go.proofpoint.com Open in urlscan Pro
104.17.73.206 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Submission Tags: falconsandbox
Submission: On May 04 via api (May 4th 2021, 4:52:58 pm UTC) from US

Summary HTTP 183 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 52 IPs in 6 countries across 45 domains to perform 183 HTTP transactions. The main IP is 104.17.73.206, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.proofpoint.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2020. Valid for: a year.

This is the only time go.proofpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	23.79.155.18 23.79.155.18	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	143.204.202.113 143.204.202.113	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6812:1abe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::2013	15169 (GOOGLE) (GOOGLE)
2	65.9.84.101 65.9.84.101	16509 (AMAZON-02) (AMAZON-02)
1 3	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
67	65.9.84.68 65.9.84.68	16509 (AMAZON-02) (AMAZON-02)
2	51.140.39.77 51.140.39.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	216.200.122.11 216.200.122.11	6461 (ZAYO-6461) (ZAYO-6461)
2 2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a02:26f0:6c0... 2a02:26f0:6c00::210:bac8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 1	3.248.28.111 3.248.28.111	16509 (AMAZON-02) (AMAZON-02)
13 16	54.78.31.47 54.78.31.47	16509 (AMAZON-02) (AMAZON-02)
2 2	52.215.139.246 52.215.139.246	16509 (AMAZON-02) (AMAZON-02)
1 2	65.9.84.34 65.9.84.34	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.84.49 65.9.84.49	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.28.254.214 52.28.254.214	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	18.196.184.242 18.196.184.242	16509 (AMAZON-02) (AMAZON-02)
1 2	3.64.28.223 3.64.28.223	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.84.103 65.9.84.103	16509 (AMAZON-02) (AMAZON-02)
1	18.215.11.20 18.215.11.20	14618 (AMAZON-AES) (AMAZON-AES)
2	34.204.215.213 34.204.215.213	14618 (AMAZON-AES) (AMAZON-AES)
2	54.145.60.34 54.145.60.34	14618 (AMAZON-AES) (AMAZON-AES)
183	52

22 104.17.73.206 (United States)

ASN13335 (CLOUDFLARENET, US)

go.proofpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.71.206 (United States)

ASN13335 (CLOUDFLARENET, US)

marketosandbox.perkuto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.155.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-155-18.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-113.fra53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.151.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:1abe (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

visitor.reactful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.84.101 (United States)

ASN16509 (AMAZON-02, US)

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net

4788165.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 65.9.84.68 (United States)

ASN16509 (AMAZON-02, US)

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.140.39.77 (Swansea, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.chip2gift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.122.11 (United States) 1 redirects

ASN6461 (ZAYO-6461, US)
PTR: 216.200.122.11.IPYX-141870-ZYO.zip.zayo.com

gwmtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00::210:bac8 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.28.111 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.78.31.47 (Dublin, Ireland) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-31-47.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.139.246 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.84.34 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.49 (United States)

ASN16509 (AMAZON-02, US)

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.254.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-214.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.184.242 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-184-242.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.28.223 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-28-223.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.103 (United States)

ASN16509 (AMAZON-02, US)

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.11.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-11-20.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.204.215.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-215-213.compute-1.amazonaws.com

targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.145.60.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-60-34.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	driftt.com js.driftt.com	739 KB
22	adroll.com 14 redirects s.adroll.com d.adroll.com	31 KB
22	proofpoint.com go.proofpoint.com	837 KB
11	drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com	6 KB
8	googleapis.com fonts.googleapis.com ajax.googleapis.com maps.googleapis.com	197 KB
7	doubleclick.net 4 redirects 4788165.fls.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	3 KB
5	g2crowd.com tracking.g2crowd.com	4 KB
5	google.com 1 redirects maps.google.com www.google.com adservice.google.com	3 KB
5	gstatic.com fonts.gstatic.com maps.gstatic.com	127 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	2 KB
4	company-target.com 1 redirects api.company-target.com segments.company-target.com	3 KB
4	google-analytics.com www.google-analytics.com	59 KB
3	reactful.com visitor.reactful.com	106 KB
3	demandbase.com scripts.demandbase.com tag.demandbase.com	81 KB
3	bing.com bat.bing.com	9 KB
2	openx.net 1 redirects us-u.openx.net	479 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	872 B
2	3lift.com 1 redirects eb2.3lift.com	738 B
2	outbrain.com 1 redirects sync.outbrain.com	832 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	facebook.net connect.facebook.net	96 KB
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	google.de 1 redirects www.google.de adservice.google.de	978 B
2	chip2gift.com secure.chip2gift.com	1 KB
2	avct.cloud 1 redirects ads.avct.cloud	733 B
2	marketo.net munchkin.marketo.net	7 KB
2	fontawesome.com use.fontawesome.com	87 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	36 KB
1	driftcdn.com embeds.driftcdn.com	13 KB
1	facebook.com www.facebook.com	147 B
1	taboola.com sync.taboola.com	218 B
1	yahoo.com ads.yahoo.com	444 B
1	pubmatic.com simage2.pubmatic.com	807 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	advertising.com pixel.advertising.com	125 B
1	mathtag.com pixel.mathtag.com	506 B
1	rlcdn.com id.rlcdn.com	66 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	gwmtracking.com 1 redirects gwmtracking.com	389 B
1	avocet.io 1 redirects ads.avocet.io	140 B
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	68 KB
1	perkuto.com marketosandbox.perkuto.com	2 KB
0	Failed function sub() { [native code] }. Failed
183	45

	Domain	Requested by
67	js.driftt.com	go.proofpoint.com js.driftt.com
22	go.proofpoint.com	go.proofpoint.com
16	d.adroll.com	13 redirects go.proofpoint.com
6	metrics.api.drift.com	js.driftt.com
6	s.adroll.com	1 redirects www.googletagmanager.com go.proofpoint.com s.adroll.com d.adroll.com
5	tracking.g2crowd.com	go.proofpoint.com
4	maps.googleapis.com	www.google.com maps.googleapis.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com go.proofpoint.com
4	fonts.gstatic.com	fonts.googleapis.com
3	4788165.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	visitor.reactful.com	go.proofpoint.com visitor.reactful.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com go.proofpoint.com
3	fonts.googleapis.com	go.proofpoint.com js.driftt.com
2	event.api.drift.com	js.driftt.com
2	targeting.api.drift.com	js.driftt.com
2	us-u.openx.net	1 redirects go.proofpoint.com
2	ib.adnxs.com	1 redirects go.proofpoint.com
2	x.bidswitch.net	1 redirects go.proofpoint.com
2	eb2.3lift.com	1 redirects go.proofpoint.com
2	sync.outbrain.com	1 redirects go.proofpoint.com
2	dsum-sec.casalemedia.com	1 redirects go.proofpoint.com
2	connect.facebook.net	d.adroll.com connect.facebook.net
2	segments.company-target.com	1 redirects go.proofpoint.com
2	match.prod.bidr.io	2 redirects
2	px.ads.linkedin.com	2 redirects
2	adservice.google.com	go.proofpoint.com 4788165.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	secure.chip2gift.com	www.googletagmanager.com secure.chip2gift.com
2	api.company-target.com	go.proofpoint.com scripts.demandbase.com
2	ads.avct.cloud	1 redirects go.proofpoint.com
2	scripts.demandbase.com	go.proofpoint.com tag.demandbase.com
2	www.google.com	go.proofpoint.com
2	munchkin.marketo.net	go.proofpoint.com munchkin.marketo.net
2	use.fontawesome.com	go.proofpoint.com use.fontawesome.com
2	stackpath.bootstrapcdn.com	go.proofpoint.com
1	bootstrap.api.drift.com	js.driftt.com
1	embeds.driftcdn.com	js.driftt.com
1	www.facebook.com	go.proofpoint.com
1	cm.g.doubleclick.net	1 redirects
1	sync.taboola.com	go.proofpoint.com
1	ads.yahoo.com	go.proofpoint.com
1	simage2.pubmatic.com	go.proofpoint.com
1	pixel.rubiconproject.com	go.proofpoint.com
1	pixel.advertising.com	go.proofpoint.com
1	pixel.mathtag.com	4788165.fls.doubleclick.net
1	adservice.google.de	1 redirects
1	tag.demandbase.com	scripts.demandbase.com
1	maps.gstatic.com	www.google.com
1	id.rlcdn.com	go.proofpoint.com
1	d.adroll.mgr.consensu.org	1 redirects
1	www.google.de	go.proofpoint.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	go.proofpoint.com
1	www.linkedin.com	1 redirects
1	gwmtracking.com	1 redirects
1	ads.avocet.io	1 redirects
1	snap.licdn.com	go.proofpoint.com
1	maps.google.com	1 redirects
1	www.googletagmanager.com	go.proofpoint.com
1	ajax.googleapis.com	go.proofpoint.com
1	marketosandbox.perkuto.com	go.proofpoint.com
0	nkimffhpgcdokjcjnffnpdajfbapllpk Failed	go.proofpoint.com
183	62

This site contains links to these domains. Also see Links.

Domain
www.proofpoint.com
www.cyberark.com
www.crowdstrike.com
www.okta.com
www.paloaltonetworks.com
www.salepoint.com
twitter.com
www.linkedin.com
www.youtube.com
www.facebook.com

Subject Issuer	Validity	Valid
go.proofpoint.com Cloudflare Inc ECC CA-3	`2020-07-08` - `2021-07-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
marketosandbox.perkuto.com Cloudflare Inc ECC CA-3	`2020-10-02` - `2021-10-02`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-14` - `2021-11-15`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.avct.cloud R3	`2021-04-30` - `2021-07-29`	3 months	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2020-08-30` - `2021-09-28`	a year	crt.sh
*.reactful.com Go Daddy Secure Certificate Authority - G2	`2020-03-12` - `2021-05-09`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-10-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-03` - `2021-05-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
adroll.com R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-04-26` - `2021-06-16`	2 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Frame ID: C103F92E508FAC9FF2A64192A3726364
Requests: 91 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta,+GA!6i14
Frame ID: D3C33B682FFE02963A7468555776DA6E
Requests: 6 HTTP requests in this frame

Frame: https://go.proofpoint.com/rs/309-RHV-619/images/disposable.txt
Frame ID: BE7EF4BCA23A474B8850C98AF389F919
Requests: 1 HTTP requests in this frame

Frame: https://4788165.fls.doubleclick.net/activityi;dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133
Frame ID: E191267F718E7C08CF7BFC816E60B92F
Requests: 1 HTTP requests in this frame

Frame: https://go.proofpoint.com/rs/309-RHV-619/images/disposable.txt
Frame ID: 93A59E09B164F327459FBA179A06C56B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref=https://go.proofpoint.com/
Frame ID: 8D7E62C6151DF4738271449007104E9A
Requests: 1 HTTP requests in this frame

Frame: https://4788165.fls.doubleclick.net/ddm/fls/r/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref=https://go.proofpoint.com/
Frame ID: 8FEBACCDAB1ED175E0801C8768668CD3
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
Frame ID: 79AC9BFB29C3D95D3A77EF83BA6F11EE
Requests: 35 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat
Frame ID: FA71765B308191389C36FFF68B04540C
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

183
Requests

98 %
HTTPS

40 %
IPv6

45
Domains

62
Subdomains

52
IPs

6
Countries

2511 kB
Transfer

6362 kB
Size

5
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.proofpoint.com/

Search URL Search Domain Scan URL

URL: https://www.cyberark.com/

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/

Search URL Search Domain Scan URL

URL: https://www.okta.com/

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/

Search URL Search Domain Scan URL

URL: https://www.salepoint.com/

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://twitter.com/proofpoint
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/proofpoint/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCIvtJgsrUzFo90NKeiVozhQ
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/proofpoint
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://maps.google.com/maps?q=Atlanta%2C%20GA&t=&z=14&ie=UTF8&iwloc=&output=embed HTTP 301
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta,+GA!6i14

Request Chain 42

https://ads.avocet.io/s?add=5aba5f53ab79f7f51390a95a&ty=j HTTP 301
https://ads.avct.cloud/s?r=1&add=5aba5f53ab79f7f51390a95a&ty=j HTTP 302
https://ads.avct.cloud/s?bounce=true&r=1&add=5aba5f53ab79f7f51390a95a&ty=j

Request Chain 50

https://4788165.fls.doubleclick.net/activityi;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133 HTTP 302
https://4788165.fls.doubleclick.net/activityi;dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133

Request Chain 53

https://gwmtracking.com/p/v/1/5b7320b8f870815f7f59492b/format/img?gtmcb=697332027 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8909468;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8909468;dc_pre=CJGW_b--sPACFZcJewodSbUMtg;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8909468;dc_pre=CJGW_b--sPACFZcJewodSbUMtg;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 58

