blog.checkpoint.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Submission: On February 19 via api (February 19th 2021, 3:38:35 pm UTC) from DE

Summary HTTP 168 Redirects Links 128 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 28 domains to perform 168 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is blog.checkpoint.com.
TLS certificate: Issued by R3 on December 14th 2020. Valid for: 3 months.

This is the only time blog.checkpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
11	2a02:26f0:710... 2a02:26f0:7100:48d::38f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.84.56.112 104.84.56.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.218.209.154 23.218.209.154	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.37.35.171 23.37.35.171	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2	18.158.85.13 18.158.85.13	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:191::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2620:119:50e4... 2620:119:50e4:101::6cae:b55	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
68	65.9.96.127 65.9.96.127	16509 (AMAZON-02) (AMAZON-02)
6	34.193.113.164 34.193.113.164	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.69.12 65.9.69.12	16509 (AMAZON-02) (AMAZON-02)
1	52.22.71.46 52.22.71.46	14618 (AMAZON-AES) (AMAZON-AES)
6	100.24.186.63 100.24.186.63	14618 (AMAZON-AES) (AMAZON-AES)
2	18.205.49.143 18.205.49.143	14618 (AMAZON-AES) (AMAZON-AES)
2	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
1	54.197.143.221 54.197.143.221	14618 (AMAZON-AES) (AMAZON-AES)
168	36

31 141.193.213.21 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

blog.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:7100:48d::38f0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.84.56.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-154.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.35.171 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-35-171.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.85.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:191::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e4:101::6cae:b55 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

68 65.9.96.127 (United States)

ASN16509 (AMAZON-02, US)

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.193.113.164 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-113-164.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.69.12 (United States)

ASN16509 (AMAZON-02, US)

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.71.46 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-71-46.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 100.24.186.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.205.49.143 (United States)

ASN14618 (AMAZON-AES, US)

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flow.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.143.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

js.driftqa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	driftt.com js.driftt.com	751 KB
42	checkpoint.com 1 redirects blog.checkpoint.com www.checkpoint.com	709 KB
17	drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com flow.api.drift.com	10 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	google.de www.google.de	697 B
3	google.com www.google.com	697 B
3	doubleclick.net stats.g.doubleclick.net	586 B
3	6sc.co j.6sc.co c.6sc.co b.6sc.co	8 KB
2	facebook.com www.facebook.com	323 B
2	facebook.net connect.facebook.net	92 KB
2	marketo.net munchkin.marketo.net	7 KB
2	6sense.com epsilon.6sense.com	548 B
2	addthis.com s7.addthis.com	190 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	69 KB
1	driftqa.com js.driftqa.com	21 KB
1	imgix.net driftt.imgix.net	1 KB
1	driftcdn.com embeds.driftcdn.com	9 KB
1	t.co t.co	166 B
1	twitter.com analytics.twitter.com	281 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	adnxs.com secure.adnxs.com	709 B
1	addthisedge.com v1.addthisedge.com	726 B
1	moatads.com z.moatads.com	1 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	googletagmanager.com www.googletagmanager.com	61 KB
1	jquery.com code.jquery.com	30 KB
168	28

	Domain	Requested by
68	js.driftt.com	blog.checkpoint.com js.driftt.com
31	blog.checkpoint.com	1 redirects blog.checkpoint.com
11	www.checkpoint.com	blog.checkpoint.com
6	targeting.api.drift.com	js.driftt.com
6	metrics.api.drift.com	js.driftt.com
4	www.google-analytics.com	www.googletagmanager.com blog.checkpoint.com www.google-analytics.com
3	www.google.de	blog.checkpoint.com
3	www.google.com	blog.checkpoint.com
3	stats.g.doubleclick.net	www.google-analytics.com
2	flow.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	www.facebook.com	connect.facebook.net
2	px.ads.linkedin.com	1 redirects
2	connect.facebook.net	blog.checkpoint.com connect.facebook.net
2	munchkin.marketo.net	blog.checkpoint.com munchkin.marketo.net
2	epsilon.6sense.com	j.6sc.co
2	s7.addthis.com	blog.checkpoint.com s7.addthis.com
2	maxcdn.bootstrapcdn.com	blog.checkpoint.com maxcdn.bootstrapcdn.com
1	js.driftqa.com
1	driftt.imgix.net	js.driftt.com
1	bootstrap.api.drift.com	js.driftt.com
1	embeds.driftcdn.com	js.driftt.com
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	www.linkedin.com	1 redirects
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	b.6sc.co	blog.checkpoint.com
1	secure.adnxs.com	j.6sc.co
1	c.6sc.co	j.6sc.co
1	j.6sc.co	blog.checkpoint.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	cdn.onesignal.com	blog.checkpoint.com
1	www.googletagmanager.com	blog.checkpoint.com
1	code.jquery.com	blog.checkpoint.com
168	36

This site contains links to these domains. Also see Links.

Domain
www.checkpoint.com
supportcenter.checkpoint.com
usercenter.checkpoint.com
www.checkpoint.com.cn
pages.checkpoint.com
help.checkpoint.com
training-certifications.checkpoint.com
partnerlocator.checkpoint.com
www.youtube.com
resources.checkpoint.com
research.checkpoint.com
www.cybertalk.org
community.checkpoint.com
us-cert.cisa.gov
developer.checkpoint.com
www.facebook.com
twitter.com
www.linkedin.com
www.addthis.com

Subject Issuer	Validity	Valid
blog.checkpoint.com R3	`2020-12-14` - `2021-03-14`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.checkpoint.com DigiCert SHA2 Secure Server CA	`2019-12-10` - `2021-03-10`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2021-04-07`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2020-01-07` - `2021-04-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.6sense.com Amazon	`2020-07-29` - `2021-08-28`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-11`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.driftcdn.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
imgix.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-06` - `2021-08-07`	a year	crt.sh
driftqa.com Amazon	`2020-06-18` - `2021-07-18`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Frame ID: 399F3E95F24CC26894F608A50870C000
Requests: 82 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
Frame ID: 799243F6DC555E13DE8C9979BF55D843
Requests: 39 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat
Frame ID: 570DFAC6D760E8A210DA18B08C8FE48B
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-... HTTP 301
http://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-... HTTP 307
https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /bootstrap[.-]([\d.]*\d)[^/]*\.js/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/flickity(?:\.pkgd)?(?:\.min)?\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

168
Requests

100 %
HTTPS

50 %
IPv6

28
Domains

36
Subdomains

36
IPs

4
Countries

1990 kB
Transfer

5099 kB
Size

10
Cookies

128 Outgoing links

These are links going to different origins than the main page.

URL: https://www.checkpoint.com/demos/
Title: Free Demo

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/about-us/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://supportcenter.checkpoint.com/
Title: Support Center

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/index.jsp
Title: Sign In

Search URL Search Domain Scan URL

URL: http://www.checkpoint.com/

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/
Title: English (English)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/es/
Title: Spanish (Español)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/fr/
Title: French (Français)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/de/
Title: German (Deutsch)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/it/
Title: Italian (Italiano)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/pt/
Title: Portuguese (Português)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/ru/
Title: Russian (Русский)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/jp/
Title: Japanese (日本語)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com.cn/
Title: Chinese (中文)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/cloud-native-security/
Title: Cloud Native Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/cloud-security-posture-management/
Title: Cloud Security Posture Management

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/workload-protection/
Title: Cloud Workload Protection

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/cloud-intelligence-threat-hunting/
Title: Cloud Intelligence and Threat Hunting

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/cloud-network-security/
Title: Cloud Network Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/cloudguard-connect-sase/
Title: Secure Access Service Edge (SASE)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/remote-user-secure-access/
Title: Remote User Secure Access

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/branch-cloud-security/
Title: Branch Office Secure Access

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/branch-virtual-security-gateway/
Title: Branch Office Secure SD-WAN

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/email-security/
Title: SaaS & Cloud Email Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/advanced-network-threat-prevention/
Title: Advanced Network Threat Prevention

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/next-generation-firewall/
Title: Next Generation Firewall

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/maestro-hyperscale-network-security/
Title: Hyperscale Network Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/iot-security/
Title: IoT Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/unified-cyber-security-platform/
Title: Cyber Security Platform

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/smart-1-cloud-security-management/
Title: Smart-1 Cloud

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/security-management-appliances/
Title: Security Management Appliances

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/security-compliance/
Title: Compliance

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/infinity-soc/
Title: Security Operations Center (SOC)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/mobile-security/
Title: Mobile Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/mobile-secure-workspace/
Title: Mobile Secure Workspace

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/advanced-endpoint-protection/
Title: Advanced Endpoint Threat Prevention

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/remote-access-vpn/
Title: Remote Access VPN

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/architecture/infinity/
Title: Check Point Infinity

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/
Title: Products Overview

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/#products-a-z
Title: Products A-Z

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/securing-your-remote-workforce-signup.html?utm_source=cp-home&utm_medium=cp-website&utm_campaign=PM_WR_20Q3_WW_BTP_securing_remote_workforce_video_guide
Title: Watch Now

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/cloudguard-serverless-security/
Title: Serverless Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/cloudguard-container-security/
Title: Container Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/public-cloud-compliance-governance/
Title: Cloud Compliance & Governance

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/products/iaas-private-cloud-security/
Title: Private Cloud Network Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/amazon-aws-security/
Title: AWS Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/microsoft-azure-security/
Title: Azure Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/google-cloud-platform-security/
Title: GCP Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/data-center-security/
Title: Data Center & High Performance

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/enterprise-network-security/
Title: Large Enterprise

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/small-medium-business/
Title: Small and Medium Business

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/consumer-small-business/
Title: Consumer and Small Business

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/secure-remote-workforce-during-coronavirus/
Title: Secure Remote Workforce

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/anti-ransomware/
Title: Anti-Ransomware

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/cloud-security/
Title: Cloud Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/endpoint-security/
Title: Endpoint Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/mobile-security/
Title: Enterprise Mobile Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/gdpr/
Title: GDPR

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/iot-security/
Title: IoT Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/network-security/
Title: Network Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/sd-wan-security/
Title: SD-WAN Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/zero-trust-security/
Title: Zero Trust Security

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/zero-day-protection/
Title: Zero-Day Protection

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/retail-point-of-sale-pos/
Title: Retail

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/financial-services/
Title: Financial Services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/government-federal-security/
Title: Government

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/healthcare/
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/industrial-control-systems/
Title: Industrial Control Systems ICS & SCADA

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/service-provider/
Title: Service Provider

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/education/
Title: Education

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/
Title: Solutions Overview

Search URL Search Domain Scan URL

URL: https://help.checkpoint.com/s/
Title: Create/View Service Request

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/contact-support/
Title: Contact Support

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/pro/
Title: Check Point Pro

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/support-plans/
Title: Support Plans

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/support-life-cycle-policy/
Title: Life Cycle Policy

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/software-license-agreement-limited-hardware-warranty/
Title: License Agreement & Warranty

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/rma-return-process/
Title: RMA Policy

Search URL Search Domain Scan URL

URL: https://training-certifications.checkpoint.com/#/
Title: Training and Certification

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/training/cyber-range/
Title: Cyber Range Courses

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/training/hackingpoint/
Title: HackingPoint Courses

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/clc/
Title: Learning Credits

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/secureacademy/
Title: Secure Academy

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/knowledge-base/
Title: Knowledge Base

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/elearning/
Title: eLearning

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/professional-services/
Title: Professional Services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/advanced-technical-account-management/
Title: Advanced Technical Account Management

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/lifecycle-management/
Title: Lifecycle Management Services

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/security-consulting/
Title: Security Consulting

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/threatcloud-managed-security-service/
Title: ThreatCloud Managed Security Service

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/partners/channel/
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://partnerlocator.checkpoint.com/#/
Title: Find a Partner

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/partners/opsec/
Title: Technology Partners

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/solutions/featured-technology-partners/
Title: Featured Technology Partners

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=gr2f2LqjUAE
Title: Watch Video

Search URL Search Domain Scan URL

URL: https://resources.checkpoint.com/
Title: Content Resource Center

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/trials/
Title: Product Trials

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/customer-stories/
Title: Customer Stories

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/events/
Title: Events

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/webinars/
Title: Webinars

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/videos/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cyber-hub/
Title: Cyber Hub

Search URL Search Domain Scan URL

URL: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doShowprelanding&all
Title: Downloads and Documentation

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/portal/media-type/html/role/usercenterUser/page/default.psml/js_pane/PricingToolsId,ProductsCatalogId
Title: Product Catalog

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/portal/media-type/html/role/usercenterUser/page/default.psml/js_pane/PricingToolsId,supportQuoteToolId
Title: Renewal Pricing Tool

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/
Title: Check Point Research

Search URL Search Domain Scan URL

URL: https://www.cybertalk.org/
Title: Cyber Talk for Executives

Search URL Search Domain Scan URL

URL: https://community.checkpoint.com/
Title: CheckMates Community

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/portal/media-type/html/role/usercenterUser/page/default.psml/js_pane/supportId,CreateServiceRequestId
Title: Create Support Request

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/portal/media-type/html/role/usercenterUser/page/default.psml/js_pane/supportId,MyServiceRequests
Title: My Support Request

Search URL Search Domain Scan URL

URL: https://training-certifications.checkpoint.com/
Title: Training and Certification

Search URL Search Domain Scan URL

URL: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doHome
Title: Support Center

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/threatcloud-incident-response/
Title:

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/press/2020/october-2020s-most-wanted-malware-trickbot-and-emotet-trojans-are-driving-spike-in-ransomware-attacks/
Title: was linked to a wave of ransomware attacks

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/alerts/TA18-201A
Title: $1 million dollars

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/cyber-hub/threat-prevention/what-is-malware/
Title: malware

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/infinity-soc-sunburst-attacks-solution.html

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/idc-report-mobile-threat-management-2020.html?utm_source=cp-home&utm_medium=cp-website&utm_campaign=pm_wr_20q3_ww_idc_mtm_2020

