
content-encoding
gzip
age
1149310
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 18:28:45 GMT
server
nginx
etag
W/"c35bc9563c8d6e811ec2f39f529dc431"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
3lq68YHVd35vstfXCkOXcwyh9BWIQDS5
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
qGxuWD8TqF0iUodiQnEQRORfWQLBTE-PrmGWAvV1iB-Rb5DfA5cS_Q==
36.9240267e.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/36.9240267e.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e01a31d1eb9be759017e7eb1cca7a856cdb6c73fd2495a3cae6fe24e15f3fef9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 11:45:29 GMT
content-encoding
gzip
age
226910
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 18:28:46 GMT
server
nginx
etag
W/"c0367e53a004313148d8c4e96e76faaf"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
h3LfGmvAyaZ7ebelJO9.2GLfM560A1LS
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
NgErTDJAGiuxf70r_Y72yuZlCyZfGoMAcNRrjkDR0itbc6Xi4qnpcA==
32.92f100fb.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/32.92f100fb.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c37c6eb0d9be9f7467f38756decf7c41e8e552ae4a146619fb4f9aa63861c835
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"2d012329af6f62cf36eca2aff0cb1157"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
tNHyS1J9mAwzwhudlk.OH3PYdzEfxlfj
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
FK0C8bAOT7Ba0xr1VqfLoNynU4pJpBOT8HmM0TR3dC4aUKOz8e4MJw==
20.62fe083d.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/20.62fe083d.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ede728e11dbe78ac756cc325c9d5e877729d68c194a9439e9bd832d2ad52c301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"0e70492825cbaac841710733b5ed436d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
IusQySAUFatuMfKBUnqgdgdpXeN2Fwpt
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
_oN7ulXn5ILa1J6QiCxs0zNdQtdmd7ji2lUqXDewXDrxMFuZQlLMbw==
10.cbe2a227.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/10.cbe2a227.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
eeab02fa687a9000589cff0ef5808d09c5db3d2ee31e46425b3d9bd2b5c0f28e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"d3bfd14d0d0890cb715db5eae4f8feb8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
UF8_3RAU8yQZURYOYgD2rdPGrYe7xIA6
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
dEDRniTGsU0UgjjQ9CJ6Rz0kjbdppT6L7ZR7HB8rzlSFMJ-_eLyHNA==
main~493df0b3.532e50bb.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/main~493df0b3.532e50bb.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9c57365216a701975ac3bf456f2f9cce60ef0329222db7b90411bbda2adb4318
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:17:37 GMT
content-encoding
gzip
age
30582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:10:48 GMT
server
nginx
etag
W/"d70673c666eaba1782904ba559393a7e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
LkZZ6o7LgTNtKME3IPJQhdSKssC.SiBE
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
baeqettZnTIdkjWgSyqVNE86LjyF5Kh-19AanL-Hsv6AECVH0V2mFQ==
main~970f9218.c0cbea5b.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		67 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/main~970f9218.c0cbea5b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
68a36f82c3728596943feac451a87afd67be8e6af426087b9bd95033e5d6fae0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:17:37 GMT
content-encoding
gzip
age
30582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:10:49 GMT
server
nginx
etag
W/"22f7334e0bd156fced31f3e4738fb092"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Q8rHDKwHXpcQgF40TKtSbf54BSqF8r.k
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
EyGBy-k45qxMCLn9sxtGtSCYAv8dtG7pKmSjnB9Nl0yjotBasVdrGA==
main~89e24786.ce8dfe56.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		65 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/main~89e24786.ce8dfe56.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
90f7c818d606e37a3f8a66fe9eb47654ded8c95274597a83e948a6af28516b96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:17:37 GMT
content-encoding
gzip
age
30582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:10:49 GMT
server
nginx
etag
W/"1b9f208198d93da279e796a930ef433d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
dgNgg01VEMuCUZRWQoPkXmC1YEmOKM0U
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
qWk2cTDfHS_fD5-OvBjzOkbUKqcRSzEF30fQeHqqANFZIJ7uqwz8Fg==
main~53ca99a6.b78ed640.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/main~53ca99a6.b78ed640.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2650770349b1602c450eda82290da9dd5a521110197e70ffdac403008f60820
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:17:37 GMT
content-encoding
gzip
age
30582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:10:49 GMT
server
nginx
etag
W/"6662989d134113f22c589e6d13e5271f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
_h4tVRipPXz_sHqDCVe8ATR0kr8MS2jw
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
aaDRzFtcwLr_WBlCE_244p6UDqPm0eGMU5NovIFE5p2dC7UPYcN80A==
runtime~main.6c1f5e80.js
js.driftt.com/core/assets/js/ Frame C59E 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
00369dd44ac19615ea1dba16a54468c7f05cc97da8bdc39d252c7d8039b40092
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:17:37 GMT
content-encoding
gzip
age
30582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:10:49 GMT
server
nginx
etag
W/"3ddd480bc11a783dcf1e764fbcf53aba"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
ZRpuEn0_jfneqy3mp1afhizJzeyR2pzO
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
AMhArlkX-o6d5JSadeLNA3Is4pmSDobQuJX8eiggxQvpZHg7uyXEpw==
44.3bd3bb8d.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/44.3bd3bb8d.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c21d9e3445cb8790891cd27f74ee195ce4b0f07ef5e8cc2063ca4eab22d049d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"c06876f82f66d99256689810334899ca"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
zQoeCWQAg5G5PlJgRA3rlVkeXHARqB.U
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
GTbua4CYsw4wdg5EYPcCAEVoothAT_hThvsIqmLjTtks8jH9c6g2bQ==
21.7c4ee8d6.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/21.7c4ee8d6.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3a2b8f3de356b1d9512f91b8aea011189a243cf1fc2ce1bd6b7626f839bc519e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"553c1451cc7e9e894b19ee5af409515c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
rHa9dxmkO0OPWyS2szXM2YqSlb5bKeoW
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
rZEM6gS5gBWQUKxo-BhLrwgRikO2dS51_yaYS_0xKqaKd7cDf_4DTw==
42.fed8a80f.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/42.fed8a80f.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a948615e74169bd67db05a943a6cd9b524cd4a6c923ed39c38febf2a953719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"6fd3fe14071f1b038f2bfba42db1ac3e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
NlSYAmLIpmYb4QLS8fjwUxsdC3.UyKty
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
7MeQI7e8GxKsgmVLVDaBym05MBgY2cj5wpmQCzyxhQRpDcrefmWKLg==
17.cc5ee1b8.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/17.cc5ee1b8.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3b21399359bef45fc2cb8de9474af101feedb9e924e654e4bb985e1d124d070
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"ca3eca8b3d7e83db62eaedac0cddd47a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
xKnvymNPAdlCIywxLoQrDNLdqh8KB6_Q
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
yVT54It8Jx___c_h5biQ1PZQERnlh3UpzL5qGRtsLhFD_0e4HVYSFg==
33.03a83594.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/33.03a83594.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9c27d79b770ba0eb5173b26b035ee87b2a2f1b20eee2735187f71ada88346fea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"ab50d24c40c3e6faf701ece17813529e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
8OuYLpTekyz7k2MVuuhxSMEZGo4Er2ut
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
VkSdTNEOql1FXznhTUrx-C2i4wWzStmHb_UAk8I6zoMel4qHX7CSZA==
28.0b81dd0a.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/28.0b81dd0a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
91466d577f7d047896b93425271249edcd58ed29a388c5c1069f662be611db5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 09:01:42 GMT
content-encoding
gzip
age
236737
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 18:28:46 GMT
server
nginx
etag
W/"df4d84fcfd4922ffba5f30ab776f6e32"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
OO1Dab5VD72AMX5ISc2q05Z.p8jrv.x.