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&time=1620147159621&url=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D169250%26time%3D1620147159621%26url%3Dhttps%253A%252F%252Fgo.proofpoint.com%252FProofpointSpotlightUSAMay18.html%253Frbn%253Dwebsite%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&time=1620147159621&url=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&time=1620147159621&url=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&liSync=true&e_ipv6=AQK1um4yn0WmJQAAAXk4S8VRfYsSVkmZcVGKx2AEObvZI5VwbyaSMijLuNe0I3SR43xLE8Zo

Request Chain 67

https://s.adroll.com/j/exp/7YJ7XZCLMRHSVCXIHB5HIT/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 69

https://d.adroll.mgr.consensu.org/consent/iabcheck/7YJ7XZCLMRHSVCXIHB5HIT?_s=10617869aa6171d0134afeb1fd7aa227&_b=2 HTTP 302
https://d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT/?_s=10617869aa6171d0134afeb1fd7aa227&_b=2

Request Chain 71

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAD2hE7BIvgAACzF8_-LjQ HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAD2hE7BIvgAACzF8_-LjQ&verifyHash=ed9b98fcc86072e3c8e1a9f76c4c4a3c12616213

Request Chain 78

https://adservice.google.de/ddm/fls/i/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref=https://go.proofpoint.com/ HTTP 302
https://4788165.fls.doubleclick.net/ddm/fls/r/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref=https://go.proofpoint.com/

Request Chain 80

https://d.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&pv=38840537829.3559&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js

Request Chain 84

https://d.adroll.com/cm/aol/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 85

https://d.adroll.com/cm/index/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&expiration=1651683160 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&expiration=1651683160&C=1

Request Chain 86

https://d.adroll.com/cm/n/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&expires=365

Request Chain 87

https://d.adroll.com/cm/outbrain/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&rdrctExp=true

Request Chain 88

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 89

https://d.adroll.com/cm/r/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 90

https://d.adroll.com/cm/taboola/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY

Request Chain 91

https://d.adroll.com/cm/triplelift/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 92

https://d.adroll.com/cm/b/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY

Request Chain 93

https://d.adroll.com/cm/x/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY

Request Chain 95

https://d.adroll.com/cm/o/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=763a9ca5235c47cf27ba0284429a48b6 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=763a9ca5235c47cf27ba0284429a48b6

Request Chain 96

https://d.adroll.com/cm/g/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=djqcpSNcR88nugKEQppItg HTTP 302
https://d.adroll.com/cm/g/in

183 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ProofpointSpotlightUSAMay18.html Show response
go.proofpoint.com/ 98 KB
18 KB 1601ms
179ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e55d7b21adc270fe972578e66fec4f92b0197f830a2b7c80ea4367906b9a7a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: go.proofpoint.com
:scheme: https
:path: /ProofpointSpotlightUSAMay18.html?rbn=website
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; expires=Thu, 03-Jun-21 16:52:37 GMT; path=/; domain=.go.proofpoint.com; HttpOnly; SameSite=Lax BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==;Path=/;Version=1;Secure;Httponly __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=; path=/; expires=Tue, 04-May-21 17:22:38 GMT; domain=.go.proofpoint.com; HttpOnly; Secure; SameSite=None
cache-control: stale-while-revalidate=60, max-age=300, public
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
vary: *,Accept-Encoding
x-content-type-options: nosniff
x-cache-status: HIT
x-mkto-nginx-cache: true
cf-cache-status: DYNAMIC
cf-request-id: 09d9e4d39900004eaabd20a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64a33d98f8934eaa-FRA
content-encoding: gzip

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 157 KB
21 KB 38ms
36ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://go.proofpoint.com
Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 17571
cdn-cachedat: 2021-05-04 09:08:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d9e4d45b00004ecd1b1f8000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 72a1a3086713fbbbe743aedc20c04f09
cf-ray: 64a33d9a2c2c4ecd-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
1 KB 18ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec2d67f1a083ab6c32a767ec1d22343e3159f3ca499edf414090d243be26d070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 16:52:38 GMT
server: ESF
date: Tue, 04 May 2021 16:52:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 16:52:38 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
14 KB 37ms
35ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Origin: https://go.proofpoint.com
Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: gzip
last-modified: Thu, 21 Mar 2019 21:31:35 GMT
server: NetDNA-cache/2.2
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 proofpoint-lp11-css.css
go.proofpoint.com/rs/309-RHV-619/images/ 32 KB
7 KB 183ms
182ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/proofpoint-lp11-css.css

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577a7a6a9078e03b81bcae9bcb1eb6ba2304bd732b5955e671dd9025c6b8449d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/proofpoint-lp11-css.css
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 7276
cf-request-id: 09d9e4d45a00004eaa82ada000000001
last-modified: Thu, 15 Apr 2021 14:59:09 GMT
server: cloudflare
etag: "1c1bce-8144-5c0041b0940b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9a2ba54eaa-FRA
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
768 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fjalla+One&family=Roboto+Condensed:wght@300;400&display=swap

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2e558d5dbb9122da5ed93b123e9cd536e6f58e63e6f7ff0e1d77d3c60ad744e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 16:52:38 GMT
server: ESF
date: Tue, 04 May 2021 16:52:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 16:52:38 GMT

GET
H2 200 forms2.min.js Show response
go.proofpoint.com/js/forms2/js/ 204 KB
68 KB 151ms
150ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/js/forms2/js/forms2.min.js

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

:path: /js/forms2/js/forms2.min.js
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Mar 2021 20:12:10 GMT
server: cloudflare
etag: "c1b6f-33187-5bd344826ba80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 64a33d9a2ba74eaa-FRA
vary: Accept-Encoding
cf-request-id: 09d9e4d45a00004eaac78ad000000001
expires: Tue, 04 May 2021 20:52:38 GMT

GET
H2 200 logo-reg.svg
go.proofpoint.com/rs/309-RHV-619/images/ 3 KB
1 KB 150ms
141ms Image
image/svg+xml 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/logo-reg.svg

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c858ea92bdc30e89d30d477c30228c47b19648e1539829bb2303a176f0c23dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/logo-reg.svg
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 20 Mar 2021 02:31:18 GMT
server: cloudflare
etag: W/"1c1299-b8b-5bdeea0a3e421"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 64a33d9b6ef54eaa-FRA
cf-request-id: 09d9e4d51f00004eaa992da000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H2 200 cyberark-logo-218x80.png
go.proofpoint.com/rs/309-RHV-619/images/ 10 KB
10 KB 243ms
234ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/cyberark-logo-218x80.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

499b83f5ba2db52fa89064af164f8d5db6be509c3941160c50e8625456b8456f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/cyberark-logo-218x80.png
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 20 Mar 2021 02:34:11 GMT
server: cloudflare
etag: "1c129d-290e-5bdeeaaf1bc31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9b6eff4eaa-FRA
content-length: 10510
cf-request-id: 09d9e4d52600004eaa75b4b000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H2 200 crowdstrike-logo-218x80.png
go.proofpoint.com/rs/309-RHV-619/images/ 11 KB
11 KB 427ms
419ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/crowdstrike-logo-218x80.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac5cc7747c4fa7fc591a26f85aa3591487f97f197b6f11d98b0ae56d732255f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/crowdstrike-logo-218x80.png
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 20 Mar 2021 02:34:11 GMT
server: cloudflare
etag: "1c12a5-2b9b-5bdeeaaf81919"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9b6f074eaa-FRA
content-length: 11163
cf-request-id: 09d9e4d52100004eaa5e947000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H2 200 okta-logo-218x80.png
go.proofpoint.com/rs/309-RHV-619/images/ 7 KB
7 KB 186ms
175ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/okta-logo-218x80.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8359e6fed2018724161852086b6c83004e986b32769abe2f6305095070e8733a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/okta-logo-218x80.png
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 20 Mar 2021 02:34:11 GMT
server: cloudflare
etag: "1c12a7-1bfe-5bdeeaaf82ca1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9b6f0a4eaa-FRA
content-length: 7166
cf-request-id: 09d9e4d52100004eaac78c7000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H2 200 paloalto-networks-218-80.png
go.proofpoint.com/rs/309-RHV-619/images/ 6 KB
6 KB 170ms
159ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/paloalto-networks-218-80.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6272558b271ac14aacde204e353eee48b68ce319aabda94af246b5961454ef0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/paloalto-networks-218-80.png
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 20 Mar 2021 02:34:11 GMT
server: cloudflare
etag: "1c12a0-1820-5bdeeaaf21dd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9b6f134eaa-FRA
content-length: 6176
cf-request-id: 09d9e4d52500004eaa9f83e000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H2 200 salepoint-logo-218x80.png
go.proofpoint.com/rs/309-RHV-619/images/ 12 KB
12 KB 241ms
231ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/salepoint-logo-218x80.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc388d54064ba7d414eb6d1a5df6d2127a33618c1d6f3397105a2607f467268e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/salepoint-logo-218x80.png
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 20 Mar 2021 02:34:11 GMT
server: cloudflare
etag: "1c12a4-3148-5bdeeaaf80d61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9b6f144eaa-FRA
content-length: 12616
cf-request-id: 09d9e4d52500004eaae3960000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H2 200 user-group-logo-TN-AL-MS-wh-100.svg
go.proofpoint.com/rs/309-RHV-619/images/ 6 KB
3 KB 255ms
245ms Image
image/svg+xml 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/user-group-logo-TN-AL-MS-wh-100.svg

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4af78aebdb1034e8312d2de4acafa9fc9c479a8f772a7e6c13323c77791906fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/user-group-logo-TN-AL-MS-wh-100.svg
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 20 Mar 2021 23:18:29 GMT
server: cloudflare
etag: W/"1c1337-19b2-5be000ce2f27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 64a33d9b6f164eaa-FRA
cf-request-id: 09d9e4d52500004eaad01dd000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET injector.js
nkimffhpgcdokjcjnffnpdajfbapllpk/packages/adobe-engage/ 0
0

GET
H2 200 Speaker1.png
go.proofpoint.com/rs/309-RHV-619/images/ 45 KB
45 KB 186ms
177ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/Speaker1.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7727a4fef2ddbee57d52cac6cb2540ba5fbdcabd1153a9c687f02aab7f0f1151

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/Speaker1.png
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 20 Mar 2021 02:34:11 GMT
server: cloudflare
etag: "1c12a3-b3e6-5bdeeaaf444a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9b6f184eaa-FRA
content-length: 46054
cf-request-id: 09d9e4d52600004eaacc99e000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H2 200 Speaker3.png
go.proofpoint.com/rs/309-RHV-619/images/ 42 KB
42 KB 170ms
161ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/Speaker3.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ace7e96948ab77c3b1dcf9bcfe643c91c13ded6e29c157a8400370b8ad34724b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/Speaker3.png
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 20 Mar 2021 02:34:11 GMT
server: cloudflare
etag: "1c129e-a6c2-5bdeeaaf20669"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9b7f574eaa-FRA
content-length: 42690
cf-request-id: 09d9e4d53000004eaada06b000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H2 200 Denis_Ryan.jpg
go.proofpoint.com/rs/309-RHV-619/images/ 13 KB
13 KB 177ms
168ms Image
image/jpeg 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/Denis_Ryan.jpg

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b15e134e5ad9f78288e327cd6949340d3fa8677f3a5fa0ddcb71161eb4c9874c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/Denis_Ryan.jpg
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Mar 2021 21:13:46 GMT
server: cloudflare
etag: "1c14a3-3418-5be268a91610c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9b7f594eaa-FRA
content-length: 13336
cf-request-id: 09d9e4d53000004eaad2a9e000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H2 200 Speaker2.png
go.proofpoint.com/rs/309-RHV-619/images/ 45 KB
46 KB 237ms
228ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/Speaker2.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42141c48114a0d1c1829ba7d25c2b84a638b6dcab36c2c9f0c87eb6fa31ce846

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/Speaker2.png
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 20 Mar 2021 02:34:11 GMT
server: cloudflare
etag: "1c12a2-b5f6-5bdeeaaf30839"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9b7f5c4eaa-FRA
content-length: 46582
cf-request-id: 09d9e4d53100004eaac78c9000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H2 200 CPE-SubmitterLogo.png
go.proofpoint.com/rs/309-RHV-619/images/ 41 KB
41 KB 205ms
197ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/CPE-SubmitterLogo.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eefa13031c3011cb8bab679bd8f52195d5a3f8b6bf3e9a44df9d304bada034a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/CPE-SubmitterLogo.png
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 20 Mar 2021 02:34:11 GMT
server: cloudflare
etag: "1c129f-a42d-5bdeeaaf20669"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9b7f5e4eaa-FRA
content-length: 42029
cf-request-id: 09d9e4d53100004eaaae3ca000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H2 200 logo-white.svg
marketosandbox.perkuto.com/rs/559-LNN-604/images/ 3 KB
2 KB 938ms
208ms Image
image/svg+xml 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://marketosandbox.perkuto.com/rs/559-LNN-604/images/logo-white.svg