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/security-admins-guide-to-secure-remote-workforce/

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/maestro-esg-whitepaper.html

Search URL Search Domain Scan URL

URL: https://developer.checkpoint.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/checkpointsoftware

Search URL Search Domain Scan URL

URL: https://twitter.com/checkpointsw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/check-point-software-technologies

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CPGlobal

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/copyright/
Title: Copyright

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat HTTP 301
http://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/ HTTP 307
https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1613749096175&url=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D51830%26time%3D1613749096175%26url%3Dhttps%253A%252F%252Fblog.checkpoint.com%252F2021%252F01%252F07%252Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1613749096175&url=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat%2F&liSync=true

168 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Redirect Chain

https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat
http://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

101 KB
16 KB

202ms
202ms

Document
text/html

141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

2adfacd895d2728eba788bdc296afe05b11a4069a0e85fd4ce767ad066e93e8e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: blog.checkpoint.com
:scheme: https
:path: /2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d2ca31d8ef83153da6aed764094379d8e1613749094
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-pingback: //blog.checkpoint.com/xmlrpc.php
link: <https://blog.checkpoint.com/?p=26424>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 085c8a21af00002790fd094000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 624112e2aaf32790-PRG
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Non-Authoritative-Reason: HSTS

GET
H2 200 style.min.css
blog.checkpoint.com/wp-includes/css/dist/block-library/ 50 KB
7 KB 47ms
42ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Dec 2020 16:17:29 GMT
server: cloudflare
age: 2844240
etag: W/"5fd0f899-c8e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e40de02790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a228900002790b18c2000000001

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
5 KB 30ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css?ver=3.3.7

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.checkpoint.com
Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 5041

GET
H2 200 bootstrap.3.min.css
blog.checkpoint.com/wp-content/themes/frontend/css/ 118 KB
18 KB 80ms
75ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/css/bootstrap.3.min.css?ver=3.3.7
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 2844240
etag: W/"5c990bee-1d942"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e40de22790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a228900002790eeba4000000001

GET
H2 200 cp-header.css
blog.checkpoint.com/wp-content/themes/frontend/css/ 197 KB
26 KB 66ms
61ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/css/cp-header.css?ver=2.1
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 971c44f8109a1730354bd08de9ca99378fdd5a50d793d385a30e193a7979655c

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:18:15 GMT
server: cloudflare
age: 2844240
etag: W/"5c990d57-31223"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e40de32790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a228900002790a52e8000000001

GET
H2 200 style.css
blog.checkpoint.com/wp-content/themes/frontend/ 21 KB
5 KB 46ms
42ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/style.css?ver=1.24
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a4d208941a1be2347a5179f041e15cc5098a648d61cd8864dd194e14f4e6d1a

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Aug 2020 18:41:51 GMT
server: cloudflare
age: 2844240
etag: W/"5f2da06f-5361"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e40de52790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a228900002790fc23b000000001

GET
H2 200 flickity.min.css
blog.checkpoint.com/wp-content/themes/frontend/css/ 2 KB
656 B 84ms
80ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/css/flickity.min.css?ver=1.0
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8da941d8a446516c824ebc9fb77b42e6b92c6deed1daed266bd821ed27bc516

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 1629573
etag: W/"5c990bee-71d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e40de62790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a228a00002790a6210000000001

GET
H2 200 jquery-3.4.0.min.js Show response
code.jquery.com/ 86 KB
30 KB 12ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.0.min.js?ver=5.6
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2019 19:56:14 GMT
server: nginx
etag: W/"5cae4a5e-15857"
vary: Accept-Encoding
x-hw: 1613749095.dop053.fr8.t,1613749095.cds221.fr8.hc,1613749095.cds051.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30632

GET
H2 200 scripts.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/ 430 B
379 B 39ms
36ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/js/scripts.js?ver=1.0.0
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d245d96784beee8a8652270aaa63264158ef3a6aae0c4f76d051ee14c4de7d98

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 2844239
etag: W/"5c990bee-1ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e40de72790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a228a00002790f9169000000001

GET
H2 200 bootstrap.3.min.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/lib/ 39 KB
10 KB 56ms
52ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/js/lib/bootstrap.3.min.js?ver=5.6
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Jul 2019 21:05:48 GMT
server: cloudflare
age: 2844239
etag: W/"5d26532c-9b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e40de92790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a228a000027909bb14000000001

GET
H2 200 jquery.matchHeight.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/lib/ 12 KB
3 KB 82ms
78ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/js/lib/jquery.matchHeight.js?ver=5.6
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6ba13b690dee4af8ac51913d50f8509c65be9516aa24e2f761b3a1aa96dbd3

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 2844239
etag: W/"5c990bee-2e02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e40dec2790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a228a00002790b813c000000001

GET
H2 200 flickity.pkgd.min.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/lib/ 54 KB
13 KB 48ms
45ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/js/lib/flickity.pkgd.min.js?ver=1.0.0
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2df9f6df4b4a8d7174d259f563b8d9e28e4c03f8f4092fd9db6044e0e64c32

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 2844239
etag: W/"5c990bee-d7c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e40def2790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a228b00002790db184000000001

GET
H2 200 single-post.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/ 485 B
354 B 87ms
84ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/js/single-post.js?ver=1.0.4
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eabdbc55715edcfef23aef35a30d6dc56f207e057c5b81b821f858121bb4a7b

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 31 May 2019 14:33:11 GMT
server: cloudflare
age: 94255
etag: W/"5cf13b27-1e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e40df32790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a228b00002790a303e000000001

GET
H2 200 check-point-logo.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
3 KB 55ms
11ms Image
image/webp 2a02:26f0:7100:48d::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/check-point-logo.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:48d::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6ed6b410b876f3fc5ab6c930a9519f05b5481a1ce615ad59edbf2960dc8cfe76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "1fa8-59792ac1aa500"
x-serial: 681
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/webp
cache-control: private, no-transform, max-age=2082945
access-control-allow-credentials: true
last-modified: Mon, 21 Dec 2020 18:14:49 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 2508
expires: Mon, 15 Mar 2021 18:14:00 GMT

GET
H2 200 cp-logo-3x.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 8 KB
8 KB 56ms
12ms Image
image/webp 2a02:26f0:7100:48d::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/cp-logo-3x.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:48d::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d02f35d0199626147d0633f8eb18fb166f1798469f3313d8155748ace9e9071d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "5451-5a821f5d027c0"
x-serial: 1929
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/webp
cache-control: private, no-transform, max-age=2082386
access-control-allow-credentials: true
last-modified: Mon, 21 Dec 2020 18:01:42 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 8166
expires: Mon, 15 Mar 2021 18:04:41 GMT

GET
H2 200 search-btn.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 612 B
1 KB 61ms
18ms Image
image/webp 2a02:26f0:7100:48d::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/search-btn.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:48d::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

106d46e74162c59758b345b4054bcd34fb8260b8ea1df4e258140d4beb2b7774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
last-modified: Mon, 21 Dec 2020 18:41:12 GMT
server: Akamai Image Manager
etag: "729-59792ac1aa500"
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/webp
cache-control: private, no-transform, max-age=2084561
access-control-allow-credentials: true
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 612
expires: Mon, 15 Mar 2021 18:40:56 GMT

GET
H2 200 secure-remote-workforce-menu-promo-ad.jpg
www.checkpoint.com/wp-content/uploads/ 23 KB
24 KB 61ms
18ms Image
image/jpeg 2a02:26f0:7100:48d::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/secure-remote-workforce-menu-promo-ad.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:48d::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

90f6554b2da60680d0ae5d782146405c9e15bfe100853c9961c8d3514e7f3c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
last-modified: Mon, 21 Dec 2020 18:14:12 GMT
server: Akamai Image Manager
etag: "e67d-5b0293876a2c0"
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/jpeg
cache-control: private, no-transform, max-age=2082924
access-control-allow-credentials: true
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 23683
expires: Mon, 15 Mar 2021 18:13:39 GMT

GET
H2 200 zero-trust-security-352x332-1.jpg
www.checkpoint.com/wp-content/uploads/ 18 KB
19 KB 64ms
21ms Image
image/webp 2a02:26f0:7100:48d::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/zero-trust-security-352x332-1.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:48d::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f61fb0eefef9b5b0fd01cda1fdfc30d05fb4f8a7cfb8b65763361fde9ae100cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "91bd-59c32e5210e80"
x-serial: 973
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/webp
cache-control: private, no-transform, max-age=2082875
access-control-allow-credentials: true
last-modified: Mon, 21 Dec 2020 18:12:01 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 18870
expires: Mon, 15 Mar 2021 18:12:50 GMT

GET
H2 200 Support-Services-Nav-Featured-Image-180621.jpg
www.checkpoint.com/wp-content/uploads/ 23 KB
24 KB 67ms
24ms Image
image/jpeg 2a02:26f0:7100:48d::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/Support-Services-Nav-Featured-Image-180621.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:48d::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

5bff1396041d8c04b240f1d9fc415bbef6024f787d6948ff03e3985a04dcd0c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
last-modified: Mon, 21 Dec 2020 18:37:51 GMT
server: Akamai Image Manager
etag: "720e-592376894ebc0"
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/jpeg
cache-control: private, no-transform, max-age=2084445
access-control-allow-credentials: true
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 23865
expires: Mon, 15 Mar 2021 18:39:00 GMT

GET
H2 200 frank-rauch-megamenu-352x332.png
www.checkpoint.com/wp-content/uploads/ 11 KB
11 KB 32ms
30ms Image
image/webp 2a02:26f0:7100:48d::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/frank-rauch-megamenu-352x332.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:48d::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e94254d5bbf438f17a36a65b4aedddd782a277ea35cef0be097cc5bfce689877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "7932-592376894ebc0"
x-serial: 908
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/webp
cache-control: private, no-transform, max-age=2084928
access-control-allow-credentials: true
last-modified: Mon, 21 Dec 2020 18:45:26 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 11024
expires: Mon, 15 Mar 2021 18:47:03 GMT

GET
H2 200 Resources-Nav-Featured-Image-181212-1.jpg
www.checkpoint.com/wp-content/uploads/ 14 KB
14 KB 32ms
31ms Image
image/jpeg 2a02:26f0:7100:48d::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/Resources-Nav-Featured-Image-181212-1.jpg

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:48d::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9dbfd40b6e7fae7156b00f39e2e8fa6e750ade1afbad9b9a01680edf605a6d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
last-modified: Mon, 21 Dec 2020 18:23:31 GMT
server: Akamai Image Manager
etag: "62e0-59e7d66105400"
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/jpeg
cache-control: private, no-transform, max-age=2083649
access-control-allow-credentials: true
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 14299
expires: Mon, 15 Mar 2021 18:25:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 212 KB
61 KB 32ms
16ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85e1261124306a500f643ac1c5e69c188e0a4c116c330c97c76336fce099ec06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62302
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 15:38:15 GMT

GET
H2 200 under-attack.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 844 B
1 KB 32ms
31ms Image
image/webp 2a02:26f0:7100:48d::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/under-attack.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:48d::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

5d699e3cc81e47f8c549b9495aed516e4033cf97d3eca4c9fb93a9c73205acc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "c0c-59792ac1aa500"
x-serial: 1609
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/webp
cache-control: private, no-transform, max-age=2083799
access-control-allow-credentials: true
last-modified: Mon, 21 Dec 2020 18:24:24 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 844
expires: Mon, 15 Mar 2021 18:28:14 GMT

GET
H2 200 default-blog.jpg
blog.checkpoint.com/wp-content/themes/frontend/img/ 21 KB
21 KB 76ms
61ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/img/default-blog.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cc8778502a9cc9afbe6850d8c2f9857194ac0bec385df9b5e5ff4b0a7245bf1

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 67877
cf-polished: origSize=37570, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21637
cf-request-id: 085c8a231000002790ce0e8000000001
last-modified: Mon, 25 Mar 2019 17:15:24 GMT
server: cloudflare
etag: "5c990cac-92c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e4effa2790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 blog-promo-sunburst-infinity-soc-260x220-1.jpg
blog.checkpoint.com/wp-content/uploads/2021/02/ 25 KB
25 KB 58ms
43ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/uploads/2021/02/blog-promo-sunburst-infinity-soc-260x220-1.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab1748f07fe3570bcd377c20a4866b343e71f12089b88503c36fb25c83ec32e9

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 124628
cf-polished: origFmt=jpeg, origSize=29659
content-disposition: inline; filename="blog-promo-sunburst-infinity-soc-260x220-1.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25796
cf-request-id: 085c8a231100002790fd0ab000000001
last-modified: Tue, 02 Feb 2021 02:34:16 GMT
server: cloudflare
etag: "6018ba28-73db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e4effc2790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 SBM_Blog_260x220.jpg
blog.checkpoint.com/wp-content/uploads/2021/01/ 17 KB
17 KB 75ms
60ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/uploads/2021/01/SBM_Blog_260x220.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89986ee1be5100e5285a081f0439fe50b96cad37216762d9a015864a80b59df8

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 2142251
cf-polished: origFmt=jpeg, origSize=20585
content-disposition: inline; filename="SBM_Blog_260x220.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17500
cf-request-id: 085c8a231200002790ab09b000000001
last-modified: Fri, 08 Jan 2021 19:13:34 GMT
server: cloudflare
etag: "5ff8aede-5069"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e4e8032790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 IDC_MTM_blog_with_CTA.jpg
blog.checkpoint.com/wp-content/uploads/2020/09/ 19 KB
20 KB 87ms
72ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/uploads/2020/09/IDC_MTM_blog_with_CTA.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd69d6b72e0526da341e3d1011ab739da7d2ea274c799f18488860511b44809