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
k9xRo4Ue3vK03Jz-OoffG3eZsZKuAKFuBm0vudzqJhsc83rOhOeZjA==
14.17f98f9d.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/14.17f98f9d.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d11032cfe587f0c79db9584b64f4b13cf82769d1f983108912337eee6ea56398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"ff5c5c24fc6dc18637ae590487dde29f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
1KcM8slesbFZ4EIVwg2bHAYaTeO7He_Z
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
1gMr6hB5RM84vQwKRxkDKHZZoezDokerm2Dwvfd3_qGvQmS2t9CX9A==
15.ba891359.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/15.ba891359.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2d3474f74f49ea05fe008ac0707fa6e2f3adba2b990b5c46d61f3a465023eae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 19:32:09 GMT
content-encoding
gzip
age
1149310
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 18:28:45 GMT
server
nginx
etag
W/"c35bc9563c8d6e811ec2f39f529dc431"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
3lq68YHVd35vstfXCkOXcwyh9BWIQDS5
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
mYhLK2QumL2Coj8MG5LIK097wfAVS26_sdTfKEIq6-373hz-g1cGlQ==
36.9240267e.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/36.9240267e.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e01a31d1eb9be759017e7eb1cca7a856cdb6c73fd2495a3cae6fe24e15f3fef9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 11:45:29 GMT
content-encoding
gzip
age
226910
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 18:28:46 GMT
server
nginx
etag
W/"c0367e53a004313148d8c4e96e76faaf"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
h3LfGmvAyaZ7ebelJO9.2GLfM560A1LS
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
wStss81c_LvtECwXMdiYDm-DEmIU-O3tvNOUNNlFNYra0JWc7m86LA==
32.92f100fb.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/32.92f100fb.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c37c6eb0d9be9f7467f38756decf7c41e8e552ae4a146619fb4f9aa63861c835
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"2d012329af6f62cf36eca2aff0cb1157"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
tNHyS1J9mAwzwhudlk.OH3PYdzEfxlfj
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
hyY14lPUvbUCnLaBwI0dZ_4b3WVVqDD40nBHVhfx8AogMHR6Dn0VVA==
20.62fe083d.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/20.62fe083d.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ede728e11dbe78ac756cc325c9d5e877729d68c194a9439e9bd832d2ad52c301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"0e70492825cbaac841710733b5ed436d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
IusQySAUFatuMfKBUnqgdgdpXeN2Fwpt
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
KKMUF0PlbgQ41IQfYJ76X0KgRJqbvOqxl2Rr4IkKcYTrdGfOv0w_nA==
10.cbe2a227.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/10.cbe2a227.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
eeab02fa687a9000589cff0ef5808d09c5db3d2ee31e46425b3d9bd2b5c0f28e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:46 GMT
content-encoding
gzip
age
127053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"d3bfd14d0d0890cb715db5eae4f8feb8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
UF8_3RAU8yQZURYOYgD2rdPGrYe7xIA6
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
gwwv-AuR0WojoPYMz3HjugMrbp1tLtnDibsNFbBoR_KT9VCdO8Molw==
main~493df0b3.532e50bb.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/main~493df0b3.532e50bb.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9c57365216a701975ac3bf456f2f9cce60ef0329222db7b90411bbda2adb4318
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:17:37 GMT
content-encoding
gzip
age
30582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:10:48 GMT
server
nginx
etag
W/"d70673c666eaba1782904ba559393a7e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
LkZZ6o7LgTNtKME3IPJQhdSKssC.SiBE
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
wCOvBrZIS_WrPpgzMcdU-tqYPKSzzEqGLyaYNSj_CnhhlFEljWiORA==
main~970f9218.c0cbea5b.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		67 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/main~970f9218.c0cbea5b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
68a36f82c3728596943feac451a87afd67be8e6af426087b9bd95033e5d6fae0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:17:37 GMT
content-encoding
gzip
age
30582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:10:49 GMT
server
nginx
etag
W/"22f7334e0bd156fced31f3e4738fb092"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Q8rHDKwHXpcQgF40TKtSbf54BSqF8r.k
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
5u2Oa8aOtqMrNussCc6KhPS0Exq_fCisWhrb_sfUwTX2IpfUTSl_0g==
main~89e24786.ce8dfe56.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		65 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/main~89e24786.ce8dfe56.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
90f7c818d606e37a3f8a66fe9eb47654ded8c95274597a83e948a6af28516b96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:17:37 GMT
content-encoding
gzip
age
30582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:10:49 GMT
server
nginx
etag
W/"1b9f208198d93da279e796a930ef433d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
dgNgg01VEMuCUZRWQoPkXmC1YEmOKM0U
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
lIxiZFjhvKBG1eUifGcW1o1NpDd7s2z06pNHySLD8lESm8O4GUhLrQ==
main~53ca99a6.b78ed640.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/main~53ca99a6.b78ed640.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2650770349b1602c450eda82290da9dd5a521110197e70ffdac403008f60820
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://js.driftt.com
Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:17:37 GMT
content-encoding
gzip
age
30582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:10:49 GMT
server
nginx
etag
W/"6662989d134113f22c589e6d13e5271f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
_h4tVRipPXz_sHqDCVe8ATR0kr8MS2jw
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
INdOg9ZIHsKDgRmepMpOrXQ-ti0HChGRR_9qBANPj0trAGsVocjMEw==
41.41970d08.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/41.41970d08.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3d1e8196cf7c44a943802084cf000af366a092d5bab360474cbbecc1e349e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"7fc3fdd5818f51c7383843a948fbe0c7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
wEwn7a9XeuV0rjX.LPPraDvvwq090LI5
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
-laMcbZpISoSR4c3ApA9SvF6Xart9MfqdqfoqefJ2o_J5dMez9oE5g==
34.fe729046.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/34.fe729046.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ff04dd81bb93731c0d1f8e7d384b370f26b93f4352980404fcdc4518e386bedd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 03:42:18 GMT
content-encoding
gzip
age
7513501
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Fri, 02 Apr 2021 20:09:58 GMT
server
nginx
etag
W/"b75bf38c8eee61f620998bf4e506f0a8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
_QEo8ruB00K8AYDXkVWshXuiJqxD4Jx5
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
SJxkElEVW0UkwBNxVA5qJ0lRAUwpcJzS29biAIWdWKOgKSDCK9iIeQ==
26.91e0f92d.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/26.91e0f92d.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
457b4bd3410faf074da387900f87abc1e845269e857219560bce3ead8260d103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 10:49:37 GMT
content-encoding
gzip
age
316662
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 18:28:46 GMT
server
nginx
etag
W/"2203aa06cd7f5410d671168ef758e8ca"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