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17ed3e1266678ae7eff9e1a8f632e6fba0c38e41bc2a268b4778615749f76939

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Mar 2021 20:05:10 GMT
server: cloudflare
etag: W/"c0f7e-b8b-5be259539f282"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 64a33d9ffeac4abc-FRA
cf-request-id: 09d9e4d7f700004abcad0c4000000001
expires: Tue, 04 May 2021 16:53:39 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 657
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 May 2022 16:41:41 GMT

GET
H3-29 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/ 59 KB
15 KB 17ms
17ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://go.proofpoint.com
Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617
age: 17571
cdn-cachedat: 2021-05-03 18:55:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d9e4d50700004ea494b34000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 7cf3ff77c4cca7470aac5080e14c9778
cf-ray: 64a33d9b3b104ea4-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 domain-block-script.js Show response
go.proofpoint.com/rs/309-RHV-619/images/ 1 KB
814 B 147ms
141ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/domain-block-script.js

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47929c9d389eee6f5311da414440b4b4ce37a82ee99507b0a0226b9e367b5610

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/domain-block-script.js
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-length: 655
cf-request-id: 09d9e4d51d00004eaac78c6000000001
last-modified: Sat, 20 Mar 2021 02:34:10 GMT
server: cloudflare
etag: "1c129c-541-5bdeeaae905ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9b6eea4eaa-FRA
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// 1 KB
1 KB 102ms
30ms Script
application/x-javascript 23.79.155.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.155.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-155-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3200b4fbd5f5164830fb4d1918ca1e080c7c24604f90e05a6e95e3a4d4305963

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:52:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Apr 2021 01:33:39 GMT
Server: AkamaiNetStorage
ETag: "cf28dcd62414fc8651ebe7ee71a78f43:1619141619.210294"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 764

GET
H2 200 stripmkttok.js Show response
go.proofpoint.com/js/ 2 KB
805 B 419ms
412ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/js/stripmkttok.js

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /js/stripmkttok.js
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 678
cf-request-id: 09d9e4d51e00004eaada068000000001
last-modified: Wed, 10 Mar 2021 20:12:10 GMT
server: cloudflare
etag: "21835-602-5bd344826ba80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 64a33d9b6ef04eaa-FRA
expires: Tue, 04 May 2021 20:52:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 304 KB
68 KB 62ms
53ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac8bb459420d05ec5d483621ca0c1eb83bedc23ea18ba043c189e1b6de034d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69512
x-xss-protection: 0
last-modified: Tue, 04 May 2021 15:30:39 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 May 2021 16:52:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://go.proofpoint.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 486546
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:43:32 GMT

GET
H2 200 forms2.css
go.proofpoint.com/js/forms2/css/ 13 KB
3 KB 237ms
235ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/js/forms2/css/forms2.css

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /js/forms2/css/forms2.css
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 2623
cf-request-id: 09d9e4d57a00004eaae396d000000001
last-modified: Wed, 10 Mar 2021 20:12:10 GMT
server: cloudflare
etag: "c1b6b-3437-5bd344826ba80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 64a33d9bf8824eaa-FRA
expires: Tue, 04 May 2021 20:52:38 GMT

GET
H2 200 forms2-theme-simple.css
go.proofpoint.com/js/forms2/css/ 826 B
360 B 53ms
51ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /js/forms2/css/forms2-theme-simple.css
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6018
content-length: 242
cf-request-id: 09d9e4d57800004eaad01e6000000001
last-modified: Wed, 10 Mar 2021 20:12:10 GMT
server: cloudflare
etag: "c1b68-33a-5bd344826ba80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 64a33d9bf88a4eaa-FRA
expires: Tue, 04 May 2021 20:52:38 GMT

GET
H2 200 ProofpointSpotlightUSAMay18_LandingPage_1920x350_BLANK.png
go.proofpoint.com/rs/309-RHV-619/images/ 451 KB
452 KB 190ms
188ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/ProofpointSpotlightUSAMay18_LandingPage_1920x350_BLANK.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a6cc7e12feb9f0869e8791d856881c0fd16808aa3667108cc95e82815c64283

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /rs/309-RHV-619/images/ProofpointSpotlightUSAMay18_LandingPage_1920x350_BLANK.png
pragma: no-cache
cookie: __cfduid=dac011b38764cdb86920fd4bbc6e1694c1620147157; BIGipServerabjweb-nginx-app_https=!DWI4p4XdYdi8A4faIvODocHezid2PTjiCHmGRxkfhrsEs8sg4RU0hmHI3Fa1f5z/xkhS2if/lJ7hnw==; __cf_bm=a716f38cd9e2e3c56e2e89f1b3bc1767e52625d8-1620147158-1800-AXwKTXaet/VG4HJ9FACUJ3i8X03J4YyJyGDS7a+aR4itid3/3zrVXvmRwuGBgv26tMWLqf1bV/diEpFK8ScCscA=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.proofpoint.com
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 26 Apr 2021 20:16:15 GMT
server: cloudflare
etag: "1c1f4b-70c44-5c0e5d156e07e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 64a33d9c29004eaa-FRA
content-length: 461892
cf-request-id: 09d9e4d59500004eaacc9ab000000001
expires: Tue, 04 May 2021 16:53:38 GMT

GET
H3-29 200 Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v8/ 16 KB
16 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fjallaone/v8/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fjalla+One&family=Roboto+Condensed:wght@300;400&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe5f2a40422e9a55187b3204161cbce1ba1d03a2eb4fa971bd10451562fed99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://go.proofpoint.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:53 GMT
server: sffe
age: 436624
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16540
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:35:34 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,400;1,500;1,700;1,900&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://go.proofpoint.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 436629
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:35:29 GMT

GET
H3-29 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fjalla+One&family=Roboto+Condensed:wght@300;400&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://go.proofpoint.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:46:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
age: 410758
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
expires: Fri, 29 Apr 2022 22:46:40 GMT

GET injector.js
nkimffhpgcdokjcjnffnpdajfbapllpk/packages/adobe-engage/ 0
0

GET
H2

200

embed Show response
www.google.com/maps/ Frame D3C3
Redirect Chain

https://maps.google.com/maps?q=Atlanta%2C%20GA&t=&z=14&ie=UTF8&iwloc=&output=embed
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta,+GA!6i14

2 KB
1 KB

286ms
285ms

Document
text/html

2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta,+GA!6i14

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

86674f896cf689eb89553d1aeb2dffc1ec46cdbe90b81a92c550c885a6adfddf

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-jdiGSUGH46P4CcfQReN7Cw==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta,+GA!6i14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.proofpoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.proofpoint.com/

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 04 May 2021 16:52:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-jdiGSUGH46P4CcfQReN7Cw==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 981
x-xss-protection: 0
server-timing: gfet4t7; dur=269
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date: Tue, 04 May 2021 16:52:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta,+GA!6i14
content-type: text/html; charset=UTF-8
server: mafe
content-length: 276
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 73 KB
73 KB 36ms
36ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed

Request headers

Origin: https://go.proofpoint.com
Referer: https://use.fontawesome.com/releases/v5.8.1/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:39 GMT
last-modified: Thu, 21 Mar 2019 21:32:11 GMT
server: NetDNA-cache/2.2
etag: "5e2f92123d241cabecf0b289b9b08d4a"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 74768

GET
H2 200 disposable.txt Show response
go.proofpoint.com/rs/309-RHV-619/images/ Frame BE7E 70 KB
24 KB 157ms
148ms Document
text/plain 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/disposable.txt

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/rs/309-RHV-619/images/domain-block-script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e763678a9fdc93f37f0b7408c601c4805bc9bfda1a46aaaaa4ef7f11385d3ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: go.proofpoint.com
:scheme: https
:path: /rs/309-RHV-619/images/disposable.txt
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Response headers

date: Tue, 04 May 2021 16:52:39 GMT
content-type: text/plain
content-length: 24161
set-cookie: __cfduid=d7c0a6cb7567195f2441e9226b422d0e41620147159; expires=Thu, 03-Jun-21 16:52:39 GMT; path=/; domain=.go.proofpoint.com; HttpOnly; SameSite=Lax BIGipServerabjweb-nginx-app_https=!nl4C1Gw5791PmSHaIvODocHezid2PU/0KUkz2gcKX62Hr6yaNhapdbskA86OHIn8Ps7ITAXj7tfdwg==;Path=/;Version=1;Secure;Httponly __cf_bm=198f2cbcdd102c8b8b4979001c6b80605498af40-1620147159-1800-AUEdtMCOi2Rjp3cV3Msz9SBPdqysEtnu3MF53XMrsk+Uv8vQZE6ThkCI2G8B0dtYS5G6cCX67fUkmOWLY8ylHJA=; path=/; expires=Tue, 04-May-21 17:22:39 GMT; domain=.go.proofpoint.com; HttpOnly; Secure; SameSite=None
last-modified: Mon, 03 May 2021 18:28:12 GMT
etag: "1814f8-1177f-5c1711fc947c5"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-request-id: 09d9e4d89000004eaa82b42000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64a33da0ed874eaa-FRA

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 32ms
31ms Script
application/x-javascript 23.79.155.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.155.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-155-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:52:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Thu, 12 Aug 2021 16:52:39 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 49ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:38 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 17:21:02 GMT
x-msedge-ref: Ref A: BC528AA9528C45028FCC41A0C32D4CC3 Ref B: FRAEDGE1521 Ref C: 2021-05-04T16:52:39Z
etag: "0d398608930d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8910

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4324
date: Tue, 04 May 2021 15:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 04 May 2021 17:40:35 GMT

GET
H2 200 MP9Jyqtx.min.js Show response
scripts.demandbase.com/ 81 KB
19 KB 262ms
46ms Script
application/javascript 143.204.202.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/MP9Jyqtx.min.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-113.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a7e8d84d263b5f05aa764301b122fd8dd05502fca1780d3221b6c25c5366540

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Hj9OW_l.CW1YmrkWRMwtATSaAaX3Zh0U
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 23:28:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"91032bd331a1eff120683d61faf4ee18"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Tue, 04 May 2021 16:52:39 GMT
x-amz-cf-id: 6IROYZRyWbTcwGVgfeth3t5wHrZoBwUQ1fSR3XK5G-S-diXdH-Jt2g==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:52:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=44526
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2

200

s Show response
ads.avct.cloud/
Redirect Chain

https://ads.avocet.io/s?add=5aba5f53ab79f7f51390a95a&ty=j
https://ads.avct.cloud/s?r=1&add=5aba5f53ab79f7f51390a95a&ty=j
https://ads.avct.cloud/s?bounce=true&r=1&add=5aba5f53ab79f7f51390a95a&ty=j

0
336 B

59ms
58ms

Script
application/javascript

52.17.151.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.avct.cloud/s?bounce=true&r=1&add=5aba5f53ab79f7f51390a95a&ty=j
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.17.151.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:40 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
content-type: application/javascript

Redirect headers

location: /s?bounce=true&r=1&add=5aba5f53ab79f7f51390a95a&ty=j
date: Tue, 04 May 2021 16:52:39 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 87
content-type: text/html; charset=utf-8

GET
H2 200 1594.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 198ms
160ms Script
text/javascript 2606:4700::6812:1abe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1594.js?p=https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website&e=

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:39 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 2bc983d7-f367-42ef-8a09-a53413026fd0
x-runtime: 0.022271
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id: 09d9e4d9a90000d711c00f1000000001
cf-ray: 64a33da2a958d711-FRA

GET
H2 200 1644.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
430 B 229ms
191ms Script
text/javascript 2606:4700::6812:1abe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1644.js?p=https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website&e=

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:39 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: a9bb4d33-b017-47b3-8576-49f5c1e5a3f2
x-runtime: 0.020914
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id: 09d9e4d9a90000d711d9061000000001
cf-ray: 64a33da2a95ad711-FRA

GET
H2 200 1645.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
434 B 230ms
192ms Script
text/javascript 2606:4700::6812:1abe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1645.js?p=https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website&e=

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:39 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 0da8539d-ab67-4036-84eb-56408480e689
x-runtime: 0.012004
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id: 09d9e4d9aa0000d7119aa31000000001
cf-ray: 64a33da2a95bd711-FRA

GET
H2 200 1646.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 570ms
535ms Script
text/javascript 2606:4700::6812:1abe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1646.js?p=https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website&e=