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 124628
cf-polished: origFmt=jpeg, origSize=24284
content-disposition: inline; filename="IDC_MTM_blog_with_CTA.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19962
cf-request-id: 085c8a231200002790aa183000000001
last-modified: Thu, 10 Sep 2020 19:38:39 GMT
server: cloudflare
etag: "5f5a80bf-5edc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e4e8042790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 wfh-blog-2.jpg
blog.checkpoint.com/wp-content/uploads/2020/09/ 34 KB
34 KB 51ms
36ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/uploads/2020/09/wfh-blog-2.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8aaffdb6fd495c82977176b9267b8ff2c4fc68dafaa39cf9497d6ed3a5fd5c7

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 1955599
cf-polished: origFmt=jpeg, origSize=44884
content-disposition: inline; filename="wfh-blog-2.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34468
cf-request-id: 085c8a2312000027909700c000000001
last-modified: Wed, 09 Sep 2020 19:48:58 GMT
server: cloudflare
etag: "5f5931aa-af54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e4e8062790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 Maestro_300x250_white_05.jpg
blog.checkpoint.com/wp-content/uploads/2020/07/ 49 KB
49 KB 92ms
79ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/uploads/2020/07/Maestro_300x250_white_05.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4698c6c99f8c8bc6e1409eb09881084c69a2601138e4928c2b8d8c415e1769fa

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 287380
cf-polished: origFmt=jpeg, origSize=56259
content-disposition: inline; filename="Maestro_300x250_white_05.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49866
cf-request-id: 085c8a231300002790a9293000000001
last-modified: Mon, 13 Jul 2020 21:11:11 GMT
server: cloudflare
etag: "5f0ccdef-dbc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e4e8082790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 HARMONY_300X250_June_11.jpg
blog.checkpoint.com/wp-content/uploads/2020/06/ 38 KB
38 KB 76ms
63ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/uploads/2020/06/HARMONY_300X250_June_11.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e5ee83717cdbc8480b12e00ffc263a60399b462f88830636dbd495d47f6657

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 124628
cf-polished: origFmt=jpeg, origSize=40058
content-disposition: inline; filename="HARMONY_300X250_June_11.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38598
cf-request-id: 085c8a231300002790d2b31000000001
last-modified: Fri, 12 Jun 2020 22:26:17 GMT
server: cloudflare
etag: "5ee40109-9c7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e4e8092790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 quantum_blog_ad-1.jpg
blog.checkpoint.com/wp-content/uploads/2020/04/ 22 KB
22 KB 55ms
43ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/uploads/2020/04/quantum_blog_ad-1.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed2034e01f107a980852d8b55bd3056ee7ee09783640aa05f26160c8d115ced7

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 538151
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22531
cf-request-id: 085c8a231300002790f6911000000001
last-modified: Mon, 13 Apr 2020 21:46:48 GMT
server: cloudflare
etag: "5e94ddc8-5803"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e4e80a2790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 automate-security-260x260-1.jpg
blog.checkpoint.com/wp-content/uploads/2020/11/ 28 KB
28 KB 80ms
67ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/uploads/2020/11/automate-security-260x260-1.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0ca659d9d1c29eba4fe8e152947a6a0ba2d821a3cff62c71bd5c6ebd468e5e

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 2857302
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28403
cf-request-id: 085c8a2313000027908f02a000000001
last-modified: Mon, 16 Nov 2020 18:15:57 GMT
server: cloudflare
etag: "5fb2c1dd-6ef3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e4e80b2790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 footer.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/ 3 KB
862 B 41ms
40ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/js/footer.js?ver=5.6
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a0c19b0e6fa699ae972ca0a753028aba45cb5d1105aef74cb9c57192acd48be

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 31 May 2019 14:33:09 GMT
server: cloudflare
age: 2844239
etag: W/"5cf13b25-a4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e4af8a2790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a22e70000279095213000000001

GET
H2 200 particles.min.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/lib/ 23 KB
6 KB 41ms
41ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/js/lib/particles.min.js?ver=5.6
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 109265
etag: W/"5c990bee-5b44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e4af8e2790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a22e7000027900317c000000001

GET
H2 200 app.js Show response
blog.checkpoint.com/wp-content/themes/frontend/js/lib/ 2 KB
749 B 85ms
68ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/js/lib/app.js?ver=5.6
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4b05f12d91c9f8b7c3bec26e49d7889b53885ed1b08e317e626490cba2c2967

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 17:12:14 GMT
server: cloudflare
age: 2844239
etag: W/"5c990bee-7d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 624112e4eff52790-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 085c8a231200002790bc13f000000001

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 55ms
17ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66109913f2822c41c56c88299701fab6e98eacd1c10c2934fc96843e5ce5aad9

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2067
etag: W/"3f9cea746e7c44bbeb5e95be9fce4a67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 624112e50e1a1f29-FRA
cf-request-id: 085c8a232400001f2981a9c000000001
expires: Mon, 22 Feb 2021 15:38:15 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 105ms
31ms Script
application/javascript 104.84.56.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 19 Feb 2021 15:38:15 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 search.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 466 B
897 B 32ms
32ms Image
image/webp 2a02:26f0:7100:48d::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/search.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/wp-content/themes/frontend/css/cp-header.css?ver=2.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:48d::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

81cff4cdcbfd3a8ad9c582d403d5591b22d681d83bb75d8e69863ec47462e350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/wp-content/themes/frontend/css/cp-header.css?ver=2.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
last-modified: Mon, 21 Dec 2020 18:47:58 GMT
server: Akamai Image Manager
etag: "67a-59792ac1aa500"
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/webp
cache-control: private, no-transform, max-age=2084995
access-control-allow-credentials: true
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 466
expires: Mon, 15 Mar 2021 18:48:10 GMT

GET
H2 200 intl.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 664 B
1 KB 35ms
34ms Image
image/webp 2a02:26f0:7100:48d::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/intl.png

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/wp-content/themes/frontend/css/cp-header.css?ver=2.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:48d::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

75c13f824c8fb40e9d303e50bd762d11683fcfd4283b79b60cdd2229313f0096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/wp-content/themes/frontend/css/cp-header.css?ver=2.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
last-modified: Mon, 21 Dec 2020 17:58:00 GMT
server: Akamai Image Manager
etag: "84e-59792ac1aa500"
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/webp
cache-control: private, no-transform, max-age=2082076
access-control-allow-credentials: true
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 664
expires: Mon, 15 Mar 2021 17:59:31 GMT

GET
H2 200 blog-bg.jpg
blog.checkpoint.com/wp-content/themes/frontend/img/ 45 KB
45 KB 48ms
48ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/img/blog-bg.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/wp-content/themes/frontend/style.css?ver=1.24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f9e667632eb739b2d6b1bf57ee3ddb298e5358d11c613b571800247a90c371b

Request headers

Referer: https://blog.checkpoint.com/wp-content/themes/frontend/style.css?ver=1.24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 1376709
cf-polished: origFmt=jpeg, origSize=170731
content-disposition: inline; filename="blog-bg.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46050
cf-request-id: 085c8a23140000279095216000000001
last-modified: Mon, 25 Mar 2019 17:12:45 GMT
server: cloudflare
etag: "5c990c0d-29aeb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e4e80d2790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 34CA47_6_0.woff2
blog.checkpoint.com/wp-content/themes/frontend/fonts/ 58 KB
58 KB 63ms
62ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/fonts/34CA47_6_0.woff2
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/wp-content/themes/frontend/style.css?ver=1.24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc686423c26cb1030032fd7e4f2dd664c4b08517a8990c0b46269dd4e01910b

Request headers

Origin: https://blog.checkpoint.com
Referer: https://blog.checkpoint.com/wp-content/themes/frontend/style.css?ver=1.24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 378298
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59536
cf-request-id: 085c8a231f00002790af3bf000000001
last-modified: Mon, 10 Jun 2019 21:56:55 GMT
server: cloudflare
etag: "5cfed227-e890"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e4f8302790-PRG

GET
H2 200 fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 64 KB
64 KB 12ms
11ms Font
font/woff 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css?ver=3.3.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://blog.checkpoint.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css?ver=3.3.7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:44 GMT
etag: "1544639744"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 65464

GET
H2 200 Microservices_260X260.jpg
blog.checkpoint.com/wp-content/uploads/2021/02/ 35 KB
35 KB 37ms
36ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/uploads/2021/02/Microservices_260X260.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4878e729dc2835f5b32254c89119f5f2ac4340cd3a7ab095c8412698dce04a07

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 243403
cf-polished: origFmt=jpeg, origSize=40142
content-disposition: inline; filename="Microservices_260X260.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35650
cf-request-id: 085c8a24010000279097021000000001
last-modified: Tue, 16 Feb 2021 19:47:53 GMT
server: cloudflare
etag: "602c2169-9cce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e66b322790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 din.woff
blog.checkpoint.com/wp-content/themes/frontend/fonts/ 23 KB
23 KB 38ms
36ms Font
font/woff 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.checkpoint.com/wp-content/themes/frontend/fonts/din.woff
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/wp-content/themes/frontend/css/cp-header.css?ver=2.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dbe8985afa96651d09789d79f6c4f67ff6cfd4f894656e77074f16d78500ed4

Request headers

Origin: https://blog.checkpoint.com
Referer: https://blog.checkpoint.com/wp-content/themes/frontend/css/cp-header.css?ver=2.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 111
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23790
cf-request-id: 085c8a242500002790aa199000000001
last-modified: Mon, 25 Mar 2019 17:12:45 GMT
server: cloudflare
etag: "5c990c0d-5cee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e6abab2790-PRG

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 111ms
42ms Script
application/x-javascript 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: B402EDC6F7271ED7
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=12176
accept-ranges: bytes
content-length: 948
x-amz-id-2: 3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5e31d98cbedf7ed2/ 2 KB
726 B 260ms
257ms Script
application/javascript 104.84.56.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5e31d98cbedf7ed2/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 30581cee80fdc00a20dde03fe67c68d41453254863b15e9aefa09314eb342d2d

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
content-encoding: gzip
etag: 337578481--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 550

GET
H2 200 Blog-02F.jpg
blog.checkpoint.com/wp-content/uploads/2021/02/ 37 KB
37 KB 37ms
36ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/uploads/2021/02/Blog-02F.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2455aa253b20c1d28e86a79f778eebc1e05d932e907f16453539a7afb40beb02

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 879784
cf-polished: origFmt=jpeg, origSize=41596
content-disposition: inline; filename="Blog-02F.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37728
cf-request-id: 085c8a249f00002790fc26d000000001
last-modified: Tue, 09 Feb 2021 02:57:45 GMT
server: cloudflare
etag: "6021fa29-a27c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e76da72790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 xBlog-003.jpg
blog.checkpoint.com/wp-content/uploads/2021/02/ 16 KB
16 KB 51ms
51ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/uploads/2021/02/xBlog-003.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91978ba72d16832987d90ed791f916dd982d721e937be75ce30dce54b91b9e3d

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 283783
cf-polished: origFmt=jpeg, origSize=23990
content-disposition: inline; filename="xBlog-003.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16300
cf-request-id: 085c8a24a000002790d70af000000001
last-modified: Wed, 10 Feb 2021 03:18:06 GMT
server: cloudflare
etag: "6023506e-5db6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e76da92790-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 ProtectingOffice365_260x260.jpg
blog.checkpoint.com/wp-content/uploads/2020/06/ 23 KB
23 KB 52ms
52ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.checkpoint.com/wp-content/uploads/2020/06/ProtectingOffice365_260x260.jpg
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a4ba79e2aa276562cf5a6183e43b9ee7cbdd41ead98294a5ad8cf222e44337

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
cf-cache-status: HIT
age: 288041
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23500
cf-request-id: 085c8a24ae00002790d70b0000000001
last-modified: Mon, 15 Jun 2020 22:16:57 GMT
server: cloudflare
etag: "5ee7f359-5bcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 624112e76dab2790-PRG
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 15 KB
7 KB 110ms
37ms Script
application/javascript 23.37.35.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/6si.min.js
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.35.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-35-171.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7f072dbb779b20cea6866f3f8d398af9cafe418e7e038aa0702feddf741f040c

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 15:38:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 06:46:48 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6018f558-3ab9"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 6144

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6423
date: Fri, 19 Feb 2021 13:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Feb 2021 15:51:12 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 14ms
13ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-194688-3&cid=1293967176.1613749096&jid=800490340&gjid=1388399926&_gid=1900904943.1613749096&_u=YGBAgEABAAAAAE~&z=226013664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Feb 2021 15:38:15 GMT
content-type: text/plain
access-control-allow-origin: https://blog.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 35ms
18ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1714741684&t=pageview&_s=1&dl=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat%2F&ul=en-us&de=UTF-8&dt=December%202020%C3%A2%C2%80%C2%99s%20Most%20Wanted%20Malware%3A%20Emotet%20Returns%20as%20Top%20Malware%20Threat%20-%20Check%20Point%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=800490340&gjid=1388399926&cid=1293967176.1613749096&tid=UA-194688-3&_gid=1900904943.1613749096&gtm=2wg2a15JCRGP&z=768583458

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71810
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-194688-3&cid=1293967176.1613749096&jid=800490340&_u=YGBAgEABAAAAAE~&z=2019364175

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:38:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-194688-3&cid=1293967176.1613749096&jid=800490340&_u=YGBAgEABAAAAAE~&z=2019364175

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:38:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
375 B 114ms
34ms XHR
text/plain 23.37.35.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.35.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-35-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: df3c752702f2c1b250d8511352d7c4cb49716abad7428e56c11bbcedf73a20f8

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 15:38:15 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://blog.checkpoint.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
709 B 134ms
47ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 15:38:15 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.247:80
AN-X-Request-Uuid: 0b744f51-0226-40cc-b3a4-e7dc961c45f9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blog.checkpoint.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 31ms
31ms Script
application/javascript 104.84.56.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 19 Feb 2021 15:38:15 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

OPTIONS
H2 200 details
epsilon.6sense.com/v1/company/ Frame 0
0 107ms
31ms Other 18.158.85.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v1/company/details
Protocol: H2
Server: 18.158.85.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,epsiloncookie
Origin: https://blog.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Feb 2021 15:38:15 GMT
server: nginx/1.16.0
access-control-allow-origin: https://blog.checkpoint.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET
access-control-allow-headers: authorization,epsiloncookie