E1AW5ts8W_b77azb1fmanO3alCMuY8uB
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
mnlqiX1Z7KM5XNnCPR0fCGjMfHRjhmApFKUU-ybCf2TbVSWEiZA-kA==
29.4335bc3d.chunk.css
js.driftt.com/core/assets/css/ Frame BF2E 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/29.4335bc3d.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:44 GMT
server
nginx
etag
W/"7362dc7cbde5becc44253ec6d0061465"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
BGVrWoMAiPOQ28KxJKlDwICiUHzXg61S
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
BzbGKe30E65ItHu0W3ZZKxmr3TwhLmF8klh0IKWp3OJ-yFeBCQiNVA==
29.6f48b1b0.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/29.6f48b1b0.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0b7f3872fdae79fec7b7853d220403e64dca0d57aa05a7253039652400bdba77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"d007f1387183ae111f1700ad386797c8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
NQWRurXocaDIkXntPJFaCtnmIM87K.9X
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
mNXZHgnG9Nz2PFq_FlMbb-rsZIDo3WANkrRY1R_t2gvdZFoJ725Luw==
41.41970d08.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/41.41970d08.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3d1e8196cf7c44a943802084cf000af366a092d5bab360474cbbecc1e349e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"7fc3fdd5818f51c7383843a948fbe0c7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
wEwn7a9XeuV0rjX.LPPraDvvwq090LI5
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
D19qRQ6g3-98Xuk8R4O_bddFc64eGDIUZ-XcRuN47326iEggHSMBLg==
34.fe729046.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/34.fe729046.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ff04dd81bb93731c0d1f8e7d384b370f26b93f4352980404fcdc4518e386bedd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 03:42:18 GMT
content-encoding
gzip
age
7513501
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Fri, 02 Apr 2021 20:09:58 GMT
server
nginx
etag
W/"b75bf38c8eee61f620998bf4e506f0a8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
_QEo8ruB00K8AYDXkVWshXuiJqxD4Jx5
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
xW59KQiizr6f_2hHWs7z_Tx7pCxyZ30U7yU-pw4KHeBZX__-_KwbOg==
26.91e0f92d.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/26.91e0f92d.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
457b4bd3410faf074da387900f87abc1e845269e857219560bce3ead8260d103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 10:49:37 GMT
content-encoding
gzip
age
316662
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 18:28:46 GMT
server
nginx
etag
W/"2203aa06cd7f5410d671168ef758e8ca"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
E1AW5ts8W_b77azb1fmanO3alCMuY8uB
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
CWp_Bp7gjIGIvApLOhzW9-VCgyAXLOs9nugFx2lEAjUPgRH42A4xHg==
29.4335bc3d.chunk.css
js.driftt.com/core/assets/css/ Frame C59E 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/29.4335bc3d.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:44 GMT
server
nginx
etag
W/"7362dc7cbde5becc44253ec6d0061465"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
BGVrWoMAiPOQ28KxJKlDwICiUHzXg61S
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
XFpsl4IG2KhKtRtqYU7xP3QeUdxSVVH5dHDG3OWHbVko2EbOWK3_sw==
29.6f48b1b0.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/29.6f48b1b0.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0b7f3872fdae79fec7b7853d220403e64dca0d57aa05a7253039652400bdba77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"d007f1387183ae111f1700ad386797c8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
NQWRurXocaDIkXntPJFaCtnmIM87K.9X
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
gbkbwprmWK2NSsT8LyIHZkQjX1ly8iEcKuFie6lTI5bKTVZHw-5vFg==
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 		67 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3791228
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85084e75c64285af34fdeedeeb199d0cd8ff1bb95787faf082ffe8e03dda0c79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
7b5c5788-2306-451b-95da-4deee511f968
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0b018fc66200000746fb224000000001
server
cloudflare
x-trace
2B7BEFD2429A82785DBC11124F036CD41E00F2E94B000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jBbQ2A6u5F3m0L9bD0tQefHndnSLPcbaZ%2BnjiCXQofeMB%2BYvsMchH7gZuCwKwVMfo6IdQzfW8SSTSvpQJuIlbpB%2F29fw7skcCmSe6yMnvixhdIE25iX5BrVG%2Fzcgn9Ye7gB25tdSmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://spycloud.com
access-control-allow-credentials
false
cf-ray
667c4f1d69090746-FRA
access-control-allow-headers
*
0.45eb4005.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 06:38:36 GMT
content-encoding
gzip
age
3269323
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 20 May 2021 20:12:29 GMT
server
nginx
etag
W/"7e689afacd5eb298702f393c9c2f70f8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
lCLOOIEjaEgZbi3b.I5O2OFyTFkkbKKH
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
X2lgKEjZDk8_BoY10K1_iUOX0V13JhECrTltDSo5hH_T1U9fJUvpLw==
30.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame BF2E 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/30.e776e5b0.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:44 GMT
server
nginx
etag
W/"9f36443a9402e1e03bf8070ddc88b8db"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
fetckuyHy7tVJ3YvictsA_agqEVkirdd
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
0Y-HGoK7PKBiTyQXhr0qeZxdmxaV6XZHCMWARNOPJuut1hOQU38-GQ==
30.ad6941d2.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/30.ad6941d2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dda3ba9a1fd283a13d8cbfaf7e1685dd93b241e1ef438177836a5c0cbf2fd0a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"e1a8ad2c204a961487cc3581f9349ba7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
BCjHfkp85LeS.WvkWsf6SD_3_Dmo5yxb
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
SX8aU031sFLZ_9WfKhvGAx59MBoMn5tp9KNyqW_URAv-2BystMpZEA==
json
forms.hubspot.com/lead-flows-config/v1/config/ 		167 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3791228&utk=ffbea287b487b1001c6bda0f155528c0&__hstc=188594551.ffbea287b487b1001c6bda0f155528c0.1625107639587.1625107639587.1625107639587.1&__hssc=188594551.1.1625107639587&currentUrl=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b0d8305414b7faef746bea561c873fd912a17e88c0d5926488c3e884fa0fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
8ead4eec-f262-4ad0-9b17-70f93061454a
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0b018fc67d00002fa50921a000000001
x-robots-tag
none
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fuysqRSQXOI92roa1G9e3gxDP9gq%2B74gs0ao%2BWxrKkJ0Ab1FxdxoXSmXDLh%2BmRAnD6esTP4tbfQkCw%2BHfPRfIFYFeH7IJNZJTguj9JxvaYSRavK1T85he10EOej%2FfMLlb7AvU5r7%2F%2FlOqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://spycloud.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
667c4f1d99982fa5-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
0.45eb4005.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 06:38:36 GMT
content-encoding
gzip
age
3269323
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 20 May 2021 20:12:29 GMT
server
nginx
etag
W/"7e689afacd5eb298702f393c9c2f70f8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
lCLOOIEjaEgZbi3b.I5O2OFyTFkkbKKH
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
bZSfys-nVXoRrv3tCfh2Zx-s0Mlp_wSkAH74-xY42ajBXG0azJsu_Q==
1.0af467a5.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 06:38:36 GMT
content-encoding
gzip
age
3269323
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 20 May 2021 20:12:29 GMT
server
nginx
etag
W/"aedd244e100709f43b70a84bb3945ca6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