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:39 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: a1640da6-cb4b-43f3-ba3b-121fe7a2cfa4
x-runtime: 0.070476
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id: 09d9e4d9aa0000d711bd0fa000000001
cf-ray: 64a33da2a95fd711-FRA

GET
H2 200 1647.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
435 B 550ms
516ms Script
text/javascript 2606:4700::6812:1abe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1647.js?p=https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website&e=

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:39 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: e701ead3-f599-44f8-a11f-8c4b51036336
x-runtime: 0.018519
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id: 09d9e4d9ab0000d711948a3000000001
cf-ray: 64a33da2a961d711-FRA

GET
H2 200 main.rtfl.js Show response
visitor.reactful.com/dist/ 273 KB
106 KB 77ms
15ms Script
application/javascript 2a00:1450:4001:809::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor.reactful.com/dist/main.rtfl.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4d71e28edcd31a762462d68b69b58c84965188c5f19c64f9d55fe0520e33985d

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 14:48:53 GMT
content-encoding: gzip
server: Google Frontend
age: 7426
etag: "dJXsGw"
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 15b64f24d71e01255a86627d3868bf42
cache-control: public,public, max-age=432000
content-length: 107826
expires: Sun, 09 May 2021 14:48:53 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 423 B
923 B 291ms
82ms XHR
application/json 65.9.84.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=8d20076343394d24eb8250e933d1560c
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1eb6fc1ae525969af80aeb115b54d6556b9724078553881220e9305b8ed5338c

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:39 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
request-id: c0a5cee3-f494-4c72-8f90-35ece7a252e7
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://go.proofpoint.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pdiy9uRKjG9zDU72M4Po3lXelhSPL5ssXyzqCn7abS-yMnD3izslyA==
expires: Mon, 03 May 2021 16:52:39 GMT

GET
H3-29

200

activityi;dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133 Show response
4788165.fls.doubleclick.net/ Frame E191
Redirect Chain

https://4788165.fls.doubleclick.net/activityi;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133?
https://4788165.fls.doubleclick.net/activityi;dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133?

501 B
411 B

98ms
49ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4788165.fls.doubleclick.net/activityi;dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

733ad44ac0b3537aec23cb9b9c58eceb309d248e4abd6a2d29a3b80041ef2d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4788165.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.proofpoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.proofpoint.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 May 2021 16:52:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 386
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-May-2021 17:07:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 May 2021 16:52:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4788165.fls.doubleclick.net/activityi;dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 5dfsgn7m2kst.js Show response
js.driftt.com/include/1620147300000/ 214 KB
61 KB 266ms
176ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1620147300000/5dfsgn7m2kst.js

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

78fbb3a5eec2541f75ac4d79c190197f4e337da8777f95e17a4a0ed82ea58629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KVrHIz.usRV4csMzXeNAiGdPnCViQH16
content-encoding: gzip
etag: W/"f6ad1f12126f1152b37605ef789f61b1"
x-amz-cf-pop: AMS1-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 17:13:20 GMT
server: nginx
date: Tue, 04 May 2021 16:52:39 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZQ5_cMEu1nCQs6t1aNAcxqPqeN55yE_BAsCsOv0wDwbnt1ijgjbc9Q==

GET
H/1.1 200
OK 206034.js Show response
secure.chip2gift.com/js/ 1 KB
985 B 214ms
46ms Script
text/javascript 51.140.39.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.chip2gift.com/js/206034.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.140.39.77 Swansea, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: eec26d4d2fe376f3f299b7d86086deef12b8b0f2611bc7a8898df278825f782a

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 16:52:39 GMT
Content-Encoding: gzip
Server: Kestrel
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, must-revalidate
Transfer-Encoding: chunked
Expires: 0

GET
H2

200

src=8909468;dc_pre=CJGW_b--sPACFZcJewodSbUMtg;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://gwmtracking.com/p/v/1/5b7320b8f870815f7f59492b/format/img?gtmcb=697332027
https://ad.doubleclick.net/ddm/activity/src=8909468;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8909468;dc_pre=CJGW_b--sPACFZcJewodSbUMtg;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8909468;dc_pre=CJGW_b--sPACFZcJewodSbUMtg;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
118 B

42ms
41ms

Image
image/gif

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8909468;dc_pre=CJGW_b--sPACFZcJewodSbUMtg;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=8909468;dc_pre=CJGW_b--sPACFZcJewodSbUMtg;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 disposable.txt Show response
go.proofpoint.com/rs/309-RHV-619/images/ Frame 93A5 70 KB
24 KB 152ms
150ms Document
text/plain 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/disposable.txt

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e763678a9fdc93f37f0b7408c601c4805bc9bfda1a46aaaaa4ef7f11385d3ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: go.proofpoint.com
:scheme: https
:path: /rs/309-RHV-619/images/disposable.txt
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d7c0a6cb7567195f2441e9226b422d0e41620147159; BIGipServerabjweb-nginx-app_https=!nl4C1Gw5791PmSHaIvODocHezid2PU/0KUkz2gcKX62Hr6yaNhapdbskA86OHIn8Ps7ITAXj7tfdwg==; __cf_bm=198f2cbcdd102c8b8b4979001c6b80605498af40-1620147159-1800-AUEdtMCOi2Rjp3cV3Msz9SBPdqysEtnu3MF53XMrsk+Uv8vQZE6ThkCI2G8B0dtYS5G6cCX67fUkmOWLY8ylHJA=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Response headers

date: Tue, 04 May 2021 16:52:39 GMT
content-type: text/plain
content-length: 24161
last-modified: Mon, 03 May 2021 18:28:12 GMT
etag: "1814f8-1177f-5c1711fc947c5"
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
accept-ranges: bytes
cf-cache-status: DYNAMIC
cf-request-id: 09d9e4d9b800004eaa75bc2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64a33da2b9fa4eaa-FRA

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 41 KB
13 KB 45ms
8ms Script
text/javascript 2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f55b80216d81f421d8da8c69ae09068b1231e4b0fb6d3912eae8d147b5232d9c

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RbvMQlISgmBBsnMKx1p.bqgidE6ZF3W8
Content-Encoding: gzip
ETag: "4748055dbdd5649bb8f3f2a9b89f85b1"
x-amz-request-id: 0TYC7TY00BPM4X39
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12978
x-amz-id-2: xC3iFrWUEgHG0SuvuCH6nQBOaU1a4splR14HQ6mRp3SvQuveQvqOiaFUYYgTfWzs3RoZtaGAtsk=
Last-Modified: Wed, 14 Apr 2021 13:35:10 GMT
Server: AmazonS3
Date: Tue, 04 May 2021 16:52:39 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1652930960&t=pageview&_s=1&dl=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&ul=en-us&de=UTF-8&dt=Proofpoint%20Spotlight%3A%20Defending%20Governments%20from%20Business%20Email%20Compromise&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQAAAAC~&jid=1966284818&gjid=989392474&cid=941194983.1620147160&tid=UA-2257074-1&_gid=318636937.1620147160&_r=1&gtm=2wg4l3MGR7P8X&cd19=941194983.1620147160&z=2067940325

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:52:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.proofpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 107 KB
40 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KKGL4NZ&t=gtm3&cid=941194983.1620147160

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fb88804addcda4fed8c6c37ab3e4b88914953e0d8e84522f89aaa42bb6d8512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40485
x-xss-protection: 0
expires: Tue, 04 May 2021 16:52:39 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&time=1620147159621&url=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D169250%26time%3D1620147159621%26url%3Dhttps%253A%252F%252Fgo.proofpoint.com%252FP...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&time=1620147159621&url=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&time=1620147159621&url=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&liSync=true&e_ipv6=AQK1um4yn0WmJ...

0
396 B

137ms
136ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&time=1620147159621&url=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&liSync=true&e_ipv6=AQK1um4yn0WmJQAAAXk4S8VRfYsSVkmZcVGKx2AEObvZI5VwbyaSMijLuNe0I3SR43xLE8Zo
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:40 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: Ldp6NELrexbQ9452cSsAAA==

Redirect headers

date: Tue, 04 May 2021 16:52:40 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&time=1620147159621&url=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&liSync=true&e_ipv6=AQK1um4yn0WmJQAAAXk4S8VRfYsSVkmZcVGKx2AEObvZI5VwbyaSMijLuNe0I3SR43xLE8Zo
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: 1WglKkLrexZAoWYh9ioAAA==

GET
H2 204 17087961 Show response
bat.bing.com/p/action/ 0
126 B 39ms
33ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/17087961
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 04 May 2021 16:52:38 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: F118EA1F960E4AA7BE4BD8ADC17C3216 Ref B: FRAEDGE1521 Ref C: 2021-05-04T16:52:39Z
x-powered-by: ARR/3.0

GET
H2 204 0
bat.bing.com/action/ 0
148 B 64ms
3ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17087961&tm=gtm001&Ver=2&mid=f02a0495-a480-49f5-9692-6dbb714443fa&sid=22d82d90acf911ebb85cc9a4bc4f0dbf&vid=22d91100acf911ebafd3b5227d6e0454&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Proofpoint%20Spotlight%3A%20Defending%20Governments%20from%20Business%20Email%20Compromise&p=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&r=&lt=2715&evt=pageLoad&msclkid=N&sv=1&rn=211888
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 04 May 2021 16:52:38 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: A7DD9E7FED124CED91AE42FF066C0538 Ref B: FRAEDGE1521 Ref C: 2021-05-04T16:52:39Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame D3C3 134 KB
44 KB 69ms
6ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta,+GA!6i14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

7d93cd0568a91f3fbb68efa30b3b427cd5ea9d4f8e7258c3bf427c40b514016e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:05 GMT
content-encoding: gzip
server: mafe
age: 34
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=21
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44699
x-xss-protection: 0
expires: Tue, 04 May 2021 17:22:05 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 49ms
17ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2257074-1&cid=941194983.1620147160&jid=1966284818&gjid=989392474&_gid=318636937.1620147160&_u=YEBAAEACQAAAAC~&z=1563072549

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 May 2021 16:52:39 GMT
content-type: text/plain
access-control-allow-origin: https://go.proofpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
visitor.reactful.com/config/558821/ Frame 0
0 384ms
363ms Preflight
text/javascript 2a00:1450:4001:809::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor.reactful.com/config/558821/?page=%2FProofpointSpotlightUSAMay18.html&hash=&referer=&user_id=&hshkgid=08426153-d36e-433d-8bb8-8587bdd6d733&cb_rtfl=_rtfl_jsonp_0
Protocol: H2
Server: 2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: url-params-data
Origin: https://go.proofpoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://go.proofpoint.com
access-control-allow-methods: GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Six-Sense-Data, Custom-Vars-Data, Url-Params-Data
content-type: text/javascript
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-cloud-trace-context: 7cbf0cd16ba2811fe81c14f42982bf6d
date: Tue, 04 May 2021 16:52:40 GMT
server: Google Frontend
content-length: 0
expires: Tue, 04 May 2021 16:52:40 GMT

GET
H2 200 / Show response
visitor.reactful.com/config/558821/ 0
128 B 188ms
186ms XHR
text/javascript 2a00:1450:4001:809::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor.reactful.com/config/558821/?page=%2FProofpointSpotlightUSAMay18.html&hash=&referer=&user_id=&hshkgid=08426153-d36e-433d-8bb8-8587bdd6d733&cb_rtfl=_rtfl_jsonp_0
Requested by: Host: visitor.reactful.com
URL: https://visitor.reactful.com/dist/main.rtfl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Url-Params-Data: eyJyYm4iOiJ3ZWJzaXRlIn0=
Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:40 GMT
server: Google Frontend
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: https://go.proofpoint.com
x-cloud-trace-context: 856c2fd3375b29b688682dcc544629e0
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Six-Sense-Data,Custom-Vars-Data,Url-Params-Data
content-length: 0

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
30ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2257074-1&cid=941194983.1620147160&jid=1966284818&_u=YEBAAEACQAAAAC~&z=1342102352

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
28ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2257074-1&cid=941194983.1620147160&jid=1966284818&_u=YEBAAEACQAAAAC~&z=1342102352

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/7YJ7XZCLMRHSVCXIHB5HIT/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

7ms
6ms

Script
application/javascript

2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: A6E4D842C4F3666B
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified: Tue, 19 Jan 2021 16:25:36 GMT
Server: AmazonS3
Date: Tue, 04 May 2021 16:52:40 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Tue, 04 May 2021 16:52:40 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/ 0
705 B 25ms
12ms Script
text/javascript 2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DQH4GdD1k0McZ1t8f6rNRMFfP4v7jOJj
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: RBWS0NGSJGGH4GTN
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 0
x-amz-id-2: wqym9SjaKdn0Q+T7uRuR75LqsuIUOPMlr9xxz+kszMYeEKF/+igc5VT1BHznLsSPACV0Cm+2E/c=
Last-Modified: Mon, 03 May 2021 14:26:53 GMT
Server: AmazonS3
Date: Tue, 04 May 2021 16:52:40 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/7YJ7XZCLMRHSVCXIHB5HIT?_s=10617869aa6171d0134afeb1fd7aa227&_b=2
https://d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT/?_s=10617869aa6171d0134afeb1fd7aa227&_b=2