GET
H2 200 details Show response
epsilon.6sense.com/v1/company/ 557 B
548 B 97ms
34ms XHR
application/json 18.158.85.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v1/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.85.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 14c4c9cb53c7365492633c30c0e6df8a3e4112553dd6115f418c1764982b03eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Authorization: Token 87c67a7c5a9e9b4dd1824f6727ed4e43fadadde4
EpsilonCookie: 825e6cc1e06c000067db2f60a8020000473e0800

Response headers

date: Fri, 19 Feb 2021 15:38:16 GMT
content-encoding: gzip
server: nginx/1.16.0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://blog.checkpoint.com
access-control-allow-credentials: true
content-length: 356

GET
H/1.1 200
OK img.gif
b.6sc.co/ 43 B
774 B 298ms
225ms Image
image/gif 23.37.35.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=825e6cc1e06c000067db2f60a8020000473e0800&visitor=b43409ec-a31b-41fc-831b-147f2ddf2385&session=46dd95cd-faad-4d4a-8f3b-7cffa66f73d4&event=a_pageload&q=%7B%7D&isIframe=false&m=%7B%22description%22%3A%22Our%20latest%20Global%20Threat%20Index%20for%20December%202020%20has%20revealed%20that%20the%20Emotet%20trojan%20has%20returned%20to%20first%20place%20in%20the%20top%20malware%20list%2C%20impacting%207%25%20of%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20December%202020%E2%80%99s%20Most%20Wanted%20Malware%3A%20Emotet%20Returns%20as%20Top%20Malware%20Threat%20-%20Check%20Point%20Software%20%20%20%20%22%7D&cb=49095847&r=&thirdParty=%7B%7D&pageURL=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat%2F

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.37.35.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-35-171.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 15:38:16 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 19:02:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502962-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:7100:191::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:191::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 15:38:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=50725
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 34ms
34ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:16 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 56367
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1613749096.180832,VS0,VE0
x-served-by: cache-fra19183-FRA

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
128 B 13ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1714741684&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat%2F&ul=en-us&de=UTF-8&dt=December%202020%C3%A2%C2%80%C2%99s%20Most%20Wanted%20Malware%3A%20Emotet%20Returns%20as%20Top%20Malware%20Threat%20-%20Check%20Point%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6sense&ea=undefined&_u=aGDAAEABAAAAAG~&jid=1439059504&gjid=1484938841&cid=1293967176.1613749096&tid=UA-194688-3&_gid=1900904943.1613749096&_r=1&gtm=2wg2a15JCRGP&z=789406926

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:38:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 44ms
43ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 15:38:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: s5qYJELN5inFHLTdrykZPThz9kNvNXGeCsZbnIWmQJ4+yy9SQ80/ho0SkJh8Z17Q9Eo8Ee5vcTZKjZacYI5kxA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Feb 2021 15:38:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1613749096175&url=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D51830%26time%3D1613749096175%26url%3Dhttps%253A%252F%252Fblog.checkpoint.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1613749096175&url=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware...

0
100 B

1105ms
1105ms

Image
application/javascript

2620:119:50e4:101::6cae:b55
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1613749096175&url=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat%2F&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e4:101::6cae:b55 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:17 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: fb0u1kAwZRYA1ofi9ioAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: UkkzzkAwZRbwgLdcqyoAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: E4F54A25D8C84F4187921640252F9F8E Ref B: VIEEDGE2520 Ref C: 2021-02-19T15:38:16Z
date: Fri, 19 Feb 2021 15:38:16 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1613749096175&url=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat%2F&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
426 B 40ms
13ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-194688-3&cid=1293967176.1613749096&jid=1439059504&gjid=1484938841&_gid=1900904943.1613749096&_u=aGDAAEABAAAAAG~&z=1022937187

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Feb 2021 15:38:16 GMT
content-type: text/plain
access-control-allow-origin: https://blog.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1692853834349189 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1692853834349189?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

87376e5928e93425145583a4262b7b36b5636b718b222881f308c26ed0a56323

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70564
x-fb-rlafr: 0
pragma: public
x-fb-debug: +Z7sYJPI8AZOxF8f5HxepsLE2C7g7EqspfNkDk3zAodVXukzTagnXxPhfLo46BaQr5zI9qsJ7MY/0HIVfUafKA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Feb 2021 15:38:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 179862586
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
281 B 169ms
169ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nxi3o&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Fri, 19 Feb 2021 15:38:16 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: eebed065622fdd9d9d07fb56c2b6a3eb
x-transaction: 0039d0cb000192c3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
166 B 165ms
164ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nxi3o&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Fri, 19 Feb 2021 15:38:16 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 4e337fc20b510c2d79171168a8c7ded8
x-transaction: 0082e6f60069c8e9
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
6 KB 38ms
38ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 15:38:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sun, 30 May 2021 15:38:16 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 59ms
44ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-194688-3&cid=1293967176.1613749096&jid=1439059504&_u=aGDAAEABAAAAAG~&z=1348844904

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:38:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 61ms
46ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-194688-3&cid=1293967176.1613749096&jid=1439059504&_u=aGDAAEABAAAAAG~&z=1348844904

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:38:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
266 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1692853834349189&ev=PageView&dl=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat%2F&rl=&if=false&ts=1613749096288&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1613749096286.565330620&it=1613749096190&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 19 Feb 2021 15:38:16 GMT

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 /
www.facebook.com/tr/ 0
57 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryIn2aBTXId6adWcWq

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 19 Feb 2021 15:38:16 GMT
content-type: text/plain
access-control-allow-origin: https://blog.checkpoint.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 wxbvs5zxy7iy.js Show response
js.driftt.com/include/1613749200000/ 285 KB
81 KB 156ms
156ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1613749200000/wxbvs5zxy7iy.js

Requested by

Host: blog.checkpoint.com
URL: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a3a433e3ff2e83c89eca0b42cc23fe9a748e8030344e62345e25e5cfa726b179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: IGQfTHzaIAETuH7LJdY6TRnD2mR8sXcM
content-encoding: gzip
etag: W/"41c8c1658fc90656e888fd4975d1f7a1"
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 19 Feb 2021 14:30:44 GMT
server: nginx
date: Fri, 19 Feb 2021 15:38:21 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AE2uXgv0ZHHSNYb5kLr5p4uAb1N5xOQcrahzfhijYopXP0xDwdE1LA==

GET
H2 200 core Show response
js.driftt.com/ Frame 7992 3 KB
1 KB 148ms
147ms Document
text/html 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1613749200000/wxbvs5zxy7iy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

632378f8882b4deedc70304702931d082d30b27ffc870377215f682f693058fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Response headers

content-type: text/html; charset=utf-8
date: Fri, 19 Feb 2021 15:38:21 GMT
server: nginx
last-modified: Fri, 19 Feb 2021 14:30:34 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: o8gc9m2eszOd_peRum2oCtYOI.m2H5ZQ
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
content-encoding: gzip
etag: W/"a377553bd6dd6f7c56c0742934c5de80"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: WAVbanUlvYKq-1NSPmpHRiSJ5VINz-rF_oSd05u014DzMMNbFtqJ5Q==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 570D 3 KB
1 KB 350ms
349ms Document
text/html 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1613749200000/wxbvs5zxy7iy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

632378f8882b4deedc70304702931d082d30b27ffc870377215f682f693058fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 19 Feb 2021 14:30:34 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: o8gc9m2eszOd_peRum2oCtYOI.m2H5ZQ
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 19 Feb 2021 15:38:21 GMT
cache-control: no-cache
etag: W/"a377553bd6dd6f7c56c0742934c5de80"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 7wJVimuoSgI6bnvye2Ua70RZz35eq9Xi3W5nI74nrQyI8fOor3g1mA==

GET
H2 200 runtime~main.b9f2898b.js Show response
js.driftt.com/core/assets/js/ Frame 7992 5 KB
3 KB 34ms
31ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

434fe19dba6251d8b3eda363d42573d066814efa8069a2813bceb09cb93b7cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 18:02:07 GMT
content-encoding: gzip
age: 77774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 18 Feb 2021 16:40:14 GMT
server: nginx
etag: W/"902f94b131027e46b0d49e855b1e19e5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FDhm.cTe_61licKvxszdrjAdhK4Bfh66
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -g59rBJxC1LuURvcVKQrsquHyK6lRVOJsqLwiLoFpVi3r25LH5yO0A==

GET
H2 200 38.feef3c6b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 40 KB
12 KB 34ms
31ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

af8a20e6bd6c6de708d7aeffdd3afab1a47a00f91b53618d246cdb73410f147c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 3869940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"8a244bcbbb9c80ac041e954050101a6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EAw81v5LGEPk3kMeMMkNwSH0mzXiiQxP
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aFh9nrvLY7aYq1Ma58kHgEjbDY8M6hPe6wE0EYkqWUjY7po3DFsYEQ==

GET
H2 200 22.c3832689.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 42 KB
12 KB 34ms
31ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.c3832689.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d5dd51858c25c8f35b6d808746ec3c11750d0b6796b607cf720fa3c86d6e1bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:20:27 GMT
content-encoding: gzip
age: 1174674
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:45 GMT
server: nginx
etag: W/"2b69413df831a59bc270b140595f3bee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iMEU9wUKynYc7wphCZL7mwA6w7CPcuFS
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KlHHh3CEs8H_9WrUfmc5eGG63ZzRtLld2GLfFtQ27vEUt8P2cBzZTA==

GET
H2 200 13.a9247e5d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 70 KB
21 KB 34ms
31ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.a9247e5d.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a46a8c9098978eb78708da11a88cf5b7d8f3d691c499aa23a56938beebed5adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 03:47:32 GMT
content-encoding: gzip
age: 1857049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Jan 2021 22:54:33 GMT
server: nginx
etag: W/"905ca25975ecfcc9b76946365bc9cd59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VuhVz5c7IL2_3PBsS5Fx124ohSHZgK7i
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o5tbjFbs2b8s9hbNrYaALlPr2GOLq3_m1-ZUOrpKN20xgFNubnBnwA==

GET
H2 200 29.69384517.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 48 KB
15 KB 37ms
33ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.69384517.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

70bedf6699398da0f7fa3be459809c0701fe7de1de2e4fff0718be5f65600db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:30:19 GMT
content-encoding: gzip
age: 1174082
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:45 GMT
server: nginx
etag: W/"a4be40481b3d6f225b9f914e9d1e2d0f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: stuRfcIcwvNZqy8u880991iTue6.9S3G
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BFqHDo_ynd_4jqhfWK2rjntFFLfY9IvzhcdbrUCnr9dxkZYzxx9ibw==

GET
H2 200 12.8c7dd5ee.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 29 KB
8 KB 37ms
34ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.8c7dd5ee.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7f5c6e767ba72fae587de73bc9e9ebaf14a949042332953f90662c784c007809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 02:32:54 GMT
content-encoding: gzip
age: 5317527
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 19:28:56 GMT
server: nginx
etag: W/"0c6be271de03c613b6960dfc110e6734"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fkwP.MyvV55CD0Yn65OIykQI.uiiY8AV
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3yTi2-IgP7fWKN5TlVgxpaCfP3f3_JT-od1h_IJL_p5FeDjRo3Mk3Q==

GET
H2 200 15.ba891359.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 39 KB
10 KB 37ms
33ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.ba891359.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2d3474f74f49ea05fe008ac0707fa6e2f3adba2b990b5c46d61f3a465023eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 02 Jan 2021 19:05:12 GMT
content-encoding: gzip
age: 4134789
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Dec 2020 20:31:28 GMT
server: nginx
etag: W/"c35bc9563c8d6e811ec2f39f529dc431"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ft1RZzs2RlELxQVxEKi_iVLKgdyfxiQI
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H1Ju0cpr-Ix0gg7WvKkadnTWBcxj02qeLXG6J7Skddz0qJiw4aW4AA==

GET
H2 200 35.9da4441f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 52 KB
18 KB 44ms
40ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.9da4441f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2a0dcc78da2fbb1fcfe754652282ee9e51a1e8b8dd2f1164ccd38ba23ea7d789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 3869940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"9abfc23518ff7d358e25cade17a2d86e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _lbAnh63N8Vikh80Sq4Nw1aKPaognb75
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rByOQMopfS2DZBzkK-7D6HLib3aOgpmh4ir1qTR6Lzb9edAyPNh_ig==

GET
H2 200 33.6dcbce8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 24 KB
10 KB 44ms
41ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.6dcbce8f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1a613cec529d335c4758874a4b8249ddf6921d238969f33ac58289dddada5388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 3869940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"95f111c83ae06bebf035d1b81b96b8c8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: CIH6MZsH0cUT9Za5GWuXvAlyqbVcYkhn
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u-50wwYETnz-cVenG9VrZt6VlZV3Z7u4qfShko3VsoFBrQalB02zTQ==

GET
H2 200 8.b94e6c9f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 60 KB
21 KB 44ms
41ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.b94e6c9f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cae6601eec3262f0496682bc1cced8b0fabc8636c4645562c4952a81d02c5283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 04:30:42 GMT
content-encoding: gzip
age: 5224059
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 19:28:57 GMT
server: nginx
etag: W/"367141ca772a2b6bf33a53efb589a530"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tOaT9q.bYa0NDfeX00pCfIUE0OBq0zVu
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u3EyQFhKQ0XJDxnGDJyfmKCKwKo0ZCrEVc8ASDHyuasg8s89t2bzcA==