4Wi5ZpmXOk3hnWouo2fyIkLDHUdrZqTv
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9dRiSXgA376Be518csL3gaEHqZUJDZmQ51JfMzNPniKOFg1j3vjQVw==
25.131d2af6.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/25.131d2af6.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dc0bb0346ca9e459e560401d6a0178389306fa8e0f59d6ebe2936defdff9f26d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"08958a386a18d1c0f4bd8ee2b6d3a0d9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
jzNS.dRM0_53ruG2ILi5sFLeWM4eixU_
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
M-T5lElniGzDBqsZ9KYvoEtLrRHb2Xt3DPAHUrndSLRrRQ9XK7pk9g==
2.9e348098.chunk.css
js.driftt.com/core/assets/css/ Frame C59E 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/2.9e348098.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e90d57f411dd7b15b40912a0054905950c28469a3feb592e6c3ddb74d2ef5915
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 15:42:07 GMT
content-encoding
gzip
age
2372712
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 03 Jun 2021 13:26:35 GMT
server
nginx
etag
W/"97eba23aec3d21fff25c5114b738526d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
X7.U5pNSEiBC_Ve7E1M4nL1G5oIwqWQO
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
f-eJsSmj67obCc8m59lKWnd4H6cMuf-LA2umuo15riWoUOGK4XAaXQ==
2.756edb76.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/2.756edb76.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
931e842ef616bfbaacfdf75e86eba5bcb59d4c6d6bb52fef9be1d4c65224b95d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"97ed9a8417c0db2c6333e8a28e2b86cc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
5KHxyGNnU_ccTcFIez4RfVUdptr9Ey_1
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
1YdA7VRbZP_n-Hda51bmuaray7JBs2ni0_xJx96gY5nw_9SAUZqy9Q==
23.44736ae1.chunk.css
js.driftt.com/core/assets/css/ Frame C59E 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/23.44736ae1.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8c58a438125e389f81b62999773d8d6cb9e25828bb6049248faa04c12d2bc8a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:44 GMT
server
nginx
etag
W/"8b77004f90a97a8796e83c50f9e084d8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
4eZxDx1WcbOazMls7wR4Gz26GpcOfLf9
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ec7fdUIPxHynjRhX0zHFYqaPapeUdb7ad4cxugOvhRMe0qNzOo9LgA==
23.b8fbb6c4.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/23.b8fbb6c4.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6b5e9cd83930260aa6572db8fec0ed77345fc7a873ce3ddfd768c8d72b94dbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:17:38 GMT
content-encoding
gzip
age
30581
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:10:47 GMT
server
nginx
etag
W/"98ae2df40c355c723aa6005abc3c23c5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
NxIFej0ZlSRkbW7omZM_MZbXxvDga8Gw
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
YC1VIXind_ffmtasJafRuJ0fTINlDsPnC_v0qQAK-BQnq7KM3t9OpA==
1.0af467a5.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 06:38:36 GMT
content-encoding
gzip
age
3269323
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 20 May 2021 20:12:29 GMT
server
nginx
etag
W/"aedd244e100709f43b70a84bb3945ca6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
4Wi5ZpmXOk3hnWouo2fyIkLDHUdrZqTv
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
4HINcSBgu50OTVQG2S3IfEr_JTEQ7-EJ0tCJP83PP8iuWQAKN9RuqA==
4.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame BF2E 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/4.07aa08a5.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 17:05:02 GMT
content-encoding
gzip
age
812537
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Mon, 21 Jun 2021 16:07:56 GMT
server
nginx
etag
W/"189aeffd571884559dababa22c66d75a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
winn.F7Y8BLvDl7elYSpKAhV9aYgHewq
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
lQSdmqC4BKOc-l9ATZKgGNeuzWqVWweN9ETX2BL0blW8xrArqrZClA==
4.0b443ee6.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/4.0b443ee6.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9b346d4f0222398c955dca62d1b3a10d2c3e26d6433d38b25dca9b33d39b361d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 17:05:02 GMT
content-encoding
gzip
age
812537
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Mon, 21 Jun 2021 16:07:58 GMT
server
nginx
etag
W/"780ea6f04da8cf6149b353223784bfb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
tE4UxkZgUpjr59AD3rVWL26lmQqKfhgz
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
UnhbdiOD8TlqLjBH-WaseMVNPpw9VctIRT068hnosXe1w9eTo7MlJw==
2.9e348098.chunk.css
js.driftt.com/core/assets/css/ Frame BF2E 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/2.9e348098.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e90d57f411dd7b15b40912a0054905950c28469a3feb592e6c3ddb74d2ef5915
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 15:42:07 GMT
content-encoding
gzip
age
2372712
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 03 Jun 2021 13:26:35 GMT
server
nginx
etag
W/"97eba23aec3d21fff25c5114b738526d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
X7.U5pNSEiBC_Ve7E1M4nL1G5oIwqWQO
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
oNgB5PUW9y3-DZ3_zVxkFvXewtzyeGv_sqsPXUJ6yA3WUN3_BpBfBQ==
2.756edb76.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/2.756edb76.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
931e842ef616bfbaacfdf75e86eba5bcb59d4c6d6bb52fef9be1d4c65224b95d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"97ed9a8417c0db2c6333e8a28e2b86cc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
5KHxyGNnU_ccTcFIez4RfVUdptr9Ey_1
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
x5KBseFn_-qaQQFnw8qrb0eleHHOv-LHLfs1kCVGPNUaUoH6ih7aPw==
3.c823e73d.chunk.css
js.driftt.com/core/assets/css/ Frame BF2E 		41 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/3.c823e73d.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
034928ca5a3cc73a31c33194bb72b79fe2b2e85e593f1702f550b7506faef84c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:44 GMT
server
nginx
etag
W/"33550fc75419f1612c0ab881d4e01cbc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
6icVYAdUnKoIcK35chLIR_qywQTJPazm
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
d2F1UMlAhZn2RIqMhKxVSjy8VmQ84VPmK1tnUXY6ptVmgzSvvkmqYQ==
3.8d1d6e8c.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		73 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/3.8d1d6e8c.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ac5cadd7c1b73436bd75dc3e2d1bf609b8d070f64567ea1a8b1c57e51d051f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:17:38 GMT
content-encoding
gzip
age
30581
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 30 Jun 2021 17:10:47 GMT
server
nginx
etag
W/"cc6923c4b68b20c172e62136410e0343"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
ClFyJFqWLIvqFL90g9EI3EAuagw2x2Oe
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
PbwygvXliHmqmrWpi547dKLqEhZpv8UcWoVF0868fzwanaCnLRqjKg==
22.cbeac9c0.chunk.css
js.driftt.com/core/assets/css/ Frame BF2E 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/22.cbeac9c0.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
38fe61c974c3fa45b7a3c85975bb1bea318308957c2329f6c932623acff155b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:44 GMT
server
nginx
etag
W/"ebfbb9df704776942182975f5f6547a4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
8SJjElssArqldq2evv55pIesixJWD9iC
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
4G1sTjCxX2M8dG7vTIcFwwypOmuzluti233P1dtLmnfeGpTk9Grpcg==