394 B
862 B

178ms
53ms

Script
application/javascript

54.78.31.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT/?_s=10617869aa6171d0134afeb1fd7aa227&_b=2
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.31.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-31-47.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 66191e0a76c6a1ba662a7bb3e79c7322679fa561af89b314875cb48d91efa837

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: application/javascript
content-length: 394
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location: https://d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT/?_s=10617869aa6171d0134afeb1fd7aa227&_b=2
date: Tue, 04 May 2021 16:52:40 GMT
server: nginx/1.18.0
content-length: 105

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 423 B
923 B 189ms
95ms XHR
application/json 65.9.84.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&page_title=Proofpoint%20Spotlight%3A%20Defending%20Governments%20from%20Business%20Email%20Compromise&src=tag&key=2e81efc731d57cb3e458d08fae112991
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/MP9Jyqtx.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1eb6fc1ae525969af80aeb115b54d6556b9724078553881220e9305b8ed5338c

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:40 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
request-id: 504b48a9-4d1f-47ed-99b4-69ea8ffde23d
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://go.proofpoint.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 f54d9ad301a95e7dcfde675e1cd5ba89.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uTOIIp_zkagAEhw-2TEEfo2dlAHxqegN3hXYoKevdE2j3byFrdMomA==
expires: Mon, 03 May 2021 16:52:40 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAD2hE7BIvgAACzF8_-LjQ
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAD2hE7BIvgAACzF8_-LjQ&verifyHash=ed9b98fcc86072e3c8e1a9f76c4c4a3c12616213

26 B
408 B

126ms
121ms

Image
image/gif

65.9.84.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAD2hE7BIvgAACzF8_-LjQ&verifyHash=ed9b98fcc86072e3c8e1a9f76c4c4a3c12616213
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:52:40 GMT
Via: 1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: f345c9f62d5b8073
X-Amz-Cf-Id: ZHMol3aXAepxEYgJat0GgF_roHcm-gmNFAQqvlDy9iKj4Aj_DDpoLw==

Redirect headers

Date: Tue, 04 May 2021 16:52:40 GMT
Via: 1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAD2hE7BIvgAACzF8_-LjQ&verifyHash=ed9b98fcc86072e3c8e1a9f76c4c4a3c12616213
Connection: keep-alive
trace-id: 2ae717f89b947f19
Content-Length: 0
X-Amz-Cf-Id: Q72EHUbC5fy8OGCaBVgi_s1U9dQRevatgAYTY7BQ86XsIHop--A7GQ==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
66 B 153ms
54ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:40 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/44/12/ Frame D3C3 233 KB
65 KB 47ms
19ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/44/12/init_embed.js

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta,+GA!6i14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

696498ba7fb224613064950cbf0148619f6642b53413a8f6331f06af3e563a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 19:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 21:57:46 GMT
server: sffe
age: 510114
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66157
x-xss-protection: 0
expires: Thu, 28 Apr 2022 19:10:46 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref=https:... Frame 8D7E 500 B
859 B 71ms
42ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref=https://go.proofpoint.com/

Requested by

Host: 4788165.fls.doubleclick.net
URL: https://4788165.fls.doubleclick.net/activityi;dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea13a14471b3c97ddd80b839f689118744c11737bc5ef16be0345f015fff606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref=https://go.proofpoint.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4788165.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4788165.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 May 2021 16:52:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 386
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK Capture.aspx Show response
secure.chip2gift.com/Track/ 0
92 B 66ms
66ms Script
text/plain 51.140.39.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.chip2gift.com/Track/Capture.aspx?retType=js&trk_uid=&trk_user=206034&trk_sw=1600&trk_sh=1200&trk_ref=&trk_tit=Proofpoint%20Spotlight%3A%20Defending%20Governments%20from%20Business%20Email%20Compromise&trk_loc=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&trk_agn=Netscape&trk_agv=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36.lfcd24.lflngen-US&trk_dom=go.proofpoint.com&trk_cookie=NA
Requested by: Host: secure.chip2gift.com
URL: https://secure.chip2gift.com/js/206034.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.140.39.77 Swansea, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:52:39 GMT
Content-Length: 0
Server: Kestrel

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1652930960&t=event&ni=1&_s=2&dl=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&ul=en-us&de=UTF-8&dt=Proofpoint%20Spotlight%3A%20Defending%20Governments%20from%20Business%20Email%20Compromise&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=941194983.1620147160&tid=UA-2257074-1&_gid=318636937.1620147160&gtm=2wg4l3MGR7P8X&cd19=941194983.1620147160&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=Czechia&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=(Non-Company%20Visitor)&cd18=(Non-Company%20Visitor)&z=834325227

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 10:09:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24217
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forms_f79029b2cb.min.js Show response
tag.demandbase.com/shared/ 177 KB
57 KB 274ms
48ms Script
application/javascript 65.9.84.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/shared/forms_f79029b2cb.min.js
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/MP9Jyqtx.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69a12e6a2c6dff14902de0fec7a22b138a389be30d22265fa1f3c629373c295e

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ZdfV2hyb4.f3iYT1bTpwGYnAcDBeMBIJ
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 19:53:05 GMT
server: AmazonS3
age: 57430
etag: W/"297f27393505134e72a57f78a067e26d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
date: Tue, 04 May 2021 00:56:19 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: rqst8qI6l2NSG-BAoMvIaLgPzveFs4k3MESOGzo4xoAscOscUTTtmg==

GET
H2

200

/ Show response
4788165.fls.doubleclick.net/ddm/fls/r/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref... Frame 8FEB
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref...
https://4788165.fls.doubleclick.net/ddm/fls/r/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.61...

344 B
494 B

48ms
45ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4788165.fls.doubleclick.net/ddm/fls/r/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref=https://go.proofpoint.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref=https://go.proofpoint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

34409902b3e73e47e9ad8984395412df7ead31c257f60ea31799bb7ca520adbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4788165.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref=https://go.proofpoint.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 May 2021 16:52:40 GMT
expires: Tue, 04 May 2021 16:52:40 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 282
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-May-2021 17:07:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 May 2021 16:52:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://4788165.fls.doubleclick.net/ddm/fls/r/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref=https://go.proofpoint.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK cc76edec-840a-4c04-8712-8e78054d1476 Show response
https://go.proofpoint.com/ 0
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://go.proofpoint.com/cc76edec-840a-4c04-8712-8e78054d1476
Requested by: Host: visitor.reactful.com
URL: https://visitor.reactful.com/dist/main.rtfl.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
H/1.1

200
OK

T47Y2VPPABDUBJXFROMZZM.js Show response
s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/
Redirect Chain

https://d.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay...
https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js

4 KB
2 KB

11ms
11ms

Script
text/javascript

2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59c23ac6c266273e5b45d6f10da69ca3972d7a4279b64546d4ada35b4842a15c

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: jLathBvvWU99jubGg02eZL7.3aSwuXHA
Content-Encoding: gzip
ETag: "3ad15e3e664de53f1e10634968eb55b2"
x-amz-request-id: DD865006F09DA12B
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1592
x-amz-id-2: 1SkDqB4R7B7Wr/8PcV7SONoTZEwCrTChFiKMdETp+TWXq4WeSGVmM17uOJYDWmfvHKaktCAUyyA=
Last-Modified: Wed, 09 Dec 2020 00:07:47 GMT
Server: AmazonS3
Date: Tue, 04 May 2021 16:52:40 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *
date: Tue, 04 May 2021 16:52:40 GMT
x-segment-eid: T47Y2VPPABDUBJXFROMZZM
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: Visitors to Unsegmented Pages
x-pixel-eid: YV5KYXXEJZATZCT37YRTMK
x-segment-name: *
x-advertisable-eid: 7YJ7XZCLMRHSVCXIHB5HIT
content-length: 0
x-conversion-currency

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 8FEB 43 B
506 B 120ms
55ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1442966&mt_adid=226348&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&ord=1807084507
Requested by: Host: 4788165.fls.doubleclick.net
URL: https://4788165.fls.doubleclick.net/ddm/fls/r/dc_pre=CIy9t7--sPACFRqH_QcdjuEMPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4394118600748.6133;~oref=https://go.proofpoint.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3709 11aaa92 master cdg-pixel-x26 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://4788165.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:52:40 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 16:53:53 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d.adroll.com
URL: https://d.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&pv=38840537829.3559&cookie=&adroll_s_ref=&keyw=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: LOwGrmhOWvkEuKUX+01wDscRpMvXxx7zm7WK4JSVEBgyFssZOo5f0Rr5UUBo7QsiIfgxRth9HpRXK6aiQilYvw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 04 May 2021 16:52:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 19 KB
5 KB 7ms
6ms Script
text/javascript 2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&pv=38840537829.3559&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9dd037a7fd28df8282c6687fa301fe0e6fef5f4ccdf872c71573e6af8ad343c8

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hSGQ1xvl4eErzAvbBgn0wvwTzLufQp0i
Content-Encoding: gzip
ETag: "eaeff5155d568d8938e28076617b9413"
x-amz-request-id: V17FN8HDZKEWR97V
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4886
x-amz-id-2: qsBYnicFikhRxDkf3VrWFZP//2w4tDcVLQMPA1iRzyba8IjXCzgANv2s4F0+d6U7PhTUIx7kkWI=
Last-Modified: Mon, 03 May 2021 20:38:40 GMT
Server: AmazonS3
Date: Tue, 04 May 2021 16:52:40 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertis...
https://pixel.advertising.com/ups/55980/sync?uid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
125 B

216ms
132ms

Image
text/plain

52.28.254.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-254-214.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:40 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55980/sync?uid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 167
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advert...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&expiration=1651683160
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&expiration=1651683160&C=1

43 B
1 KB

46ms
46ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&expiration=1651683160&C=1
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 16:52:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 16:52:40 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 16:52:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&expiration=1651683160&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Tue, 04 May 2021 16:52:40 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisab...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&expires=365

0
239 B

136ms
33ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&expires=365
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&expires=365
pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&adv...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&rdrctExp=true

0
477 B

112ms
111ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&rdrctExp=true
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:52:41 GMT
Cache-Control: no-cache
X-TraceId: 14b79ff24bcbdee58fa15f874678ec3f
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&rdrctExp=true
Date: Tue, 04 May 2021 16:52:41 GMT
X-TraceId: a0aa73ea42a003b7d92862ff10d9144f
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&adv...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
807 B

177ms
43ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:52:40 GMT
X-lat: lhrpug002:0:1161
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 220
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisab...
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
444 B

32ms
6ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:40 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&adve...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY

0
218 B

117ms
37ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.95:10213
date: Tue, 04 May 2021 16:52:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 18053

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY
pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&a...
https://eb2.3lift.com/xuid?mid=4714&xuid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

43ms
35ms

Image
image/gif

18.196.184.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.184.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-184-242.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date: Tue, 04 May 2021 16:52:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisab...
https://x.bidswitch.net/sync?dsp_id=44&user_id=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY

43 B
344 B

51ms
51ms

Image
image/gif

3.64.28.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.28.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-28-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY
date: Tue, 04 May 2021 16:52:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisab...
https://ib.adnxs.com/setuid?entity=172&code=NzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY

43 B
1 KB

53ms
45ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 16:52:40 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.148:80
AN-X-Request-Uuid: 3abdb938-8721-4592-aacf-163844780064
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 16:52:40 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid: 552d41cc-8125-4a0b-96cd-3e9ab500ec8c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzYzYTljYTUyMzVjNDdjZjI3YmEwMjg0NDI5YTQ4YjY
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 94ms
91ms Image
image/gif 54.78.31.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.31.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-31-47.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:40 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.18.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisab...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=763a9ca5235c47cf27ba0284429a48b6
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=763a9ca5235c47cf27ba0284429a48b6

43 B
180 B

54ms
45ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=763a9ca5235c47cf27ba0284429a48b6
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=763a9ca5235c47cf27ba0284429a48b6
date: Tue, 04 May 2021 16:52:40 GMT
via: 1.1 google
server: OXGW/16.206.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=c495910805aab7807d696b7d4d85f76c-1620147160501&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&xid_ch=f&advertisab...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=djqcpSNcR88nugKEQppItg
https://d.adroll.com/cm/g/in