GET
H2 200 main~493df0b3.b9402cb4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 20 KB
7 KB 51ms
48ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.b9402cb4.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1cd351f07deee99fcd89ece5c143f930e79faf83eb0111ef9b0ac1492e288277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 22:16:23 GMT
content-encoding: gzip
age: 235318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 16 Feb 2021 21:33:15 GMT
server: nginx
etag: W/"c0bae371615a8842bc97f3f4f26f1a1e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: G56f3Sl0CWNba70DI4sS89QRWddGg3Eb
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9yjbN1AmNqCOmYxxoEhf7yrrz1GkEpEg2sJ5Zs07L0QgmICKOg-NJA==

GET
H2 200 main~970f9218.c912c1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 55 KB
15 KB 52ms
49ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.c912c1f6.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9592fbb76544dd3b7449d3ad39a9d1b691584b14675e2325de7392205b7dc365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 21:16:39 GMT
content-encoding: gzip
age: 152502
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Feb 2021 21:05:36 GMT
server: nginx
etag: W/"f047b4a5076660d97fd87c814f065760"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ok8xN1FuIPD0pJESuPOSMcidmkp5LF_O
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kQJp_CKSH4LrHin8shd7-F2ryq2yBWlQ5u5BdrjhnP1VXA2ydv1dmQ==

GET
H2 200 main~89e24786.3ed88b02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 60 KB
16 KB 52ms
49ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.3ed88b02.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

561bd9c53c0cd183e39118e06a10dd7676276fab2c45cfa9175b9c6ab0e2fc32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 14:41:12 GMT
content-encoding: gzip
age: 262629
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 16 Feb 2021 14:19:45 GMT
server: nginx
etag: W/"9146f31f8d36dd8820691612fb19bc03"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XN.3GU5xJ71KodVRZo3vXFLYAq9wqZyn
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9ZABEdjY3e72IkCq6sS6gYALNaa_mz9G_BAYB6ZGUqMQ1aJYUT_lrQ==

GET
H2 200 main~53ca99a6.78b27197.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 26 KB
9 KB 53ms
50ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.78b27197.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

231496e6ecc9c041e3dba03fc970d30ce4ac42eedb2531d77e32f4aca2240d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:30:34 GMT
content-encoding: gzip
age: 4067
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 19 Feb 2021 14:18:50 GMT
server: nginx
etag: W/"a8e5a2ef51eddbfbe26e7131cefcd908"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9vd3oNSGQFjtCi6jhhAdj2JLKKy0HqEa
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GrEKy8vfZ135fPbApdsLFwtbFgVau-60PSmKgzXRjag4UF3WOi8REw==

GET
H2 200 36.56cefaf3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 6 KB
3 KB 31ms
30ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.56cefaf3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e9f1723d153401796dcde6f2d1fbf9a6e2181ac7e94049fc88126fbff1abd38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 3869940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"199a90762d66f2a85b69771e3ad0d5d5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2wmc_g1sJQm0RiJ0g19HCc8BGtWoHqOS
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xzngUAg9LpqR4Yv2_DjMTdP3ElyjNt_UIyP-KE563P6hGaFdt0BpXA==

GET
H2 200 34.fe729046.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 107 KB
34 KB 31ms
30ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.fe729046.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ff04dd81bb93731c0d1f8e7d384b370f26b93f4352980404fcdc4518e386bedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 07:29:10 GMT
content-encoding: gzip
age: 1584551
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 18:47:31 GMT
server: nginx
etag: W/"b75bf38c8eee61f620998bf4e506f0a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sSsGb8qv3FA_x9pHEEYoEYgTo0k7yLWg
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XImzbX4QeyRth2FW3byT1tiHi8FQy9uzZ_kNLlRTivGuTOdDp6xm0g==

GET
H2 200 26.91e0f92d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 27 KB
9 KB 37ms
33ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.91e0f92d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

457b4bd3410faf074da387900f87abc1e845269e857219560bce3ead8260d103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 03:20:04 GMT
content-encoding: gzip
age: 1081097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:45 GMT
server: nginx
etag: W/"2203aa06cd7f5410d671168ef758e8ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OoaWZm1JNNF5o1d9m91mF5z6Xw28aaWQ
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: R7S_UQj-AVOa2KfoTxlnn1dB9i8wj1kDl0HBqWWWJYswvysskGBriQ==

GET
H2 200 32.b2022ac6.chunk.css
js.driftt.com/core/assets/css/ Frame 7992 2 KB
1 KB 33ms
32ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.b2022ac6.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c971a32a3759287ab329ba60bb25cb1624df30a4e1d903e8180a069f1a96a016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 3869939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:37 GMT
server: nginx
etag: W/"b5b5d5cae0f45626369bc74509ca521b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _D60totf6sad7py_p3H3ihc_oeGiPAfP
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8QQIQYQJfRlAWGtNMS9aUkkz8Pd9fWQFiOFRwLjBFbeLDMhLKfxjDQ==

GET
H2 200 32.006d9a64.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 5 KB
2 KB 35ms
34ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.006d9a64.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3a20dd690bb8b873e65040ac190e289a3c2d6c4debee865f4619f306cf2c9544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 18:20:29 GMT
content-encoding: gzip
age: 767872
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 10 Feb 2021 16:07:16 GMT
server: nginx
etag: W/"e75834d1c478af776c281151aa135393"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: aAyVtfRdt4J4u0lrxoSzzhFObOhQBbOZ
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DZ4aGOtCn3uXIDMbmV4s_TEqT2MkK3yrv2QE0-gp2iRDZR7FbH3O2g==

GET
H2 200 runtime~main.b9f2898b.js Show response
js.driftt.com/core/assets/js/ Frame 570D 5 KB
3 KB 33ms
30ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

434fe19dba6251d8b3eda363d42573d066814efa8069a2813bceb09cb93b7cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 18:02:07 GMT
content-encoding: gzip
age: 77774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 18 Feb 2021 16:40:14 GMT
server: nginx
etag: W/"902f94b131027e46b0d49e855b1e19e5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FDhm.cTe_61licKvxszdrjAdhK4Bfh66
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N6nJBuFnLhLizXVbMW2xqyH_T0hkQshOt_VPp9AScYePlXiSb-UuKQ==

GET
H2 200 38.feef3c6b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 40 KB
12 KB 35ms
25ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

af8a20e6bd6c6de708d7aeffdd3afab1a47a00f91b53618d246cdb73410f147c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 3869940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"8a244bcbbb9c80ac041e954050101a6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EAw81v5LGEPk3kMeMMkNwSH0mzXiiQxP
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PZesTxs1wHj0co16KUtJcImbkbqK0a6e3ZD6RxSfaLjtXu9Sj4hbZQ==

GET
H2 200 22.c3832689.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 42 KB
12 KB 34ms
25ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.c3832689.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d5dd51858c25c8f35b6d808746ec3c11750d0b6796b607cf720fa3c86d6e1bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:20:27 GMT
content-encoding: gzip
age: 1174674
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:45 GMT
server: nginx
etag: W/"2b69413df831a59bc270b140595f3bee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iMEU9wUKynYc7wphCZL7mwA6w7CPcuFS
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: brJwVOrUVWE04UAXpEslo90mS6e7i0tZfniOsbxIMin5Fl00wB4SmQ==

GET
H2 200 13.a9247e5d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 70 KB
21 KB 40ms
30ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.a9247e5d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a46a8c9098978eb78708da11a88cf5b7d8f3d691c499aa23a56938beebed5adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 03:47:32 GMT
content-encoding: gzip
age: 1857049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Jan 2021 22:54:33 GMT
server: nginx
etag: W/"905ca25975ecfcc9b76946365bc9cd59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VuhVz5c7IL2_3PBsS5Fx124ohSHZgK7i
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Wgbelxy7sAl_50IbyKeuO8Bf4ItwGNIMJkWm4GaEAPF9elC1fhvYJQ==

GET
H2 200 29.69384517.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 48 KB
15 KB 40ms
30ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.69384517.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

70bedf6699398da0f7fa3be459809c0701fe7de1de2e4fff0718be5f65600db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:30:19 GMT
content-encoding: gzip
age: 1174082
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:45 GMT
server: nginx
etag: W/"a4be40481b3d6f225b9f914e9d1e2d0f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: stuRfcIcwvNZqy8u880991iTue6.9S3G
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Mi7RgNjo8iB7SB-ZM51Xu8GdmDdV2oHI9DzmPwf1b95JkHwX0CMwwg==

GET
H2 200 12.8c7dd5ee.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 29 KB
8 KB 40ms
30ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.8c7dd5ee.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7f5c6e767ba72fae587de73bc9e9ebaf14a949042332953f90662c784c007809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 02:32:54 GMT
content-encoding: gzip
age: 5317527
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 19:28:56 GMT
server: nginx
etag: W/"0c6be271de03c613b6960dfc110e6734"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fkwP.MyvV55CD0Yn65OIykQI.uiiY8AV
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D6VthFeute3nQNfuyXr8TzH1ZR3Qrhdqm8Sv2qYoEh1kr_e3LJCdBg==

GET
H2 200 15.ba891359.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 39 KB
10 KB 41ms
31ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.ba891359.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2d3474f74f49ea05fe008ac0707fa6e2f3adba2b990b5c46d61f3a465023eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 02 Jan 2021 19:05:12 GMT
content-encoding: gzip
age: 4134789
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Dec 2020 20:31:28 GMT
server: nginx
etag: W/"c35bc9563c8d6e811ec2f39f529dc431"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ft1RZzs2RlELxQVxEKi_iVLKgdyfxiQI
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NJJKeZVHfw4_iv7kshtf53m0R-c-8Re8-gUDt4L9u708aYN8htqRXg==

GET
H2 200 35.9da4441f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 52 KB
18 KB 35ms
32ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.9da4441f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2a0dcc78da2fbb1fcfe754652282ee9e51a1e8b8dd2f1164ccd38ba23ea7d789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 3869940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"9abfc23518ff7d358e25cade17a2d86e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _lbAnh63N8Vikh80Sq4Nw1aKPaognb75
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Y1sixktrTngVQtXBW-iSioHJca3aj-Uj-pHhtQVbJEpblmOmbZBv9Q==

GET
H2 200 33.6dcbce8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 24 KB
10 KB 35ms
32ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.6dcbce8f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1a613cec529d335c4758874a4b8249ddf6921d238969f33ac58289dddada5388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 3869940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"95f111c83ae06bebf035d1b81b96b8c8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: CIH6MZsH0cUT9Za5GWuXvAlyqbVcYkhn
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t-TE4K_ZyMtHQHLGxaKk7HXfS3BAY4aKvqiroMI_wcqI2evD7zV3ng==

GET
H2 200 8.b94e6c9f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 60 KB
21 KB 35ms
33ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.b94e6c9f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cae6601eec3262f0496682bc1cced8b0fabc8636c4645562c4952a81d02c5283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 04:30:42 GMT
content-encoding: gzip
age: 5224059
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 19:28:57 GMT
server: nginx
etag: W/"367141ca772a2b6bf33a53efb589a530"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tOaT9q.bYa0NDfeX00pCfIUE0OBq0zVu
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7T4EpQ7Jic2XXye4lgIJpwXh8Xiz1ElVDk7yx0KsM6cOg1kMzqMhgg==

GET
H2 200 main~493df0b3.b9402cb4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 20 KB
7 KB 35ms
33ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.b9402cb4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1cd351f07deee99fcd89ece5c143f930e79faf83eb0111ef9b0ac1492e288277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 22:16:23 GMT
content-encoding: gzip
age: 235318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 16 Feb 2021 21:33:15 GMT
server: nginx
etag: W/"c0bae371615a8842bc97f3f4f26f1a1e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: G56f3Sl0CWNba70DI4sS89QRWddGg3Eb
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LcSLv7uWmb_MOJZTHI-W6a3nV7oBz12Cw52JSQEGnscEelB-12x-Gw==

GET
H2 200 main~970f9218.c912c1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 55 KB
15 KB 56ms
54ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.c912c1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9592fbb76544dd3b7449d3ad39a9d1b691584b14675e2325de7392205b7dc365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 21:16:39 GMT
content-encoding: gzip
age: 152502
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Feb 2021 21:05:36 GMT
server: nginx
etag: W/"f047b4a5076660d97fd87c814f065760"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ok8xN1FuIPD0pJESuPOSMcidmkp5LF_O
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3l9I9ZmC1M24M9PW9BxMmFnDbE19cEzWFrGvOfIpDuNV-eMoTjXIfA==

GET
H2 200 main~89e24786.3ed88b02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 60 KB
16 KB 57ms
55ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.3ed88b02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

561bd9c53c0cd183e39118e06a10dd7676276fab2c45cfa9175b9c6ab0e2fc32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 14:41:12 GMT
content-encoding: gzip
age: 262629
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 16 Feb 2021 14:19:45 GMT
server: nginx
etag: W/"9146f31f8d36dd8820691612fb19bc03"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XN.3GU5xJ71KodVRZo3vXFLYAq9wqZyn
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OX0eug7lBzsoV6zguDhuSa9z8j9GEDt3tz8AvKqRKfCk_0O7VmOQqQ==

GET
H2 200 main~53ca99a6.78b27197.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 26 KB
9 KB 57ms
55ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.78b27197.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

231496e6ecc9c041e3dba03fc970d30ce4ac42eedb2531d77e32f4aca2240d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:30:34 GMT
content-encoding: gzip
age: 4067
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 19 Feb 2021 14:18:50 GMT
server: nginx
etag: W/"a8e5a2ef51eddbfbe26e7131cefcd908"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9vd3oNSGQFjtCi6jhhAdj2JLKKy0HqEa
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bzWGv1Oa2yn2CTShll32ByrzTkJL5DLyRKE3d48A_boZTEAPO1ohxA==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 17 KB
6 KB 43ms
31ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 17:42:08 GMT
content-encoding: gzip
age: 2930173
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 15 Jan 2021 19:56:33 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: r97FBKq4A2eeWAaHI7VPTagYqB2DAcb2
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vSsheyBsGoZewX2hSfcIrgIWFVYpA42LvVnm3Lf9o9QiEvww_gbquA==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 68 KB
20 KB 40ms
31ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 01:42:14 GMT
content-encoding: gzip
age: 5493367
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 17 Dec 2020 20:31:46 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .sPeXfLK_8JEbD_qGWPgYOc4wzXvt6Lj
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bRQJdRn5akucoMQrjmaTLMYDludyAIBtVqvBZyJlFtYi1CRGCn_F7g==