22.6ff11e95.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/22.6ff11e95.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c2e64436f7cceccdf33dc776538a9ca3e668d6089bf758c66591302ffd40d58f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:45 GMT
server
nginx
etag
W/"c48947ce251d96cf06b33cbd126d0198"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
_8Cze4wFHjx2i0NeMyRKXhnf9Wot2mXW
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
HSvzUsHa3XtVOVAfZlN4BnAXW375hSfS1rz_h53NLkVlWqAILkiLDw==
v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame C59E 		25 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.api.drift.com/monitoring/metrics/widget/init/v2
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.3bd3bb8d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-21-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Jul 2021 02:47:20 GMT
server
istio-envoy
requestid
63e95813a3e90a7
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-max-age
1209600
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
25
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://metrics.api.drift.com/monitoring/metrics/widget/init/v2
Protocol
H2
Server
54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-21-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type
Origin
https://js.driftt.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 01 Jul 2021 02:47:20 GMT
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials
true
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age
1209600
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain
allow
POST,OPTIONS
requestid
drift1277cf346b6800f5898060d8058
content-length
13
x-envoy-upstream-service-time
0
server
istio-envoy
ping
bootstrap.api.drift.com/widget_bootstrap/ Frame C59E 		103 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bootstrap.api.drift.com/widget_bootstrap/ping
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.3bd3bb8d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-21-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
72b9eb06110817cddececbbb370417ae7d699e3ac6478eddee2c01cb3996e0ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Jul 2021 02:47:20 GMT
server
istio-envoy
requestid
ee42e3ec565b78f8
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-max-age
1209600
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
103
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bootstrap.api.drift.com/widget_bootstrap/ping
Protocol
H2
Server
54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-21-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://js.driftt.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 01 Jul 2021 02:47:20 GMT
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials
true
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age
1209600
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain
allow
POST,OPTIONS
requestid
drift70a5ee3441484bb5abda155ece4
content-length
13
x-envoy-upstream-service-time
0
server
istio-envoy
css
fonts.googleapis.com/ Frame C59E 		4 KB
739 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.756edb76.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://js.driftt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 01:46:28 GMT
server
ESF
date
Thu, 01 Jul 2021 02:47:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Jul 2021 02:47:19 GMT
js
www.googletagmanager.com/gtag/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820351011
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e5269e5e0704aad690f277069e2d659c1ab2af65a462a7e709d4472fda00815b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35086
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 00:12:40 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Jul 2021 02:47:20 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820351011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14011
x-xss-protection
0
server
cafe
etag
1690124483490796579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 02:47:20 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820351011/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820351011/?random=1625107640159&cv=9&fst=1625107640159&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6n0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&tiba=Thank%20You%20-%20I%20Put%20a%20Keylogger%20on%20You%2C%20and%20Now%20You%27re%20Mine%20%7C%20SpyCloud&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e65dc773af8273661aab7ac6026cc39574d843c50506113d50c88e73f9da86db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 02:47:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1095
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820351011/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820351011/?random=1625107640159&cv=9&fst=1625104800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&tiba=Thank%20You%20-%20I%20Put%20a%20Keylogger%20on%20You%2C%20and%20Now%20You%27re%20Mine%20%7C%20SpyCloud&async=1&fmt=3&is_vtc=1&random=583598520&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 02:47:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/820351011/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/820351011/?random=1625107640159&cv=9&fst=1625104800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fspycloud.com%2Fthank-you-keylogger-malware-webinar%2F&tiba=Thank%20You%20-%20I%20Put%20a%20Keylogger%20on%20You%2C%20and%20Now%20You%27re%20Mine%20%7C%20SpyCloud&async=1&fmt=3&is_vtc=1&random=583598520&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://spycloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 02:47:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i8ss4t6wz65v.json
embeds.driftcdn.com/embeds/ Frame C59E 		54 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embeds.driftcdn.com/embeds/i8ss4t6wz65v.json
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.3bd3bb8d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa8df56297e6e590f3baf1cbbfd1b3ea00bf07047230fb82a3965fcde8628864

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 02:47:21 GMT
content-encoding
gzip
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 30 May 2020 18:38:55 GMT
server
AmazonS3
etag
W/"133e5b2c8b0bebe885cd80c0edf3e761"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json; charset=UTF-8
via
1.1 084f866feba2345e668d9a32662696cf.cloudfront.net (CloudFront)
cache-control
public, max-age=30
x-amz-cf-id
teTtrStW14UPj2hgtQux0ywpoqBZFUTt2CFhAtREmO9kcghsw3YpCg==
widget_bootstrap
bootstrap.api.drift.com/ Frame C59E 		15 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bootstrap.api.drift.com/widget_bootstrap
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.3bd3bb8d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-21-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
7a3fd3ea88a67a9fe4dfc8f49b64fb0cb90b4c1521ac2e1a88ccb89108b90289
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 01 Jul 2021 02:47:20 GMT
content-encoding
gzip
server
istio-envoy
requestid
db9280a8156383a2
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-max-age
1209600
access-control-allow-credentials
true
x-envoy-upstream-service-time
144
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
i8ss4t6wz65v
targeting.api.drift.com/hours/availability/combined/ Frame C59E 		40 B
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.api.drift.com/hours/availability/combined/i8ss4t6wz65v
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.3bd3bb8d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-21-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