42 B
535 B

53ms
52ms

Image
image/gif

54.78.31.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.31.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-31-47.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 16:52:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 389545881899618 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/389545881899618?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f48aaf841af7fb16c3359611bebccf6c25a9daa9556d107b1231f57399fab38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74060
x-xss-protection: 0
pragma: private
x-fb-debug: m/iOjy/hxzsvpSajeJEPLYmhAOfJ4RyGLQ4YxppWFzhhaEo3nwZAHSyKLG5fhiuNEXJzsO7hdRf/w/lCpRuiKg==
date: Tue, 04 May 2021 16:52:40 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 stylesheet_f79029b2cb.v2.css
scripts.demandbase.com/shared/ 27 KB
4 KB 44ms
39ms Stylesheet
text/css 143.204.202.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/shared/stylesheet_f79029b2cb.v2.css
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/shared/forms_f79029b2cb.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-113.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa176af3695a7e918096d7d71a501167980482180f48dc0e4515855901b42969

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: csDn.NNS9VGplSm_6jcpT8H1jYl4C4Qr
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 19:53:05 GMT
server: AmazonS3
age: 76617
etag: W/"178916ae2031afd4e0b75797aa965718"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
date: Tue, 04 May 2021 06:43:47 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: MxsCu2_VRblcOd_1jV67yD0xbUNebg94WEDwvSOZavVE5BPVU_Ej4w==

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=389545881899618&ev=PageView&dl=https%3A%2F%2Fgo.proofpoint.com%2FProofpointSpotlightUSAMay18.html%3Frbn%3Dwebsite&rl=&if=false&ts=1620147160752&cd[segment_eid]=T47Y2VPPABDUBJXFROMZZM&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=29&fbp=fb.1.1620147160749.1359616860&it=1620147160618&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=l1&rqm=GET

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/ProofpointSpotlightUSAMay18.html?rbn=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.proofpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 04 May 2021 16:52:40 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 79AC 3 KB
1 KB 76ms
75ms Document
text/html 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1620147300000/5dfsgn7m2kst.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4d63447718d9709833a01ac215139cf374cee06d8fb4c56c4e2432148bd526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.proofpoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.proofpoint.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 30 Apr 2021 17:13:10 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: .FruPus.j6Mb8BtwWkn5EpyPCwkpR9Qb
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 04 May 2021 16:52:41 GMT
cache-control: no-cache
etag: W/"10f01789bab6a8b90df5804c7d1ac44b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: evk_Fc-HGqiZhH567YF9Zy5620iSHieVSxIuhYgsoFsfON_63cP3zA==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame FA71 3 KB
1 KB 159ms
159ms Document
text/html 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1620147300000/5dfsgn7m2kst.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4d63447718d9709833a01ac215139cf374cee06d8fb4c56c4e2432148bd526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.proofpoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.proofpoint.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 30 Apr 2021 17:13:10 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: .FruPus.j6Mb8BtwWkn5EpyPCwkpR9Qb
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 04 May 2021 16:52:41 GMT
cache-control: no-cache
etag: W/"10f01789bab6a8b90df5804c7d1ac44b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: uJEabg0vzZ_gvxxk-PMN48HI3jRQn5K98kiFt2eI8SAbcZPyCNBuxQ==

GET
H2 200 runtime~main.a5da2889.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 5 KB
3 KB 45ms
41ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2ff0301ee0a7740af6130069310f3dadd270e5f6a16acb16ca207ceb01fd6bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:09 GMT
content-encoding: gzip
age: 344372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 15:32:29 GMT
server: nginx
etag: W/"4460461f7d668443bb75b9e21eccbb20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AzElQChK.C9ueABB8DVcDrSQEOa78vQK
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XhKECqXjng8T-Ut5WVW6ggU0RqW6CIdupYjpIaLcIKdYbwfMPLgiAQ==

GET
H2 200 39.00daf76c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 40 KB
12 KB 45ms
41ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d3528e4a656c1898832bd0aadf4b7493a6dab833bcf77de82220134cff487105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:49:13 GMT
content-encoding: gzip
age: 662608
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"6899bddb0243691ddc6399866847b6f4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pQPjI5lQAXUmoIh3KnIJ_HEoAO12ALHT
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lrAF9hmEAGRNXXPTeRpi63QHVz6wiAgVHnLhmnE9bPUzpfGDaAuLLA==

GET
H2 200 24.51b9fb55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 42 KB
12 KB 45ms
41ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.51b9fb55.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d411775260d8563a58272ca5581260d0594ff8377e4820e885eac1ffcba4d858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 03:42:17 GMT
content-encoding: gzip
age: 2553023
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 20:09:57 GMT
server: nginx
etag: W/"cef2e36f386b30af63a3565f56cb570c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fJJmWXw6pmVMqaO3Knj3l48dBqKlRaFo
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IoQ5TLWmkcirrVUUj3yrz6ViP6IiwGWrPCXdWgPlsjGiWHRsTgosjQ==

GET
H2 200 19.afca98a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 70 KB
21 KB 45ms
42ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.afca98a9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9aff01bc783d8594a56120806445b231bf83e9cabd5b293a7ccfa61826a1edd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"de8e76f9e682100165e9ef4b0640a064"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y3HP_ATSoqjmnuaTWV_4JHbjLc6op0_8
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BQR4PG0o9uQur4-ebEF8GIRQxxzx7q7tB9EaO5wi933xi-K-lck0zA==

GET
H2 200 31.66558c5d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 48 KB
15 KB 45ms
42ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/31.66558c5d.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ecaef097a49429f00f55336367b45e898f27c6e85801c55cebb6e2f25ad8742e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"93e71078f48622110fd00fcfb723530b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cH5FvrQDgYk7DLHbCMiEeTj0prpfEvxI
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JseA4JjWz0WwJ6MGSTPbXNKlVgGNAF7br3jmNcUzEtnhQlRwCMcyqw==

GET
H2 200 18.afae54c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 29 KB
8 KB 60ms
57ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.afae54c8.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e7657b3001a9523fb81152df7eb790ac0e7c7a163d06c31c5052b6e1b25ca77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"aa46b8d2411ca710860501cb70b87aa6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RsEAITRzirmwXWJLuxexiqSCME3tTtns
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: REt7uuwiotA8lpuAkfiVB0OzSthV77mYgn_z2yCAOBZ3u8-HNpvLBg==

GET
H2 200 20.b1014b02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 39 KB
10 KB 60ms
57ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.b1014b02.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4f4ab87946162884af2a2fc74e126b9ac2f3e6553212104d1938528bd3dc1d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"c8172651926eb7a7f4a4f3cb5e513f9c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: N9S.PkVsS9nYjNVu8bkXjETwWPfdkyvR
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eaRX2hAsGMrySZd6lz3qD7JSbZCUWGYWbcUK0QzZ9XWVaAKuvxdBOw==

GET
H2 200 36.9240267e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 52 KB
18 KB 60ms
58ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.9240267e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e01a31d1eb9be759017e7eb1cca7a856cdb6c73fd2495a3cae6fe24e15f3fef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 12:31:40 GMT
content-encoding: gzip
age: 447661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"c0367e53a004313148d8c4e96e76faaf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: i6FrqbOMhZ5a.NcIaHdSzvAtDGM.FWJ6
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tQIjU4PbI_v0tC27YRsewP9-zKeZCEStzJBjCohTStiBjSVODrrktw==

GET
H2 200 34.e9aa1a63.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 24 KB
10 KB 60ms
58ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.e9aa1a63.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4b96fcdb0d9e90f7527b30c33c4259e8a83595f0cf73d7224df7b6e362c82af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"a0fa2d7dab28f390fc90a7d949fd9d59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: YeiYnXlVo6GUITSvlNArUhftM0sCm5vP
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S6EbYWd1_aS1iFNhqG36vzaialvrAs5vpYDhyKaxrsrZN3SqOEsYZg==

GET
H2 200 14.b0278960.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 60 KB
21 KB 60ms
58ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.b0278960.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d75c1823f06b25faffc4d8177e4fbad465186322ee07a862adabf1de9f6606ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:10 GMT
server: nginx
etag: W/"f0ce14b295202c78f02177e314fdf340"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XvmmE.MlaEpf2uz.SJHuSFnPeHj97JvY
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZGlhdDNj6x6pKMoZf2c2DjR9Rh8_ZVVa39eo2Wc2bQdVSivhbtxa1A==

GET
H2 200 main~493df0b3.887432a6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 21 KB
7 KB 74ms
71ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.887432a6.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6147eb27f1262940ab9b1b603aa7b36d1987a76bc949de41d39226c9da67cede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 352131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:08 GMT
server: nginx
etag: W/"7e5a855c4e633ca310134957c2d02a1a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sDQn.miQCFaK3JUeLZDso.H5Da1oIeD2
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FCbW4V5jygRi2hUyIdIs-suuAY59DzLTz-7O9h9TFUpmDcQYp13zag==

GET
H2 200 main~970f9218.11beae17.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 64 KB
17 KB 74ms
72ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.11beae17.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b824d2ca37d0850382ef9fc499ef7ddae7cb9ff5e0f4c0a5b0588e8bd1dfe4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 352131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:08 GMT
server: nginx
etag: W/"9d3ffe68f9bb92919f832f08879e24bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gE5VNl04OYo23MrDOJviZGhGRbQ38e9o
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4iXZSVEpaBrecQFNWukrJUWofAwJTuk4iwHECXqiybmm6Ka2Kp8qHA==

GET
H2 200 main~89e24786.26b7771a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 65 KB
18 KB 75ms
73ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.26b7771a.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bf0b536a769d3b2f41deba6a8f8f9886418682e9f05e5a9a6d4e8663a10355c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 352131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:08 GMT
server: nginx
etag: W/"fbcdcc7c1ab4f8778f28dedb2cc9444b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iNP_9UqPJakP38Q5kk71tY0yWlyddINE
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r1bWS8eoWkT7kih9o5K_vjHH2uJkR-ZxAR71HckLm4WkMNx0Ga3tDQ==

GET
H2 200 main~53ca99a6.d7b36ecc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 30 KB
10 KB 76ms
75ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.d7b36ecc.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f72460c23395dda305f27ef54e3980e8bc69c000f0ff87097492aab1d26e839a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:09 GMT
content-encoding: gzip
age: 344372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 15:32:29 GMT
server: nginx
etag: W/"aa035304d4605df4fc1fe27e7fd67c51"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hUw4Gsjqk73_Ayw2J0AINGm5cxY1LOBn
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l2M06tXBPeCIGxd1VsE0_oGlUKsZwUxCTKtxQ376j575Q05m8fwBxg==

GET
H2 200 runtime~main.a5da2889.js Show response
js.driftt.com/core/assets/js/ Frame FA71 5 KB
3 KB 46ms
41ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2ff0301ee0a7740af6130069310f3dadd270e5f6a16acb16ca207ceb01fd6bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:09 GMT
content-encoding: gzip
age: 344372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 15:32:29 GMT
server: nginx
etag: W/"4460461f7d668443bb75b9e21eccbb20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AzElQChK.C9ueABB8DVcDrSQEOa78vQK
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9xvx8ia7ie0_ztYY_6EhMudny0pXEJGpwMS_PXh7zNKpb5BY8PLxeg==

GET
H2 200 39.00daf76c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 40 KB
12 KB 46ms
42ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d3528e4a656c1898832bd0aadf4b7493a6dab833bcf77de82220134cff487105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:49:13 GMT
content-encoding: gzip
age: 662608
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"6899bddb0243691ddc6399866847b6f4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pQPjI5lQAXUmoIh3KnIJ_HEoAO12ALHT
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wLl6k56NFgBzKGPOIC7b1jZBwy4baJKpEeo9_Eu8a2QXgDSmN7QAuQ==

GET
H2 200 24.51b9fb55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 42 KB
12 KB 46ms
42ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.51b9fb55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d411775260d8563a58272ca5581260d0594ff8377e4820e885eac1ffcba4d858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 03:42:17 GMT
content-encoding: gzip
age: 2553023
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 20:09:57 GMT
server: nginx
etag: W/"cef2e36f386b30af63a3565f56cb570c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fJJmWXw6pmVMqaO3Knj3l48dBqKlRaFo
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bZG_WoHR5dmligBXXUgstESummb250Q5nUyQfonemN394kbupOrUHg==

GET
H2 200 19.afca98a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 70 KB
21 KB 46ms
42ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.afca98a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9aff01bc783d8594a56120806445b231bf83e9cabd5b293a7ccfa61826a1edd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"de8e76f9e682100165e9ef4b0640a064"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y3HP_ATSoqjmnuaTWV_4JHbjLc6op0_8
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tf8lYwr6SWfa12FPn6oENDal_fOU6v1OKwtlu9MGZFZt99SAPDsDVw==