GET
H2 200 28.f9670e37.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 42 KB
12 KB 40ms
32ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.f9670e37.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

45fe1a3f8f9f78ac64a025b533edd3296325b88ac638c78e23836e85414cb66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 21:16:40 GMT
content-encoding: gzip
age: 152501
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Feb 2021 21:05:34 GMT
server: nginx
etag: W/"f180a9c22af2d95df2ffc6944369b038"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IA1L1yp0sXLW7dRNSZ.4dN8OwTXpaNlP
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vGjiNRnDFvDjih1VK45icUccoPcbNWexPhwEyBDtGN7dQZsj95mxcQ==

GET
H2 200 2.497d9c43.chunk.css
js.driftt.com/core/assets/css/ Frame 7992 1 KB
1 KB 37ms
29ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.497d9c43.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9066c399df39fc448ea3597ef0b67e9f987a58d466b3dd3a61b1d505e18516eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 20:43:55 GMT
content-encoding: gzip
age: 6029666
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 11 Dec 2020 20:38:09 GMT
server: nginx
etag: W/"53a4a9c8842e24b41fd0229969b6d146"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ci7FvwCbkXnjWoCgl2UCI.a_wtnefPsY
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -E43YLSsklTQFwXYsez_qURUsRrI_txjYsgSjVIJUSODPz8Gd5O1Gg==

GET
H2 200 2.09b98f9c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 27 KB
10 KB 40ms
32ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.09b98f9c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ffad15e5be7fe37aad70f67d7e36756dbf7a13823b219fc82413cd11d5c805c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 18:20:29 GMT
content-encoding: gzip
age: 767872
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 10 Feb 2021 16:07:16 GMT
server: nginx
etag: W/"9c1e373b75f3d932714784f60a9083db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: lAKXdL4ZIJYFL0gXhoCjre_TqV1fE_J8
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kYbI27_Jhxwt_gdr97vx181_vzUy-I2aQgTQO6FOoO-PSNMPhXVHOg==

GET
H2 200 25.02e62d23.chunk.css
js.driftt.com/core/assets/css/ Frame 7992 8 KB
2 KB 38ms
30ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.02e62d23.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

475dbccf84ca50f8d13df95ef5a85c58198fd65fefa481850453de7feb2d4bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 14:58:50 GMT
content-encoding: gzip
age: 88771
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 18 Feb 2021 14:27:58 GMT
server: nginx
etag: W/"4a7ea3158114815c3ce4a439e64bb20f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KU6XFS_YxAtnBlsAldU1clPlI0WqvkeV
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N5afG4NFv-YTBFYdl9Fb7KAF44NRqVRAIwY93j_GORVUzlmTauui2g==

GET
H2 200 25.f8056011.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 65 KB
19 KB 38ms
32ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.f8056011.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

905939e10c5d4c4c3c5440d21a821e33b07c54fbaa39b3fc45bcf26d0bee56ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 18:02:08 GMT
content-encoding: gzip
age: 77773
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 18 Feb 2021 16:40:13 GMT
server: nginx
etag: W/"fbc4e4c9fcbac43c65fdf910900b131b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tIchTn1UNd8eNjE19BmHcnmxucedJevR
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SRDc0xV8PrFI4nQIpQ5LqnqR_qPy6uKZaOReyPvnzqyniOEb0zBLiw==

GET
H2 200 36.56cefaf3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 6 KB
3 KB 32ms
30ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.56cefaf3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e9f1723d153401796dcde6f2d1fbf9a6e2181ac7e94049fc88126fbff1abd38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 3869940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"199a90762d66f2a85b69771e3ad0d5d5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2wmc_g1sJQm0RiJ0g19HCc8BGtWoHqOS
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tTnEm-GovJxpfnI5i5JTjngeumDJzyx6vA-GZaFO2SrA73RRoou3_w==

GET
H2 200 34.fe729046.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 107 KB
34 KB 41ms
39ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.fe729046.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ff04dd81bb93731c0d1f8e7d384b370f26b93f4352980404fcdc4518e386bedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 07:29:10 GMT
content-encoding: gzip
age: 1584551
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 18:47:31 GMT
server: nginx
etag: W/"b75bf38c8eee61f620998bf4e506f0a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sSsGb8qv3FA_x9pHEEYoEYgTo0k7yLWg
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5I-u6bxPeUwuRDkCDgp7Un7GtuVvUmClTvYh9qO1UF2llrD95n3W8Q==

GET
H2 200 26.91e0f92d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 27 KB
9 KB 41ms
39ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.91e0f92d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

457b4bd3410faf074da387900f87abc1e845269e857219560bce3ead8260d103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 03:20:04 GMT
content-encoding: gzip
age: 1081097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:45 GMT
server: nginx
etag: W/"2203aa06cd7f5410d671168ef758e8ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OoaWZm1JNNF5o1d9m91mF5z6Xw28aaWQ
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bmuv8xHBRRN21OAh3-BdQYCsE6q0kRYVxZluiziZTvbIDJouXdSA4Q==

GET
H2 200 32.b2022ac6.chunk.css
js.driftt.com/core/assets/css/ Frame 570D 2 KB
1 KB 41ms
39ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.b2022ac6.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c971a32a3759287ab329ba60bb25cb1624df30a4e1d903e8180a069f1a96a016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 3869939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:37 GMT
server: nginx
etag: W/"b5b5d5cae0f45626369bc74509ca521b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _D60totf6sad7py_p3H3ihc_oeGiPAfP
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kSohG32vxkxsswW0kdMwnqrK-7v5sQq7aBBYR40Mh6aOHdkOjwDahA==

GET
H2 200 32.006d9a64.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 5 KB
2 KB 41ms
39ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.006d9a64.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3a20dd690bb8b873e65040ac190e289a3c2d6c4debee865f4619f306cf2c9544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 18:20:29 GMT
content-encoding: gzip
age: 767872
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 10 Feb 2021 16:07:16 GMT
server: nginx
etag: W/"e75834d1c478af776c281151aa135393"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: aAyVtfRdt4J4u0lrxoSzzhFObOhQBbOZ
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k6sQgrL-dPdyVysRZfdsfqCu8EcgmFjfU8UIOh2IdsstsCfn-m6nFA==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 17 KB
6 KB 31ms
31ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 17:42:08 GMT
content-encoding: gzip
age: 2930174
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 15 Jan 2021 19:56:33 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: r97FBKq4A2eeWAaHI7VPTagYqB2DAcb2
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oUkjnnX534VrSmvGB2n_dfz1qmQrp9PtSczgDFrT1TAaq7Tp9xtFrw==

GET
H2 200 31.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame 570D 6 KB
1 KB 32ms
31ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/31.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:22 GMT
content-encoding: gzip
age: 3869940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:37 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 00kBpqQtpAQR0DNNTAtG8Mhq_GZzu4Yi
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uWFhBLC_Gr2rcoIZsDnPVXG_z1ZQvJYs2My9paH0xljd8jPlZbi_bg==

GET
H2 200 31.097eee16.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 2 KB
2 KB 33ms
32ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/31.097eee16.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7cc5de02e755067bd3c580c61e3cbe314b42aad5fc2e1a8219a22020048c8caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 02:53:32 GMT
content-encoding: gzip
age: 1169090
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:45 GMT
server: nginx
etag: W/"3812ca4c1f28ecca4240842e05a0c358"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oAFdKDj5aLNhNSbXlzF8QvviPtLEBFZ2
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GeAnvfi1TwxNv_NmNyzLX3LlpMaZzo95e6AcKF0J8vLmJdagDXEYTw==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 68 KB
20 KB 32ms
30ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 01:42:14 GMT
content-encoding: gzip
age: 5493368
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 17 Dec 2020 20:31:46 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .sPeXfLK_8JEbD_qGWPgYOc4wzXvt6Lj
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0PD7fc66ICKr7mXCN7MXDIFhklJNfcxY2AL9MSwW6mlln-kQZxyjWw==

GET
H2 200 24.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 570D 7 KB
2 KB 32ms
30ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/24.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 00:46:24 GMT
content-encoding: gzip
age: 1003918
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:43 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1aSTl_6gyhge2weRQRNW6xkjw517PNux
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HZ8u0Vdilb1OBHzHVJT_UtR1d5NtS1mPqVECJzc3KO9tjYGhh4wXMA==

GET
H2 200 24.d1e2ba0d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 38 KB
13 KB 32ms
30ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.d1e2ba0d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8509f8b66ce83784c82b29f557979cee1cdeafcfa4ea5b43e6301700ac1d6332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 07:52:15 GMT
content-encoding: gzip
age: 1842367
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 21 Jan 2021 17:01:10 GMT
server: nginx
etag: W/"f2a5c91c1591ed94eeaed7fae317b092"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2AQjxf3nt1nSuxCXbjxVOHBQYs0oqO4g
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QMRDFtVodISzXC7jPNR31fVrujOM9_M5kKWMWTfzb2LvnGCmPjinpQ==

GET
H2 200 20.ec5afb3b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 50 KB
14 KB 33ms
30ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.ec5afb3b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

16bab25394f47e60db69b3a75ace1574b150a268353e17096619ba5ba96e208d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 20:00:58 GMT
content-encoding: gzip
age: 3181044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 13 Jan 2021 19:29:18 GMT
server: nginx
etag: W/"3cd2b5a6bcf9f406aacdee5be662461f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5Cxdr4cExuwQig2nmOEPkyzUenAOM_vh
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8g44cpZsBzfg5Eyb0ZUN5iMNJYBFoGfAE7Duq2CwCu2rm6A_xzIWWw==

GET
H2 200 2.497d9c43.chunk.css
js.driftt.com/core/assets/css/ Frame 570D 1 KB
1 KB 33ms
30ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.497d9c43.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9066c399df39fc448ea3597ef0b67e9f987a58d466b3dd3a61b1d505e18516eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 20:43:55 GMT
content-encoding: gzip
age: 6029667
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 11 Dec 2020 20:38:09 GMT
server: nginx
etag: W/"53a4a9c8842e24b41fd0229969b6d146"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ci7FvwCbkXnjWoCgl2UCI.a_wtnefPsY
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z-bv8KT0rz-CN6mot4wB-gHsTvXo18FUiRYtoXH4InMt9FImhDhg0A==

GET
H2 200 2.09b98f9c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 27 KB
10 KB 35ms
32ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.09b98f9c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ffad15e5be7fe37aad70f67d7e36756dbf7a13823b219fc82413cd11d5c805c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 18:20:29 GMT
content-encoding: gzip
age: 767873
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 10 Feb 2021 16:07:16 GMT
server: nginx
etag: W/"9c1e373b75f3d932714784f60a9083db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: lAKXdL4ZIJYFL0gXhoCjre_TqV1fE_J8
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v2lpGF13NDh30yrxtITZsB1mkeFhFoZqMDlj9vyaFeqbNoIFF0pD6w==

GET
H2 200 23.401111da.chunk.css
js.driftt.com/core/assets/css/ Frame 570D 11 KB
3 KB 34ms
31ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/23.401111da.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

21a7fd6ffd2b55bfa0ccf4acfd4d9cc37e78151ce5cb9e65b2d665baafab02af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 21:31:49 GMT
content-encoding: gzip
age: 583593
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 12 Feb 2021 20:45:19 GMT
server: nginx
etag: W/"fd9003fd2c8558fd680914f594d24a3c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iZ_edPNL4zjllLQDBErmUJN6_5HVa15E
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rLpaptR0cBPA8GZtIN-x9ETQOu8gORGpU6CnveGKQtiRzFdaAF2FHA==

GET
H2 200 23.fbdaee67.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 18 KB
7 KB 37ms
31ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.fbdaee67.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0486c39e353bf2ff557435db02cf4cfc83122e6831164d21c7ca0d28d82f0ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 22:16:23 GMT
content-encoding: gzip
age: 235319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 16 Feb 2021 21:33:14 GMT
server: nginx
etag: W/"ef7e6eda4aed07e10a9c8eb60a9a7c3f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 64Pddf4_k6UTVg8MFleZRvuRbWIlJDJr
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l-rOwvdVJR67IPgUScZ32n8ATPWeYcmXSFRTBsUeeBSgi0miT7jXFw==

GET
H2 200 17.32f9cabf.chunk.css
js.driftt.com/core/assets/css/ Frame 570D 10 KB
3 KB 33ms
31ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.32f9cabf.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6089b789ee60ea0cc2d4516759ff40956d494f13ad6d4bc4d2ed1367e954dbc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 01:13:45 GMT
content-encoding: gzip
age: 224677
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 16 Feb 2021 21:33:12 GMT
server: nginx
etag: W/"abfbfd1c01b16d22d1a4bd5284d3669e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NWMssxgG80yVfxqzaO5sV9Ibi18wjQvY
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: R0XnsPkYJmxlSUTfRUwL5JcjxUFOn_CeJG-4SPcbAjS-cyHX1WUU_A==

GET
H2 200 17.bb56e385.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 16 KB
6 KB 33ms
31ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.bb56e385.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9e4aa4bb65b0fa3d56599549c7ccaf028e67a775ee3b9688138f746d665e48c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 18:20:29 GMT
content-encoding: gzip
age: 767873
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 10 Feb 2021 14:58:59 GMT
server: nginx
etag: W/"1f6de171da92edf5af58a4ed9bc36990"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5dPUHdKI7785pMF39gjxsuetXgiGJUd2
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: O6OU0XNDNtCcSjwA5qT1oHDUmcTWgpRx9dRM6RoJvSN0c99GffXR9Q==

GET
H2 200 14.12bcd259.chunk.css
js.driftt.com/core/assets/css/ Frame 570D 34 KB
6 KB 34ms
32ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.12bcd259.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