dd4115970a44fd799fd72e5caabc9e78cf1662f83d73ae82aeaeddb53c696cb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMjI3OTYxNTcxMjIxNTA0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTE4NzI2NiIsImV4cCI6MTY1NjY0MzY0MCwiaWF0IjoxNjI1MTA3NjQwfQ.Cpc560CCfrRecN7gClYU-tXn4jKy1ff3c8XI0X_GPEwREn0A90UWKSSyvCFsJIqN-AFiazs3OAFqk3qh5dP8yw

Response headers

date
Thu, 01 Jul 2021 02:47:21 GMT
server
istio-envoy
requestid
305efb6d9eef185
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-max-age
1209600
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
40
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
i8ss4t6wz65v
targeting.api.drift.com/hours/availability/combined/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.api.drift.com/hours/availability/combined/i8ss4t6wz65v
Protocol
H2
Server
54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-21-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization
Origin
https://js.driftt.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 01 Jul 2021 02:47:21 GMT
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials
true
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age
1209600
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain
allow
HEAD,GET,OPTIONS
requestid
drift08437a244d3b091a59f460cf909
content-length
18
x-envoy-upstream-service-time
0
server
istio-envoy
track
event.api.drift.com/ Frame C59E 		631 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.api.drift.com/track
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.3bd3bb8d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.164.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-164-153.compute-1.amazonaws.com
Software
/
Resource Hash
2a0275abec7573d54bfbe00ee49ec617e4511376eb42da1a57a9a9142ff0150c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMjI3OTYxNTcxMjIxNTA0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTE4NzI2NiIsImV4cCI6MTY1NjY0MzY0MCwiaWF0IjoxNjI1MTA3NjQwfQ.Cpc560CCfrRecN7gClYU-tXn4jKy1ff3c8XI0X_GPEwREn0A90UWKSSyvCFsJIqN-AFiazs3OAFqk3qh5dP8yw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Jul 2021 02:47:21 GMT
requestid
e7234c938acd609e
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
631
track
event.api.drift.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.api.drift.com/track
Protocol
H2
Server
18.211.164.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-164-153.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type
Origin
https://js.driftt.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 01 Jul 2021 02:47:21 GMT
content-type
text/plain
content-length
13
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials
true
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age
1209600
strict-transport-security
max-age=31536000; includeSubDomains
allow
POST,OPTIONS
requestid
driftafae4324253ba3d9de9a03c138c
49.3842bef3.chunk.js
js.driftt.com/core/assets/js/ Frame C59E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/49.3842bef3.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
59330e2d3c125737ec8b1cd245ec32769af27e45fc9a8e34e6d6eb5baab921ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=i8ss4t6wz65v&forceShow=false&skipCampaigns=false&sessionId=bd928903-501c-4c19-988c-d72126d15658&sessionStarted=1625107639.641&campaignRefreshToken=ba785cab-2bbb-44fc-968a-9413f7af8728&hideController=false&pageLoadStartTime=1625107630369&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127054
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"3609e94407fe22cd454a8d8d95a8898a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
gs_BF3dVEKeOoq37KtuCQkoyP8EJrMVK
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
tfDTUvMrDf63s_Cq856oc3TdJY946j_htYeAJVSfjMIJ7H5Kv0EU0Q==
49.3842bef3.chunk.js
js.driftt.com/core/assets/js/ Frame BF2E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/49.3842bef3.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6c1f5e80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
59330e2d3c125737ec8b1cd245ec32769af27e45fc9a8e34e6d6eb5baab921ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?driftEnableLog=false&pageLoadStartTime=1625107630369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:29:47 GMT
content-encoding
gzip
age
127054
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 29 Jun 2021 15:10:46 GMT
server
nginx
etag
W/"3609e94407fe22cd454a8d8d95a8898a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
gs_BF3dVEKeOoq37KtuCQkoyP8EJrMVK
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
AMS1-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
iiVug7xmLFG7uZcDA3f3MeAzo-IB8PPVqYyeJV8YBbEmjOZnoNW4Iw==
css
fonts.googleapis.com/ Frame BF2E 		4 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.756edb76.chunk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://js.driftt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 01:49:32 GMT
server
ESF
date
Thu, 01 Jul 2021 02:47:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Jul 2021 02:47:21 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame BF2E 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://js.driftt.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 13:09:35 GMT
x-content-type-options
nosniff
age
49066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 13:09:35 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame BF2E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://js.driftt.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:31:16 GMT
x-content-type-options
nosniff
age
123365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 16:31:16 GMT
bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame C59E 		25 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.api.drift.com/monitoring/metrics/event2/bulk
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.3bd3bb8d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-21-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMjI3OTYxNTcxMjIxNTA0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTE4NzI2NiIsImV4cCI6MTY1NjY0MzY0MCwiaWF0IjoxNjI1MTA3NjQwfQ.Cpc560CCfrRecN7gClYU-tXn4jKy1ff3c8XI0X_GPEwREn0A90UWKSSyvCFsJIqN-AFiazs3OAFqk3qh5dP8yw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Jul 2021 02:47:22 GMT
server
istio-envoy
requestid
8a8fd4acc01bfa44
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-max-age
1209600
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
25
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://metrics.api.drift.com/monitoring/metrics/event2/bulk
Protocol
H2
Server
54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-21-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type
Origin
https://js.driftt.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 01 Jul 2021 02:47:22 GMT
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials
true
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age
1209600
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain
allow
POST,OPTIONS
requestid
drift90625bb4ca4a6cc465487655f18
content-length
13
x-envoy-upstream-service-time
1
server
istio-envoy

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
spycloud.com
URL
https://spycloud.com/?sccss=1&ver=5.7.2

Verdicts & Comments Add Verdict or Comment