GET
H2 200 31.66558c5d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 48 KB
15 KB 46ms
42ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/31.66558c5d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ecaef097a49429f00f55336367b45e898f27c6e85801c55cebb6e2f25ad8742e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"93e71078f48622110fd00fcfb723530b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cH5FvrQDgYk7DLHbCMiEeTj0prpfEvxI
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pj81NIbjiCG7f6GVqnO-W41_5EoeNPeOaTkWiU_7vIkY-XbHviJ8kQ==

GET
H2 200 18.afae54c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 29 KB
8 KB 46ms
43ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.afae54c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e7657b3001a9523fb81152df7eb790ac0e7c7a163d06c31c5052b6e1b25ca77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"aa46b8d2411ca710860501cb70b87aa6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RsEAITRzirmwXWJLuxexiqSCME3tTtns
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lK-lxc5elUjjIzt-2-1g3TWCbvwxv4dMENzB963voYaRDQ7v-3V3nQ==

GET
H2 200 20.b1014b02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 39 KB
10 KB 46ms
43ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.b1014b02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4f4ab87946162884af2a2fc74e126b9ac2f3e6553212104d1938528bd3dc1d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"c8172651926eb7a7f4a4f3cb5e513f9c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: N9S.PkVsS9nYjNVu8bkXjETwWPfdkyvR
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QlM_YbuCl9Z5wj73CeNzIdt0xll3oyVBV9izZ9lUPAQSrRhOAggfRw==

GET
H2 200 36.9240267e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 52 KB
18 KB 46ms
43ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.9240267e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e01a31d1eb9be759017e7eb1cca7a856cdb6c73fd2495a3cae6fe24e15f3fef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 12:31:40 GMT
content-encoding: gzip
age: 447661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"c0367e53a004313148d8c4e96e76faaf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: i6FrqbOMhZ5a.NcIaHdSzvAtDGM.FWJ6
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9X2ly_lV6sZe5ZKdStfpfB1cQlNirhAUEPzJVmKaiSCQWqvez_7uHw==

GET
H2 200 34.e9aa1a63.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 24 KB
10 KB 46ms
44ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.e9aa1a63.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4b96fcdb0d9e90f7527b30c33c4259e8a83595f0cf73d7224df7b6e362c82af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"a0fa2d7dab28f390fc90a7d949fd9d59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: YeiYnXlVo6GUITSvlNArUhftM0sCm5vP
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vFr1n9s8TpEIfKytlu_72wdYzzBRq4yPP-jBQkFNBbEV8cL31NWX2A==

GET
H2 200 14.b0278960.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 60 KB
21 KB 45ms
43ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.b0278960.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d75c1823f06b25faffc4d8177e4fbad465186322ee07a862adabf1de9f6606ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:10 GMT
server: nginx
etag: W/"f0ce14b295202c78f02177e314fdf340"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XvmmE.MlaEpf2uz.SJHuSFnPeHj97JvY
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TtwK4iYoFgPF0mAxdQcy_22wQOBaXWKTxaHfmkiVh8JpLDIBSRsH6g==

GET
H2 200 main~493df0b3.887432a6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 21 KB
7 KB 63ms
61ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.887432a6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6147eb27f1262940ab9b1b603aa7b36d1987a76bc949de41d39226c9da67cede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 352131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:08 GMT
server: nginx
etag: W/"7e5a855c4e633ca310134957c2d02a1a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sDQn.miQCFaK3JUeLZDso.H5Da1oIeD2
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kdu8KFRUvfeHIeGgvALIM5LGq6Ou6-RNKF4YDfjs_CvQRZfMZ1VO_w==

GET
H2 200 main~970f9218.11beae17.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 64 KB
17 KB 63ms
62ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.11beae17.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b824d2ca37d0850382ef9fc499ef7ddae7cb9ff5e0f4c0a5b0588e8bd1dfe4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 352131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:08 GMT
server: nginx
etag: W/"9d3ffe68f9bb92919f832f08879e24bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gE5VNl04OYo23MrDOJviZGhGRbQ38e9o
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v_A2Qrk9kBuybvsmY19h8TLYvDEqh7gPKnhAnbvSNodirkzT44QV-Q==

GET
H2 200 main~89e24786.26b7771a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 65 KB
18 KB 64ms
63ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.26b7771a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bf0b536a769d3b2f41deba6a8f8f9886418682e9f05e5a9a6d4e8663a10355c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 352131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:08 GMT
server: nginx
etag: W/"fbcdcc7c1ab4f8778f28dedb2cc9444b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iNP_9UqPJakP38Q5kk71tY0yWlyddINE
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -zByf3R5OUg_pFaCpueo-GM1YfbqINqcV2zuUHDd2Vad3uj3z7Aebg==

GET
H2 200 main~53ca99a6.d7b36ecc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 30 KB
10 KB 64ms
63ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.d7b36ecc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f72460c23395dda305f27ef54e3980e8bc69c000f0ff87097492aab1d26e839a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:09 GMT
content-encoding: gzip
age: 344372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 15:32:29 GMT
server: nginx
etag: W/"aa035304d4605df4fc1fe27e7fd67c51"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hUw4Gsjqk73_Ayw2J0AINGm5cxY1LOBn
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YRc-bLWobr5BPbJKgBRfhK0rHqay9PwviGJj6sYN8hFxgXDgiGfBeA==

GET
H2 200 37.1524c45f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 6 KB
3 KB 40ms
36ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.1524c45f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

09698cbca28bc2f3d73d1f57ac823d2c707082442b068badf5fdd774f3d9b1b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 09:40:22 GMT
content-encoding: gzip
age: 457939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"7f201e07ac5ddc749c01b70d37a9493d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PgTe9Vs0q7ftdNh5AeByF2xy4Cf0DXwl
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1J1jD8VrygSR6GznJQpCJNxVgCaC8-lvmDYhzX9uuloFAX2_IPjzEQ==

GET
H2 200 35.cfdb5c47.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 107 KB
34 KB 40ms
37ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.cfdb5c47.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

84481c66973dbcfaad9597e7109d4f2039bcddd5c734429bff4174fdcde5a0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 09:40:22 GMT
content-encoding: gzip
age: 457939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"c32754b3254617ea5f88500d61f4bbe8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fc_g.7YiGZPDN9.T0qtjUXORfLw1QpXW
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UBBarWG3WJWFaxR2by2V9sGh2jMW2Z2dXp5ochLNXEF9VY5pYl5wxw==

GET
H2 200 28.e0c4d629.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 27 KB
9 KB 40ms
38ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.e0c4d629.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

972c94e24cd810cd05f2a2b3510f400edeb373d5a8355089d43ef3e4f650886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"3802732ea37a219e3ac3b567476c8533"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iU8UwuO7fkHHrR294dEV_E0hCv_RzwjJ
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nPtuajfQ3FWg2jMLgZIYJhC5MSXTYioobJ1Wt9aRegucPxi9nkJmyQ==

GET
H2 200 32.71167ac0.chunk.css
js.driftt.com/core/assets/css/ Frame 79AC 1 KB
1 KB 38ms
38ms Stylesheet
text/css 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.71167ac0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:08 GMT
server: nginx
etag: W/"7362dc7cbde5becc44253ec6d0061465"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DZvba4KR5xrPx4nMdtAa3vElmrzSYCNc
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: irA9-dyQ-ooFRMblgxgvBd4z74OwHMryO_32kwF27gKBpx26_cDtvQ==

GET
H2 200 32.1443b30a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 5 KB
2 KB 38ms
38ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.1443b30a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da5be0996d98c4143d3ff55682a814a3fd0addefb010e90b9018533307569d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"8c489b40cbb0789d4be7c4a2d19e7ed7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9szKmtmHj777DJWtoyr9sC1oTQvGWDAo
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iXtGdifLkrHfP27vGrTWxOhAaxxCdK8YurD6M5f3zwT3DjvvcSf2CA==

GET
H2 200 37.1524c45f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 6 KB
3 KB 39ms
38ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.1524c45f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

09698cbca28bc2f3d73d1f57ac823d2c707082442b068badf5fdd774f3d9b1b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 09:40:22 GMT
content-encoding: gzip
age: 457939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"7f201e07ac5ddc749c01b70d37a9493d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PgTe9Vs0q7ftdNh5AeByF2xy4Cf0DXwl
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q-Yo1C7CdKnd7kEuMy_nsx2KjTK7ZTpjPUCo8oNKukjqFhxzXQLGJA==

GET
H2 200 35.cfdb5c47.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 107 KB
34 KB 39ms
38ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.cfdb5c47.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

84481c66973dbcfaad9597e7109d4f2039bcddd5c734429bff4174fdcde5a0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 09:40:22 GMT
content-encoding: gzip
age: 457939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"c32754b3254617ea5f88500d61f4bbe8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fc_g.7YiGZPDN9.T0qtjUXORfLw1QpXW
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2h1cH6cWbtYUf648fVgKn--PTfOJTorBmR2-BEvRixap9jpZ6FbrvA==

GET
H2 200 28.e0c4d629.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 27 KB
9 KB 39ms
39ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.e0c4d629.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

972c94e24cd810cd05f2a2b3510f400edeb373d5a8355089d43ef3e4f650886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"3802732ea37a219e3ac3b567476c8533"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iU8UwuO7fkHHrR294dEV_E0hCv_RzwjJ
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tTUk0l8d35cbIgnA6Y49wPyHMb9HDUk3GMAxZS1JTB-SHE6VySOuiw==

GET
H2 200 32.71167ac0.chunk.css
js.driftt.com/core/assets/css/ Frame FA71 1 KB
1 KB 47ms
47ms Stylesheet
text/css 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.71167ac0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:08 GMT
server: nginx
etag: W/"7362dc7cbde5becc44253ec6d0061465"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DZvba4KR5xrPx4nMdtAa3vElmrzSYCNc
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MsA8xnGQLPWEBDSfSsoWZzLweoEdgh675SJe61GXkXTsPAsitVRkQw==

GET
H2 200 32.1443b30a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 5 KB
2 KB 47ms
46ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.1443b30a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da5be0996d98c4143d3ff55682a814a3fd0addefb010e90b9018533307569d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"8c489b40cbb0789d4be7c4a2d19e7ed7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9szKmtmHj777DJWtoyr9sC1oTQvGWDAo
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ixIMt1XXibnxkRglxNsHJNcFIS3y-ngGWWM6CMRGCRHCJHL0zZaBCA==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 17 KB
6 KB 40ms
27ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 03:42:19 GMT
content-encoding: gzip
age: 2553022
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 20:09:56 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bvebDL1.Un.JguoiHPya83IoDVEFSMX_
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gQJkYN1EKP_vqtfqmhprMte4kItx1uV7h_0WMFHmU7KCplVX0FhyhA==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 68 KB
20 KB 61ms
46ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 03:42:19 GMT
content-encoding: gzip
age: 2553022
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 20:09:56 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KvAdLkzmP1SsvzM2DTGFxj7fEse2FnUv
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nM9BiXWLzLiikQB7anbFyArPJSFFD5QmNvOOp6viXUvgFKR38_VwIA==

GET
H2 200 29.b06f0d40.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 41 KB
12 KB 62ms
51ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.b06f0d40.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ab80dc8754fc12f26b3cc534416c13d7b67f5d4f04920a51751cff3ea93337b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"48c3cbd35a44b12a55e9ba457118d915"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: uGOBuPXZl8ZcxTHDOgVh5Jxo7h0r05R8
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T5xBGMoeffEbWMefxvcMEz9Ulm4hsdQfYHe4P0gxJUOnSP0-qw3GhA==

GET
H2 200 2.939f0edf.chunk.css
js.driftt.com/core/assets/css/ Frame 79AC 2 KB
1 KB 49ms
46ms Stylesheet
text/css 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.939f0edf.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

62b33c7813e7ad094f92e3917fa81aff0546a584602763b43ce4bcd4ea7b46c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 20:57:30 GMT
content-encoding: gzip
age: 1886111
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Apr 2021 20:26:11 GMT
server: nginx
etag: W/"49bde0a5fadb142d912e44161f3d4f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p2qzrGMMOVmOLdOpPjnIg0_GlZv9CXZr
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fRGomh4AMHHPDV02K6cYe-cQgcMbkJ3jb5iHSHxDQiw9MIjgDwsCsw==

GET
H2 200 2.4cd53141.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 33 KB
11 KB 53ms
51ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.4cd53141.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7b9be083609cdb03285eae8d967c4b7f0c91f9056049335e5fd5aa26b6afa0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:09 GMT
content-encoding: gzip
age: 344372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 15:32:27 GMT
server: nginx
etag: W/"ac28ebd37a2821d11d55291ec77f7893"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Nq.bZfZwqxc3pr2BF44uerpZjwt2F_Ei
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5UV5bOZ3KdYghmVk2oIS86gBa43yb0KydnffAjtN8atIDFlzZCTNEw==