087e95926b63c83294bb1a7919e8ecf1bad093eca795e57bc12a8c696bb993d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 20:28:31 GMT
content-encoding: gzip
age: 3006591
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 15 Jan 2021 19:56:32 GMT
server: nginx
etag: W/"03b81cd9ae9e0a2b70726e351907ba28"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AD1q2Zr0aDhaVsVxT1c9EfECujNUShw3
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6_jZ9mwA9i0c6o04iUstHULutG-F92cv87vK32UpT2k6liWkyfE46w==

GET
H2 200 14.f0530558.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 62 KB
19 KB 33ms
31ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.f0530558.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fe5c4b62d0b7a4429288cfeac4eb9dc0af798c92dfa209fbf2dd8ec07ea17805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 21:16:40 GMT
content-encoding: gzip
age: 152502
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Feb 2021 21:05:33 GMT
server: nginx
etag: W/"bdbcdaf7b364c6c5daffeac91ae904e7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wW5Rhdvh4xVrUrzSQpkoKtTN3RhVj81l
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vHyj6m8Zhs_iOOtt-g351RRcVf96JYsLIR1WDUWfI3U9_xpqXyIKZw==

GET
H2 200 19.eed687e7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 18 KB
6 KB 34ms
33ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.eed687e7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0d65fd1a759aa03d88bcaca83188fe7156e8218a637632fb8f5b16b57a100ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 21:16:40 GMT
content-encoding: gzip
age: 152502
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Feb 2021 21:05:34 GMT
server: nginx
etag: W/"04caf7cc22251c33c264889e7cf526c5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vo75mIGs900CFE1J940mnKGk5jnDVEHp
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 09ep-21-zDxeX9tnsR_dP0lfWchN4D48NxCvVDky4qhY36ffGLDOYw==

GET
H2 200 27.51e30a41.chunk.css
js.driftt.com/core/assets/css/ Frame 570D 10 KB
2 KB 33ms
32ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.51e30a41.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f8981397ca0b967449e9e9208109a2762f25d0edf7d7e458788592b6438e5fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 05:27:35 GMT
content-encoding: gzip
age: 555047
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 12 Feb 2021 18:51:23 GMT
server: nginx
etag: W/"d70456ae6ec3d990da312845907053b4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6BajYYGdno3x7VuZKpcyAuH4fDYnf7G_
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zsGa_O6hE1sSNjKWHJmJUtAf5BXiNjUHjnmWyGawtvSRzg0V7AK-AQ==

GET
H2 200 27.7148da50.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 16 KB
7 KB 34ms
33ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.7148da50.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2e64f86d927e66f30c7ecd40a6e8724cd4c2c92651f7f98ff8921e267a0390b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 21:16:40 GMT
content-encoding: gzip
age: 152502
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Feb 2021 21:05:34 GMT
server: nginx
etag: W/"f1c37fc97ae0d436aeb01046a00487e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SbI.Qq.wl1n.brG3PZtW9Ed1TGbsm5yn
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7gggiGtKdhiaBClYUlqWBydacikOHs1LSU1-B4_lWiMVftiteX-VDw==

OPTIONS
H/1.1 200
OK v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 126ms
126ms Other
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

HTTP/1.1

Server

34.193.113.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Feb 2021 15:38:22 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift06742bb4ddfb1b0ab6a670acece
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 wxbvs5zxy7iy.json Show response
embeds.driftcdn.com/embeds/ Frame 7992 33 KB
9 KB 423ms
422ms XHR
application/json 65.9.69.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/wxbvs5zxy7iy.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fed83f95fb4ab20272a8432fa4a2f154f53ab2a808c2b8ed7afdc4704e8bb7ba

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 19 Feb 2021 14:03:19 GMT
server: AmazonS3
etag: W/"e89c7a6e445aae295b7f10a1515fd55c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: CTaiWQr4FRgGismIEdVSvSGdANXsCOLybtwz3aH2G1yxcrY4MIKCug==

POST
H/1.1 200
OK v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 7992 25 B
697 B 141ms
141ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
Authorization
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Feb 2021 15:38:22 GMT
server: istio-envoy
requestid: c888d363605b1792
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 43.0bd3f7fc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7992 17 KB
6 KB 31ms
30ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.0bd3f7fc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f79a8aa00d3bd94f428463ac9c44896172d23e0f0f6d6fe4f05f1c9b593e702c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:22 GMT
content-encoding: gzip
age: 3869940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"533cfc95735c653dd37e8e6b8d17383d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JX5GGfxDlAIFFwI.09gLd6L1Tu2Y1bUr
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YyLXqBt5tc03BKdnF3KiLDyTFcDjhYjv1Md8O6eAsSCFAYpo-Vs1zA==

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 7992 5 KB
2 KB 689ms
689ms XHR
application/json 52.22.71.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.71.46 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-71-46.compute-1.amazonaws.com

Software

Resource Hash

c0945a42fb2ab8c55ed279696d588135de31f9fd5c119a98d4f0cfde60a2d0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Feb 2021 15:38:23 GMT
content-encoding: gzip
requestid: ec748ec773670439
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1968
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 wxbvs5zxy7iy
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 124ms
124ms Other
text/plain 100.24.186.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/wxbvs5zxy7iy

Protocol

Server

100.24.186.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Feb 2021 15:38:23 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: HEAD,GET,OPTIONS
requestid: drift3aa2aee4c719c1f7830c6c68c3b

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 125ms
125ms Other
text/plain 18.205.49.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

18.205.49.143 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Feb 2021 15:38:23 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: driftc0110994a6fa8fa1eb628627c88

GET
H2 200 wxbvs5zxy7iy Show response
targeting.api.drift.com/hours/availability/combined/ Frame 7992 60 B
504 B 141ms
140ms XHR
application/json 100.24.186.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/wxbvs5zxy7iy

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.24.186.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

38b2616b8f0c1d4af21bcb887138390ad92cb12816997455a1d1206854269a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NjcwOTA4ODk0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTMzMTkwNCIsImV4cCI6MTY0NTI4NTEwMiwiaWF0IjoxNjEzNzQ5MTAyfQ._fQ59mBM_7jsIgNOrJnCqq4BVuRQVIXrOsr0mD28bpQw4F4rIxsT7KEDLFCvZuMFkqWQJZCMcQhr95e-WMuN9w

Response headers

date: Fri, 19 Feb 2021 15:38:23 GMT
requestid: de9b94d91d9a6c14
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 60
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 track Show response
event.api.drift.com/ Frame 7992 716 B
1 KB 126ms
125ms XHR
application/json 18.205.49.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.205.49.143 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a8758e5df50a6d5a571f4d7eeb314647f81e0a586efc36e387e6dd48f4ca2b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NjcwOTA4ODk0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTMzMTkwNCIsImV4cCI6MTY0NTI4NTEwMiwiaWF0IjoxNjEzNzQ5MTAyfQ._fQ59mBM_7jsIgNOrJnCqq4BVuRQVIXrOsr0mD28bpQw4F4rIxsT7KEDLFCvZuMFkqWQJZCMcQhr95e-WMuN9w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Feb 2021 15:38:23 GMT
requestid: 5db9ca5070c1e62e
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 716

GET
H2 200 43.0bd3f7fc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 570D 17 KB
6 KB 31ms
30ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.0bd3f7fc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b9f2898b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f79a8aa00d3bd94f428463ac9c44896172d23e0f0f6d6fe4f05f1c9b593e702c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:22 GMT
content-encoding: gzip
age: 3869941
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"533cfc95735c653dd37e8e6b8d17383d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JX5GGfxDlAIFFwI.09gLd6L1Tu2Y1bUr
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5C6kQONrdwXeePc6m5Vsrz4a4MjXhRDoJlT1dR1_eERbnvU9CdF21g==

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 7992 598 B
792 B 128ms
128ms XHR
application/json 100.24.186.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.24.186.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

03eb9361cfa970450df6361943024b9f960d5be021123e13b44491531e16c756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NjcwOTA4ODk0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTMzMTkwNCIsImV4cCI6MTY0NTI4NTEwMiwiaWF0IjoxNjEzNzQ5MTAyfQ._fQ59mBM_7jsIgNOrJnCqq4BVuRQVIXrOsr0mD28bpQw4F4rIxsT7KEDLFCvZuMFkqWQJZCMcQhr95e-WMuN9w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Feb 2021 15:38:23 GMT
content-encoding: gzip
requestid: ec91af91dcfc4f6c
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 331
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 125ms
125ms Other
text/plain 100.24.186.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Server

100.24.186.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Feb 2021 15:38:23 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift91b10a34763b8415b973985234a

POST
H/1.1 200
OK render_initial Show response
flow.api.drift.com/flows/ Frame 7992 3 KB
2 KB 161ms
159ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

8e0ca7e75bee0aa5b181ec05c53501bd336909c76a1d1d539777e6807d189c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NjcwOTA4ODk0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTMzMTkwNCIsImV4cCI6MTY0NTI4NTEwMiwiaWF0IjoxNjEzNzQ5MTAyfQ._fQ59mBM_7jsIgNOrJnCqq4BVuRQVIXrOsr0mD28bpQw4F4rIxsT7KEDLFCvZuMFkqWQJZCMcQhr95e-WMuN9w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Feb 2021 15:38:24 GMT
content-encoding: gzip
server: istio-envoy
requestid: 527862369aaf5b85
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1831
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H/1.1 200
OK render_initial
flow.api.drift.com/flows/ Frame 0
0 514ms
129ms Other
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial

Protocol

HTTP/1.1

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Feb 2021 15:38:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftc78cb6f4223a08f8ae18a25262c
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

OPTIONS
H/1.1 200
OK bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 362ms
357ms Other
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

HTTP/1.1

Server

34.193.113.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Feb 2021 15:38:24 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift7aa0c294db8b1ae3dbf02b3aca2
content-length: 13
x-envoy-upstream-service-time: 234
server: istio-envoy

POST
H/1.1 200
OK bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 7992 25 B
697 B 139ms
139ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NjcwOTA4ODk0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTMzMTkwNCIsImV4cCI6MTY0NTI4NTEwMiwiaWF0IjoxNjEzNzQ5MTAyfQ._fQ59mBM_7jsIgNOrJnCqq4BVuRQVIXrOsr0mD28bpQw4F4rIxsT7KEDLFCvZuMFkqWQJZCMcQhr95e-WMuN9w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Feb 2021 15:38:24 GMT
server: istio-envoy
requestid: cf72f3dfac1e81ef
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 125ms
124ms Other
text/plain 100.24.186.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Server

100.24.186.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Feb 2021 15:38:24 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: driftcbaa09c4cac8c841c5cd5c617ce

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame 7992 0
392 B 135ms
135ms XHR
text/plain 100.24.186.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.24.186.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NjcwOTA4ODk0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTMzMTkwNCIsImV4cCI6MTY0NTI4NTEwMiwiaWF0IjoxNjEzNzQ5MTAyfQ._fQ59mBM_7jsIgNOrJnCqq4BVuRQVIXrOsr0mD28bpQw4F4rIxsT7KEDLFCvZuMFkqWQJZCMcQhr95e-WMuN9w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Feb 2021 15:38:24 GMT
requestid: driftf3449bf4f51819b4d1a4c252ffc
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F1841818%252Fd4519a1340e418d6d3aa7622549d75e8eka3ccta6swz%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w...
driftt.imgix.net/ Frame 7992 3 KB
1 KB 27ms
8ms Image
image/svg+xml 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F1841818%252Fd4519a1340e418d6d3aa7622549d75e8eka3ccta6swz%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3Dbe0f16a427261f657959aca020697922?fit=max&fm=png&h=200&w=200&s=acc74a6db707f3b4ce9498b82276fc32

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

1bea7b5a974337a25883b38d0994c55ddc0835085a09d395809cfa32b8e24355

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 06:10:44 GMT
server: imgix
age: 2376887
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 5ed9a757e8e5fc73324669f2f21dafacae147f58
accept-ranges: bytes
content-length: 795
x-served-by: cache-sjc10079-SJC, cache-hhn4031-HHN

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
13ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-194688-3&cid=1293967176.1613749096&jid=1229363684&gjid=1957770230&_gid=1900904943.1613749096&_u=aHDAgEABAAAAAG~&z=1364105177

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Feb 2021 15:38:24 GMT
content-type: text/plain
access-control-allow-origin: https://blog.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
130 B 6ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1714741684&t=event&ni=1&_s=2&dl=https%3A%2F%2Fblog.checkpoint.com%2F2021%2F01%2F07%2Fdecember-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat%2F&ul=en-us&de=UTF-8&dt=December%202020%C3%83%C2%A2%C3%82%C2%80%C3%82%C2%99s%20Most%20Wanted%20Malware%3A%20Emotet%20Returns%20as%20Top%20Malware%20Threat%20-%20Check%20Point%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202196839&_u=aHDAgEABAAAAAG~&jid=1229363684&gjid=1957770230&cid=1293967176.1613749096&tid=UA-194688-3&_gid=1900904943.1613749096&gtm=2wg2a15JCRGP&z=359252961

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 08:36:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25324
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 35ms
34ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-194688-3&cid=1293967176.1613749096&jid=1229363684&_u=aHDAgEABAAAAAG~&z=1431370977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:38:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 34ms
33ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-194688-3&cid=1293967176.1613749096&jid=1229363684&_u=aHDAgEABAAAAAG~&z=1431370977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:38:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 notification.d46d7db1.mp3
js.driftqa.com/conductor/assets/media/ 20 KB
21 KB 1163ms
906ms Media
audio/mpeg 54.197.143.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftqa.com/conductor/assets/media/notification.d46d7db1.mp3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.197.143.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 19 Feb 2021 15:38:25 GMT
last-modified: Fri, 19 Feb 2021 15:16:10 GMT
server: nginx
access-control-allow-origin: *
etag: "d46d7db110874da77e094dcbc4bec8e6"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
Content-Range: bytes 0-20896/20897
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 20897