204 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| twemoji object| wp function| $ function| jQuery object| Cli_Data object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| postgrid_ajax_load object| SF_LDATA function| wNumb object| twentytwenty function| twentytwentyDomReady function| twentytwentyToggleAttribute function| twentytwentyMenuToggle function| twentytwentyFindParents function| twentytwentyEaseInOutQuad function| twentytwentyScrollTo function| changeSlideClasses string| OSName function| highlightCurrent function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded function| Outlayer function| Isotope function| Masonry string| cli_cookiebar_settings object| wpcf7 object| wpmm_object object| newsletter function| newsletter_check_field function| newsletter_check object| __core-js_shared__ object| core object| elementorModules function| Sticky object| ElementorProFrontendConfig object| elementorProFrontend object| DialogsManager function| Waypoint function| Swiper object| elementorFrontendConfig object| elementorFrontend object| Trunc object| clone string| currentText object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds object| wistiajsonp-/embed/medias/rsxq1mn6w7.jsonp object| srcReplaceableElms object| cliConsent object| categories string| categoryVal object| dataLayer string| currentCategory function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| rdt object| domains string| source string| medium string| term string| content string| campaign string| session_count string| pageview_count string| hostname object| _gaq object| tmp string| doname number| j function| get_campaign_info function| get_utm_value function| get_session_count function| get_pageview_count string| SLScoutObject function| slscout function| fbq function| _fbq string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded function| drift undefined| driftt function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| _gat string| gclid object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars object| _hsp boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL string| adroll_seg_eid string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL boolean| PIXELS_RAN object| _hsq object| CE2BH function| bindToWindowOnError function| defineProperties object| globalRoot undefined| hns object| leadflows object| hubspot function| OutpostErrorReporter boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| _paq function| sanitizeKey boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hstc_loaded object| 3eiXJRXgVuLsYGH9303q object| regeneratorRuntime object| _driftFrames object| __post_robot_10_0_16__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked object| drift_event_listeners string| drift_display_mode string| drift_campaign_refresh number| drift_page_view_started number| drift_session_started string| drift_session_id object| adroll_exp_list boolean| _hspb_ran boolean| _hspb_loaded boolean| LEAD_FLOW_DOCUMENT_READY_RAN function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

3 Cookies

Domain/Path Name / Value
spycloud.com/ Name: cookielawinfo-checkbox-non-necessary
Value: no
spycloud.com/ Name: cookielawinfo-checkbox-marketing
Value: yes
spycloud.com/ Name: cookielawinfo-checkbox-necessary
Value: yes

3 Console Messages

Source Level URL
Text
console-api log URL: https://spycloud.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js(Line 2)
Message:
jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at _default.get (https://spycloud.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.8.2:2:39091) at t.value (https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.6.2:2:20440) at new t (https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.6.2:2:19905) at Function.<anonymous> (https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.6.2:2:16198) at Function.each (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js:2:2827) at t.value (https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.6.2:2:16164) at t.value (https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.6.2:2:16261) at dispatch (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js:2:42571) at v.handle (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js:2:40572) at Object.trigger (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js:2:70627) undefined
console-api info URL: https://js.driftt.com/core/assets/js/21.7c4ee8d6.chunk.js(Line 1)
Message:
DRIFT_WIDGET:: widget_core:bootstrap_api finished in 248.30000114440918 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
alb.reddit.com
api.hubapi.com
bootstrap.api.drift.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
distillery.wistia.com
dsum-sec.casalemedia.com
eb2.3lift.com
embed-fastly.wistia.com
embeds.driftcdn.com
event.api.drift.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
ib.adnxs.com
ipapi.co
itcuratedbriefsolutions.com
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
match.adsrvr.org
metrics.api.drift.com
pipedream.wistia.com
pixel.advertising.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
scout-cdn.salesloft.com
scout.salesloft.com
script.crazyegg.com
simage2.pubmatic.com
snap.licdn.com
spycloud.com
ssl.google-analytics.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
targeting.api.drift.com
track.hubspot.com
tracking.g2crowd.com
us-u.openx.net
vidassets.terminus.services
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
x.bidswitch.net
spycloud.com
108.174.10.14
13.248.242.197
141.226.228.48
142.250.185.162
142.250.186.162
151.101.13.140
151.101.66.133
18.211.164.153
184.73.113.112
185.64.190.80
2.18.234.21
23.111.9.64
2606:4700:10::6816:2eea
2606:4700:20::681a:92c
2606:4700::6810:125e
2606:4700::6811:47b0
2606:4700::6811:71b0
2606:4700::6811:c8cc
2606:4700::6811:d4cc
2606:4700::6811:e8cc
2606:4700::6812:15bf
2606:4700::6812:1abe
2606:4700::6813:9308
2606:4700::6813:9408
2606:4700::6813:9a53
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1288:80:800::7000
2a00:1450:4001:802::200a
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:400c:c04::9b
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00::210:bac8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::622
3.248.28.111
34.98.64.218
35.158.179.12
37.252.172.45
52.54.130.201
52.58.194.104
52.59.28.101
52.6.75.166
54.147.21.139
54.86.117.43
64.202.112.159
65.9.77.41
65.9.77.61
65.9.77.7
69.173.144.138
00369dd44ac19615ea1dba16a54468c7f05cc97da8bdc39d252c7d8039b40092
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
034928ca5a3cc73a31c33194bb72b79fe2b2e85e593f1702f550b7506faef84c
0563baf9f84e7fd604ee8637282ef9de23d5da3f31d7758d80f86c742ce018dc
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b7f3872fdae79fec7b7853d220403e64dca0d57aa05a7253039652400bdba77
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0e4b8d24a97bf67e39fcebe6b138ff9db6a5a01b38b3f2d2d2ab0ee90f44a729
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f11164ae8e4f4842249f899ba88b53e69f84a3859ae21c4f69c505b53c53c94
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1500c4676a461f3e9467c763aac175f5f97b6f44e6027e5d1af5bd962d1063cf
15c6c480165f4b5ee4e5fc515bbc2cf5cfe9b4fd3095d637773cc6ede9ebef6f
1a520725d941cb4bc804d488bdab5badf90826900774e29bfe8c34bc1b2851db
1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7
1f3cdbd85206ca6c5a3b18eb00c549847497d92a59332941a00048c08e149660
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2a0275abec7573d54bfbe00ee49ec617e4511376eb42da1a57a9a9142ff0150c
2c3edcd46e69f4bbe85bc3ed9120df6b7d4fe487c01628215c783d6e12adecfa
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d3474f74f49ea05fe008ac0707fa6e2f3adba2b990b5c46d61f3a465023eae2
2e770bd9e02e484d6aacb06aa5a10129a2a21082b03e3dadeb283c045f61b33e
2f82466637e0dad096b437968aac04ecb23103270477144f8d88d7514eedfd38
30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079
3170dad42fb5331b23acc8f0a8c943f618a4402da80acdb89b76a426c1983737
31a54a93488f9711927aeb875ff1dd63a8c41359847f10f9cea7488dc65179b7
355e5f895dd35426f038c161603704cce0a9860126cec81cfb0df9e60f76179e
38fe61c974c3fa45b7a3c85975bb1bea318308957c2329f6c932623acff155b4
3a2b8f3de356b1d9512f91b8aea011189a243cf1fc2ce1bd6b7626f839bc519e