POST
H/1.1 200
OK bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 7992 25 B
696 B 127ms
127ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&forceShow=false&skipCampaigns=false&sessionId=589a7f66-b874-4479-9027-1b5d53dbc13d&sessionStarted=1613749101&campaignRefreshToken=4d4b1810-c438-4d95-96c5-659e0934b893&pageLoadStartTime=1613749095028
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NjcwOTA4ODk0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTMzMTkwNCIsImV4cCI6MTY0NTI4NTEwMiwiaWF0IjoxNjEzNzQ5MTAyfQ._fQ59mBM_7jsIgNOrJnCqq4BVuRQVIXrOsr0mD28bpQw4F4rIxsT7KEDLFCvZuMFkqWQJZCMcQhr95e-WMuN9w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Feb 2021 15:38:27 GMT
server: istio-envoy
requestid: 955cbf2f4473adbd
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H/1.1 200
OK bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 127ms
127ms Other
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

HTTP/1.1

Server

34.193.113.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Feb 2021 15:38:27 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift6d81f2b402b91dfca7c194a5019
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.checkpoint.com/	1970-01-19 16:16:03	Name: _gd_session Value: 46dd95cd-faad-4d4a-8f3b-7cffa66f73d4
blog.checkpoint.com/	1970-01-20 09:47:01	Name: _gd_visitor Value: b43409ec-a31b-41fc-831b-147f2ddf2385
.checkpoint.com/	1970-01-19 16:15:49	Name: _dc_gtm_UA-194688-3 Value: 1
.checkpoint.com/	1970-01-19 16:17:15	Name: _gid Value: GA1.2.1900904943.1613749096
.checkpoint.com/	1970-01-20 09:47:01	Name: _ga Value: GA1.2.1293967176.1613749096
blog.checkpoint.com/	1970-01-19 16:25:53	Name: _an_uid Value: 0
blog.checkpoint.com/	1970-01-20 01:41:44	Name: __atuvc Value: 1%7C7
blog.checkpoint.com/	1970-01-19 16:15:50	Name: __atuvs Value: 602fdb6715dbbcf0000
blog.checkpoint.com/	1970-01-20 09:47:01	Name: _gd_svisitor Value: 825e6cc1e06c000067db2f60a8020000473e0800
.blog.checkpoint.com/	1970-01-19 16:59:01	Name: __cfduid Value: d2ca31d8ef83153da6aed764094379d8e1613749094

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
b.6sc.co
blog.checkpoint.com
bootstrap.api.drift.com
c.6sc.co
cdn.onesignal.com
code.jquery.com
connect.facebook.net
driftt.imgix.net
embeds.driftcdn.com
epsilon.6sense.com
event.api.drift.com
flow.api.drift.com
j.6sc.co
js.driftqa.com
js.driftt.com
maxcdn.bootstrapcdn.com
metrics.api.drift.com
munchkin.marketo.net
px.ads.linkedin.com
s7.addthis.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
targeting.api.drift.com
v1.addthisedge.com
www.checkpoint.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
z.moatads.com
100.24.186.63
104.244.42.131
104.244.42.5
104.84.56.112
141.193.213.21
151.101.12.157
18.158.85.13
18.205.49.143
185.33.220.244
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3b
23.218.209.154
23.37.35.171
2606:4700::6812:e134
2620:119:50e4:101::6cae:b55
2620:1ec:22::14
2a00:1450:4001:802::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2004
2a00:1450:4001:829::2003
2a00:1450:400c:c00::9a
2a00:1450:400c:c00::9d
2a02:26f0:7100:191::25ea
2a02:26f0:7100:48d::38f0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::720
34.193.113.164
52.22.71.46
54.147.21.139
54.197.143.221
65.9.69.12
65.9.96.127
88.221.60.75
03eb9361cfa970450df6361943024b9f960d5be021123e13b44491531e16c756
0486c39e353bf2ff557435db02cf4cfc83122e6831164d21c7ca0d28d82f0ad3
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
087e95926b63c83294bb1a7919e8ecf1bad093eca795e57bc12a8c696bb993d6
0d65fd1a759aa03d88bcaca83188fe7156e8218a637632fb8f5b16b57a100ace
0dbe8985afa96651d09789d79f6c4f67ff6cfd4f894656e77074f16d78500ed4
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
0fc686423c26cb1030032fd7e4f2dd664c4b08517a8990c0b46269dd4e01910b
106d46e74162c59758b345b4054bcd34fb8260b8ea1df4e258140d4beb2b7774
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14c4c9cb53c7365492633c30c0e6df8a3e4112553dd6115f418c1764982b03eb
16bab25394f47e60db69b3a75ace1574b150a268353e17096619ba5ba96e208d
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1a613cec529d335c4758874a4b8249ddf6921d238969f33ac58289dddada5388
1bea7b5a974337a25883b38d0994c55ddc0835085a09d395809cfa32b8e24355
1c0ca659d9d1c29eba4fe8e152947a6a0ba2d821a3cff62c71bd5c6ebd468e5e
1cd351f07deee99fcd89ece5c143f930e79faf83eb0111ef9b0ac1492e288277
21a7fd6ffd2b55bfa0ccf4acfd4d9cc37e78151ce5cb9e65b2d665baafab02af
231496e6ecc9c041e3dba03fc970d30ce4ac42eedb2531d77e32f4aca2240d23
2455aa253b20c1d28e86a79f778eebc1e05d932e907f16453539a7afb40beb02
2a0dcc78da2fbb1fcfe754652282ee9e51a1e8b8dd2f1164ccd38ba23ea7d789
2adfacd895d2728eba788bdc296afe05b11a4069a0e85fd4ce767ad066e93e8e
2d3474f74f49ea05fe008ac0707fa6e2f3adba2b990b5c46d61f3a465023eae2
2e64f86d927e66f30c7ecd40a6e8724cd4c2c92651f7f98ff8921e267a0390b3
30581cee80fdc00a20dde03fe67c68d41453254863b15e9aefa09314eb342d2d
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
38b2616b8f0c1d4af21bcb887138390ad92cb12816997455a1d1206854269a14
3a20dd690bb8b873e65040ac190e289a3c2d6c4debee865f4619f306cf2c9544
41a4ba79e2aa276562cf5a6183e43b9ee7cbdd41ead98294a5ad8cf222e44337
434fe19dba6251d8b3eda363d42573d066814efa8069a2813bceb09cb93b7cc0
457b4bd3410faf074da387900f87abc1e845269e857219560bce3ead8260d103
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
45fe1a3f8f9f78ac64a025b533edd3296325b88ac638c78e23836e85414cb66d
4698c6c99f8c8bc6e1409eb09881084c69a2601138e4928c2b8d8c415e1769fa
475dbccf84ca50f8d13df95ef5a85c58198fd65fefa481850453de7feb2d4bb2
4878e729dc2835f5b32254c89119f5f2ac4340cd3a7ab095c8412698dce04a07
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4eabdbc55715edcfef23aef35a30d6dc56f207e057c5b81b821f858121bb4a7b
561bd9c53c0cd183e39118e06a10dd7676276fab2c45cfa9175b9c6ab0e2fc32
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5bff1396041d8c04b240f1d9fc415bbef6024f787d6948ff03e3985a04dcd0c4
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5d699e3cc81e47f8c549b9495aed516e4033cf97d3eca4c9fb93a9c73205acc9
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6089b789ee60ea0cc2d4516759ff40956d494f13ad6d4bc4d2ed1367e954dbc5
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
62e5ee83717cdbc8480b12e00ffc263a60399b462f88830636dbd495d47f6657
632378f8882b4deedc70304702931d082d30b27ffc870377215f682f693058fd
65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276
66109913f2822c41c56c88299701fab6e98eacd1c10c2934fc96843e5ce5aad9
6cc8778502a9cc9afbe6850d8c2f9857194ac0bec385df9b5e5ff4b0a7245bf1
6ed6b410b876f3fc5ab6c930a9519f05b5481a1ce615ad59edbf2960dc8cfe76
70bedf6699398da0f7fa3be459809c0701fe7de1de2e4fff0718be5f65600db9
75c13f824c8fb40e9d303e50bd762d11683fcfd4283b79b60cdd2229313f0096
7a0c19b0e6fa699ae972ca0a753028aba45cb5d1105aef74cb9c57192acd48be
7cc5de02e755067bd3c580c61e3cbe314b42aad5fc2e1a8219a22020048c8caa
7d6ba13b690dee4af8ac51913d50f8509c65be9516aa24e2f761b3a1aa96dbd3
7f072dbb779b20cea6866f3f8d398af9cafe418e7e038aa0702feddf741f040c
7f5c6e767ba72fae587de73bc9e9ebaf14a949042332953f90662c784c007809
7f9e667632eb739b2d6b1bf57ee3ddb298e5358d11c613b571800247a90c371b
817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485
81cff4cdcbfd3a8ad9c582d403d5591b22d681d83bb75d8e69863ec47462e350
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8509f8b66ce83784c82b29f557979cee1cdeafcfa4ea5b43e6301700ac1d6332
85e1261124306a500f643ac1c5e69c188e0a4c116c330c97c76336fce099ec06
87376e5928e93425145583a4262b7b36b5636b718b222881f308c26ed0a56323
89986ee1be5100e5285a081f0439fe50b96cad37216762d9a015864a80b59df8
8a4d208941a1be2347a5179f041e15cc5098a648d61cd8864dd194e14f4e6d1a
8e0ca7e75bee0aa5b181ec05c53501bd336909c76a1d1d539777e6807d189c2d
905939e10c5d4c4c3c5440d21a821e33b07c54fbaa39b3fc45bcf26d0bee56ee
9066c399df39fc448ea3597ef0b67e9f987a58d466b3dd3a61b1d505e18516eb
90f6554b2da60680d0ae5d782146405c9e15bfe100853c9961c8d3514e7f3c5d
91978ba72d16832987d90ed791f916dd982d721e937be75ce30dce54b91b9e3d
9592fbb76544dd3b7449d3ad39a9d1b691584b14675e2325de7392205b7dc365
971c44f8109a1730354bd08de9ca99378fdd5a50d793d385a30e193a7979655c
9dbfd40b6e7fae7156b00f39e2e8fa6e750ade1afbad9b9a01680edf605a6d3a
9e4aa4bb65b0fa3d56599549c7ccaf028e67a775ee3b9688138f746d665e48c8
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a3a433e3ff2e83c89eca0b42cc23fe9a748e8030344e62345e25e5cfa726b179
a46a8c9098978eb78708da11a88cf5b7d8f3d691c499aa23a56938beebed5adb
a8758e5df50a6d5a571f4d7eeb314647f81e0a586efc36e387e6dd48f4ca2b0e
a8da941d8a446516c824ebc9fb77b42e6b92c6deed1daed266bd821ed27bc516
ab1748f07fe3570bcd377c20a4866b343e71f12089b88503c36fb25c83ec32e9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5
af8a20e6bd6c6de708d7aeffdd3afab1a47a00f91b53618d246cdb73410f147c
b8aaffdb6fd495c82977176b9267b8ff2c4fc68dafaa39cf9497d6ed3a5fd5c7
b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978
c0945a42fb2ab8c55ed279696d588135de31f9fd5c119a98d4f0cfde60a2d0bc
c4b05f12d91c9f8b7c3bec26e49d7889b53885ed1b08e317e626490cba2c2967
c971a32a3759287ab329ba60bb25cb1624df30a4e1d903e8180a069f1a96a016
cae6601eec3262f0496682bc1cced8b0fabc8636c4645562c4952a81d02c5283
d02f35d0199626147d0633f8eb18fb166f1798469f3313d8155748ace9e9071d
d245d96784beee8a8652270aaa63264158ef3a6aae0c4f76d051ee14c4de7d98
d5dd51858c25c8f35b6d808746ec3c11750d0b6796b607cf720fa3c86d6e1bb0
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3c752702f2c1b250d8511352d7c4cb49716abad7428e56c11bbcedf73a20f8
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94254d5bbf438f17a36a65b4aedddd782a277ea35cef0be097cc5bfce689877
e9f1723d153401796dcde6f2d1fbf9a6e2181ac7e94049fc88126fbff1abd38d
ed2034e01f107a980852d8b55bd3056ee7ee09783640aa05f26160c8d115ced7
edd69d6b72e0526da341e3d1011ab739da7d2ea274c799f18488860511b44809
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f61fb0eefef9b5b0fd01cda1fdfc30d05fb4f8a7cfb8b65763361fde9ae100cd
f79a8aa00d3bd94f428463ac9c44896172d23e0f0f6d6fe4f05f1c9b593e702c
f8981397ca0b967449e9e9208109a2762f25d0edf7d7e458788592b6438e5fcc
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
fe2df9f6df4b4a8d7174d259f563b8d9e28e4c03f8f4092fd9db6044e0e64c32
fe5c4b62d0b7a4429288cfeac4eb9dc0af798c92dfa209fbf2dd8ec07ea17805
fed83f95fb4ab20272a8432fa4a2f154f53ab2a808c2b8ed7afdc4704e8bb7ba
ff04dd81bb93731c0d1f8e7d384b370f26b93f4352980404fcdc4518e386bedd
ffad15e5be7fe37aad70f67d7e36756dbf7a13823b219fc82413cd11d5c805c1

blog.checkpoint.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

168 Requests

100 %HTTPS

50 %IPv6

28 Domains

36 Subdomains

36 IPs

4 Countries

1990 kBTransfer

5099 kBSize

10 Cookies

128 Outgoing links

Page URL History

Redirected requests

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.checkpoint.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

168
Requests

100 %
HTTPS

50 %
IPv6

28
Domains

36
Subdomains

36
IPs

4
Countries

1990 kB
Transfer

5099 kB
Size

10
Cookies

168 HTTP transactions
1 data transactions