3b139bad4a379071939c14743f6e792e6478cd4493b62ad32012efd59df3259c
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3e74df990fc2870bec563c9c8f7e343dcda30fd8e4689aeeab5e82b060d714d6
4223aec97638aa5cd8a7768383c49279e11174858336d67871753572d268484b
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
44b72af014f383676fe6b8f48bb8b4b6c0d9bad9b479ec0b432e1819d124180d
455eff4abe7ea104b2db349b84466870acec7941833b8390b08979bbfa20f967
457b4bd3410faf074da387900f87abc1e845269e857219560bce3ead8260d103
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbc099826baec7ed7c060cae18f6f3fcadc241b96e3a6ad675b4c4ee3e7e046
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5901303af569a30f801c0aa2d9cfe01205d43f182275f0141748d59f784791dd
59330e2d3c125737ec8b1cd245ec32769af27e45fc9a8e34e6d6eb5baab921ce
5f171ac803f5630db1a5d94c481d30a6a4a3bddaf303a9fc24401c07b0b3af78
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60e04dcb9483e44801771aab65df07bfa3fabbaf9a4386fd05f568d0e4d8710d
618a9261fe38710969e281fcde89e44c85edef110037765f650ab2afe3eed3f9
61b0d8305414b7faef746bea561c873fd912a17e88c0d5926488c3e884fa0fa6
65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276
68a36f82c3728596943feac451a87afd67be8e6af426087b9bd95033e5d6fae0
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
6b5e9cd83930260aa6572db8fec0ed77345fc7a873ce3ddfd768c8d72b94dbd7
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
716132feaaa09d95ac7f90748ee09418312e7e30da4882ba7db2c921e2d97842
717c288dc6b91d3c1774be2fcf06f0eccd923966e3df65bef32b78e26cc18b75
72b9eb06110817cddececbbb370417ae7d699e3ac6478eddee2c01cb3996e0ac
73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7846bb11c3fc4f1e89758b5d34fadfd38c9b4e34ba888510034401beedfd12bd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a3fd3ea88a67a9fe4dfc8f49b64fb0cb90b4c1521ac2e1a88ccb89108b90289
7b47d671a4c37574f31b78f66febf0f0d8e6ef94f4ef7083959ab4d33d45cc90
7b923ac810a4f853fdd1263525e2a89aa55dac196445a270b5acd311ba427487
7c0a3f9d22ae37a2e54ca11bffd7be7982ca7bbbabb2e3c9d2971cb141c0ca00
817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85084e75c64285af34fdeedeeb199d0cd8ff1bb95787faf082ffe8e03dda0c79
8611d56d67b7b90bd10267ecc7a63f8d9c9380803dbba9bd35fc60b00312e738
8b98572f31790983b4895341e0e9e2a5285f8bacfd9c1522c18285964c6f375d
8c58a438125e389f81b62999773d8d6cb9e25828bb6049248faa04c12d2bc8a7
8e38a944c622506a8d39a23f027b96d00716e7bc7bfdfaa687200d6d46d18b8f
8e4c63359568628ef82a87692160e5bfca23b4951bf5db652a1f92dc9945ad53
90ec41b500c827277d054feac7201092140033ddc0801709d2d2b482ae7d225c
90f7c818d606e37a3f8a66fe9eb47654ded8c95274597a83e948a6af28516b96
913fa20d5140a33381f1493b95e376816fe14df66cc44c09856fac80eac16903
91466d577f7d047896b93425271249edcd58ed29a388c5c1069f662be611db5e
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
931e842ef616bfbaacfdf75e86eba5bcb59d4c6d6bb52fef9be1d4c65224b95d
947678fccd0d637da1d4ae67ad7b74cf8ad6cfc11e86ac75554b38ea7d28037f
94a3acbabd08cec6c15bfb3596f63945ea34547d16495ac5dda42f002b0f5154
982366f1ad02914ee8f64b7b11ac8a7f9902b6050e10c269b171cd2e51db3dee
99f4280af713a2cde4aff7921755122e64e052373f25a5401f90b56ebfa57f29
9b346d4f0222398c955dca62d1b3a10d2c3e26d6433d38b25dca9b33d39b361d
9c27d79b770ba0eb5173b26b035ee87b2a2f1b20eee2735187f71ada88346fea
9c57365216a701975ac3bf456f2f9cce60ef0329222db7b90411bbda2adb4318
9d2b4ee466fc48a4d85be7023166b0ebff30eb65e0f33ada1a7ca097b849cff7
9e36c6a844f2eeb3b3aaf80d5e15ff6735fac97f71a9e73a43b16d3b4355dc09
a1fcf63299ccd6947cb9ad993cac47c5c106195dc6600ad07327e72d808f636d
a3b21399359bef45fc2cb8de9474af101feedb9e924e654e4bb985e1d124d070
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a959317813b70f3a91aceafa835bee05b1cf81ca27f7d2b7acbaed4a9c7a8762
aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362
aa5a336f0d04002197ebc3c79a957c7c28024ca6fbe9f21ad62c27d4a80bed50
ac5cadd7c1b73436bd75dc3e2d1bf609b8d070f64567ea1a8b1c57e51d051f5f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22aaeed60aebeb623724d8988481d906ccafd99c5ffa5e1923287cbdf3ddd9f
b36e04ba1430ea50d851c08818532a927889957322680957b13771642a10db5b
b45935c1055d89acd905c34474a19ecdb32491298ad177418c044d28e51e1bd6
b5d970d1e40e02ef28457d431254133d4f41c7b53d7166bb018e9eec550fc139
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc66eb6906c49b19223f329f95cfbfbec6f0e051cd824f58150f345c20ed432
bbdee6a5cee7911ffed204b01e8798ff1ab500d754e0db2ae6be306c3567a37b
c00a5d5376385d59df5eeed6ff558a88aa2ab6f925f1e433f620c47d704374ed
c02a0dccbd29f12aa4c327743517123bd4831d67ba495aec05a91fe5303df5fb
c13decc1c5615b82e35fe2e7b9764158fdfc47953b5ef27f995bb6e467ac91ce
c21d9e3445cb8790891cd27f74ee195ce4b0f07ef5e8cc2063ca4eab22d049d6
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2e64436f7cceccdf33dc776538a9ca3e668d6089bf758c66591302ffd40d58f
c37c6eb0d9be9f7467f38756decf7c41e8e552ae4a146619fb4f9aa63861c835
c5ad8b399b615ecfc8f63628c1bad71cf11477002a51390fd1dcca1f2b34381e
c68d69f0a21b1fa652709158776ff79ab7ae434648fc872cfe050a140cfd15d8
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc97aeed6c8d121f1d852949d6068b8b016c4ca63ed10350716b8eafe32b928a
cf03320b30ecfa9e97c9983182ca4b6268bb516f02d41b3bb88a75b7f5977e83
d11032cfe587f0c79db9584b64f4b13cf82769d1f983108912337eee6ea56398
d124beefbbf540b2a158fe7c7a0209fcfd65242a8aab28802e2e5c4f797712d0
d46c61f4cb4a1550d261861139170a2bc1019b65c29fcf40bf1b8ca98d7f50e2
d640e72dbf82134a0a6970da3460c18c27ab9c3cc5dcefb6206ccc05a83bc270
d651ff02e940d4f5cc1278683d76438acdff6f949aa07bc38658e291843a6757
d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb
d80f3bd222e336de545423e9fc389416507f3b7f75741b99e8365849e912794b
d8ed0f5e35f50e97bcfe50eed0eac8e1d3997128055c943e35d38edd8d0aa773
dc0bb0346ca9e459e560401d6a0178389306fa8e0f59d6ebe2936defdff9f26d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd4088e078f8c62569a0dadbc6829c923696a6d3b63c70f3735573a2045fbc14
dd4115970a44fd799fd72e5caabc9e78cf1662f83d73ae82aeaeddb53c696cb3
dd940080d20e8a56f460ca26797cbf7a400757343a4c47c3bbc7acd9de53747e
dda3ba9a1fd283a13d8cbfaf7e1685dd93b241e1ef438177836a5c0cbf2fd0a3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de69c35f0f111abfe4e39623b55ee46d9813270923a206f756a0841aac5ffb82
e01a31d1eb9be759017e7eb1cca7a856cdb6c73fd2495a3cae6fe24e15f3fef9
e2650770349b1602c450eda82290da9dd5a521110197e70ffdac403008f60820
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d1e8196cf7c44a943802084cf000af366a092d5bab360474cbbecc1e349e57
e5269e5e0704aad690f277069e2d659c1ab2af65a462a7e709d4472fda00815b
e65dc773af8273661aab7ac6026cc39574d843c50506113d50c88e73f9da86db
e734e59613ad8acfa314df40d191a7ffc831d35ce0409836d712e6233ade125a
e90d57f411dd7b15b40912a0054905950c28469a3feb592e6c3ddb74d2ef5915
eb54321d72896f9db33897fd543c09aec72ea0f39258abfebb3dbf6947288961
ec0fb9102bab2564738de8103fb202852eca53ee13e2e3087055981d61ea0d77
ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7
ede728e11dbe78ac756cc325c9d5e877729d68c194a9439e9bd832d2ad52c301
eeab02fa687a9000589cff0ef5808d09c5db3d2ee31e46425b3d9bd2b5c0f28e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff0e1854fa55be60eda0bdadc46196855405268c7dd0bfa17bbc659f04c1ae6
f01df939f1a508a38ffa9b7c2b090ca418df31289c62f071765728e2950c30e2
f1bf333796f692318dd70e062d1efe63338e020114d1ee5847055bc82f501f44
f3a948615e74169bd67db05a943a6cd9b524cd4a6c923ed39c38febf2a953719
f454fde17fa6bf2c65d4cf5f445bf90ff15a7c3c65c21483d1901c53071d59e8
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
fa8df56297e6e590f3baf1cbbfd1b3ea00bf07047230fb82a3965fcde8628864
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ff04dd81bb93731c0d1f8e7d384b370f26b93f4352980404fcdc4518e386bedd
ff0b86be19103a07f740ad9bfdbd1a29ae83b9497e765723b15146fef38fab93