GET
H2 200 27.02e62d23.chunk.css
js.driftt.com/core/assets/css/ Frame 79AC 8 KB
2 KB 48ms
47ms Stylesheet
text/css 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.02e62d23.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

475dbccf84ca50f8d13df95ef5a85c58198fd65fefa481850453de7feb2d4bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:08 GMT
server: nginx
etag: W/"4a7ea3158114815c3ce4a439e64bb20f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mQrumdy7biVwQR1YnMnJxX26TKzC8eK0
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r6pFEQjlD30Kbr7MWHtD2bmcyazEQkDoN24lRl0dxdHqYQbGtFQYZw==

GET
H2 200 27.b97642a7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 79AC 64 KB
18 KB 37ms
36ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.b97642a7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9062e8f330834ebd0beec454ca50a7256f2438b8d9480aaa3a586f591a61fac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=5dfsgn7m2kst&forceShow=false&skipCampaigns=false&sessionId=bbb5f086-a18e-4f29-96fe-92ca460db3ce&sessionStarted=1620147161&campaignRefreshToken=36dd48dd-f2e6-45df-b30e-aec1e7a02dbc&hideController=false&pageLoadStartTime=1620147158096&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 352131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:06 GMT
server: nginx
etag: W/"5dd8c58fe0a1dfe65411d76dce2adf06"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6msneJ_UwCCT_TUaFRU0D2QbeH_POHar
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Xl9ZkCMCmG6nDO8Mdk0fS9n7R9cmyoI8pQ7PTCRThgb2fcUyxBmuZQ==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 17 KB
6 KB 44ms
44ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 03:42:19 GMT
content-encoding: gzip
age: 2553022
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 20:09:56 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bvebDL1.Un.JguoiHPya83IoDVEFSMX_
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p5R1DxfgHr1wvYzluW5taOfG18WtYtSEkdBp1oo_wGnKOdn5plTDcQ==

GET
H2 200 33.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame FA71 6 KB
1 KB 45ms
44ms Stylesheet
text/css 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/33.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:08 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KGLpEbzDUJECLa.dPnGsWLXLQnFKU.qP
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uQ7A5CuS2kK3GWSdO8mD5z78s4NcFSXCsy0x5I2MKc37RlLo1cbnpQ==

GET
H2 200 33.94f6fafc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 2 KB
2 KB 45ms
45ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.94f6fafc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a530f18a3872bed929f7723682c3b1a67d302308741586dea8e73d756d85fb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 356319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"674f6cfb7acbf1f937711877f406db2a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hrxaGGmeYSGn4fq7yLkHzgC8VF8A.WkN
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 05TFR_3wB3qnLCEIlybrQhkntoHO3rubR3rEW8Xry5HHP0CvmD8jww==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 68 KB
20 KB 38ms
37ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 03:42:19 GMT
content-encoding: gzip
age: 2553022
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 02 Apr 2021 20:09:56 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KvAdLkzmP1SsvzM2DTGFxj7fEse2FnUv
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wiZIoY6Fe9lhtT3Ih0n6FrsHVYaOLDP7JpiZrMWnuOrakxojj93UIA==

GET
H2 200 7.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame FA71 7 KB
2 KB 39ms
38ms Stylesheet
text/css 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 356318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:09 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qRE432HVQ7Y1w.s9lcCBDT5jZX9YXsTD
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UGoYAvYJYBBFkfKQ3zHSrA-XCJ-BfhwixIy_KjI1rMZQtmTApXUkVA==

GET
H2 200 7.d2b06f0f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 38 KB
13 KB 39ms
38ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.d2b06f0f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a700f71fb1bb8fbba02eb3a6e70c73441e24337c4521bacc1c4e2b97d7b191a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 356318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:12 GMT
server: nginx
etag: W/"d22fa8dd9fdbdcdde74443bcd7a64fa3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xnIs15mgedQOb8VhFDNVv2E4rRhqKdBF
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bpYvAujpXC0Oo4yWy62yMPfWVdalFNm5L19s1XKGCUe55EUIubl0Mw==

GET
H2 200 4.83e6fbb0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 50 KB
14 KB 42ms
41ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.83e6fbb0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

773e03ac001d0d50aa313e801d59d2acb8e8740d969a218e004effc8f1334ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 20:57:30 GMT
content-encoding: gzip
age: 1886111
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Apr 2021 20:26:14 GMT
server: nginx
etag: W/"1055d5233f397035f9106d9c6067332c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VEA2c_RsciIuDC7GppXra6t044BndYBr
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nVTjEsrIlLwmLXiTX5ynWmcE3uECIZFCbuafkXcAB5On0lUaVERuGg==

GET
H2 200 2.939f0edf.chunk.css
js.driftt.com/core/assets/css/ Frame FA71 2 KB
1 KB 42ms
41ms Stylesheet
text/css 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.939f0edf.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

62b33c7813e7ad094f92e3917fa81aff0546a584602763b43ce4bcd4ea7b46c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 20:57:30 GMT
content-encoding: gzip
age: 1886111
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Apr 2021 20:26:11 GMT
server: nginx
etag: W/"49bde0a5fadb142d912e44161f3d4f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p2qzrGMMOVmOLdOpPjnIg0_GlZv9CXZr
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: seXpqnQ5_GGa6hfZi86NH3CqqBintPs9jU-dTLx6AQrLg8VC141q6Q==

GET
H2 200 2.4cd53141.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 33 KB
11 KB 42ms
41ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.4cd53141.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7b9be083609cdb03285eae8d967c4b7f0c91f9056049335e5fd5aa26b6afa0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:09 GMT
content-encoding: gzip
age: 344372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 15:32:27 GMT
server: nginx
etag: W/"ac28ebd37a2821d11d55291ec77f7893"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Nq.bZfZwqxc3pr2BF44uerpZjwt2F_Ei
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zKYZpaf2i3X1goqeq9-6F1ks1ml89O0Hd-YwaeVvFUDBSriurhHzQg==

GET
H2 200 8.be5de6bd.chunk.css
js.driftt.com/core/assets/css/ Frame FA71 11 KB
3 KB 42ms
41ms Stylesheet
text/css 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.be5de6bd.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c8adaf3188585a5b34f8888433375deca3246c299c1c10b46bc804641bd55ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 356318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:09 GMT
server: nginx
etag: W/"9dfbe8830427f45dc3297497130b7b2c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RfAWXJwSBOjm4EZfS4bYmkx2z25QfMeE
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -qx36WJiAt73Y4wF8YdAvxt9JZvKCNlIf3piwNSjTJkjZhA6UmQ_tg==

GET
H2 200 8.738583b1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 16 KB
6 KB 41ms
37ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.738583b1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8fa7e02441ac12b38e71dbcd72a60015e83a4b650962350fdce37bab18cf454f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 352131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:07 GMT
server: nginx
etag: W/"62635289f26869c6f433cf9c33b54daa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UZwpbspXWATVXRo4WR0hQ_JLQq68Izby
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YUmgdbvrQDCSnwiIn0WnTA6bp982I76hGr14X_AtBdqH6A6PB8TnwQ==

GET
H2 200 6.f255bf33.chunk.css
js.driftt.com/core/assets/css/ Frame FA71 6 KB
2 KB 43ms
39ms Stylesheet
text/css 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/6.f255bf33.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

067a3f3a6d50349a650f9df58b4c118f0ca0a2136ee24163742dea4625b85cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 356318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:09 GMT
server: nginx
etag: W/"8c7c720f617083d90026fa60c98b5a13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .0qSGYhTLsrPAYlXNyZpWRV8EvNOCuB_
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ulUEx6CAfumjduhZ5zc0QBygAyV3pdvVfDtIb8uAgsY0W_u8T9RHgA==

GET
H2 200 6.d3be9570.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 14 KB
6 KB 41ms
38ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/6.d3be9570.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

69b51ce5274738bb3e7a3462b821870ff6fdab7ed0181213356b7a789f3483ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 356318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:12 GMT
server: nginx
etag: W/"328a6e8dee518c8853e3eaecedf73870"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ojdv32iQx.BHoP1Fx6z2J_UkuDpcU40s
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SPGunlNnwjhkYph9AA0w87T-yiA_oeSd1LTIfZsTPAgg0G9KzBx2yQ==

GET
H2 200 3.0ea1fc6e.chunk.css
js.driftt.com/core/assets/css/ Frame FA71 34 KB
6 KB 43ms
40ms Stylesheet
text/css 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.0ea1fc6e.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

82a557180fc468bdfc051140172475ed640c424fd73a78f27211c8ce949b5134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 356318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:08 GMT
server: nginx
etag: W/"7c265a43e77a50dc1332a0ea224ce907"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a5_O7eOu8Ol.QJzqIQ_iJcSYdMoZvBIz
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8yRL-54_NcvKB-IN5apZtA8MgFlkGWNOc5tnZqIelmxVwfmhtR0BPw==

GET
H2 200 3.33a568c9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 65 KB
20 KB 42ms
38ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.33a568c9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

270212e65cb4c2ddde71885f54f0d8d1ef1e5812335c26d2f1fcf27effe61242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 352131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:06 GMT
server: nginx
etag: W/"1ab0515b02e3b79fe13ba04ed2ac5f9b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: D16jNdLsGrs9qi2_ALYJr.xBULX1QCmp
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Mns7Ye8MN0Nu_lRbhaCVSpYCjgmv2igsqcpolNUBUTc6ja7CtmTB1w==

GET
H2 200 5.f24fcd30.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 17 KB
7 KB 42ms
38ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.f24fcd30.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ef403c6c759d482925f23c6f42e164d0d615d0b0f6fde37d8aeaf92c63833e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 352131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:07 GMT
server: nginx
etag: W/"15ad3f8329820418cf516a77de765986"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cJhsqkwB0JAPsqWBG3GbHsQdiK_9lG8.
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N9amPoNCND48CtzaoYL7Xc4LkRp8u2eyU7I78P3M5-R-Wle3dxf-uw==

GET
H2 200 25.0f3076d4.chunk.css
js.driftt.com/core/assets/css/ Frame FA71 16 KB
3 KB 43ms
40ms Stylesheet
text/css 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.0f3076d4.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6a937cac6c1f73afedba2ff302d69c69560b9413ab327158718fd76bdc66a669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 356318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:08 GMT
server: nginx
etag: W/"d668c40d88e269f4226308e1d0dac5b2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NdcDF_vbGtotEEQVPrIyw1H7r8._J1KG
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MR1HwyOr7NfZP8qNd0M3ujmOYGTDtqU7ib9_-H9Jh7StnvOP55N2Tg==

GET
H2 200 25.1eac91ab.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 21 KB
7 KB 48ms
47ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.1eac91ab.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

302e1a06cf45cb9dc221eee6eb8a619a6af3820e7918f1e4bf50f091954526f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 352131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:06 GMT
server: nginx
etag: W/"c32d5afe0a9036a95fb759026e8c7dbc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: K9Kdej32FiwvEQIDR4Oa4gZqmCF5CwtR
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: R8LR5FHGbRccNO1P-H_5CtIfbdS2DGmT7EFCvc2FTqu6De6fez8xUQ==

OPTIONS
H/1.1 200
OK v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 476ms
116ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

HTTP/1.1

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 16:52:42 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftb0e290c4ab18323e821e5b993da
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 css
fonts.googleapis.com/ Frame 79AC 4 KB
739 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.4cd53141.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 16:35:24 GMT
server: ESF
date: Tue, 04 May 2021 16:52:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 16:52:41 GMT

POST
H/1.1 200
OK v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 79AC 25 B
697 B 127ms
126ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 16:52:42 GMT
server: istio-envoy
requestid: 7bcf5573db6ae300
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 5dfsgn7m2kst.json Show response
embeds.driftcdn.com/embeds/ Frame 79AC 68 KB
13 KB 460ms
383ms XHR
application/json 65.9.84.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/5dfsgn7m2kst.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0111a438baf0bb8365ab3fc981f4c0a6747533ccfe45bfbf17cba9d197581491

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:52:43 GMT
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 04 May 2021 16:09:22 GMT
server: AmazonS3
etag: W/"a570498a1744814747c9e31e12cc1c5b"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: GuvKv7wdGs9Jdi5kA6fYkUjOqZoBFMYz0nu-GKX8O-5-ZzEKsBv-Qw==

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 79AC 4 KB
2 KB 686ms
448ms XHR
application/json 18.215.11.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.215.11.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-11-20.compute-1.amazonaws.com

Software

Resource Hash

5079c386ea01b5b3bdb994f1ab91e4cc8cf03cb9eed0e905cd76759ba85509d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 04 May 2021 16:52:42 GMT
content-encoding: gzip
requestid: 55316043604765ce
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1858
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 5dfsgn7m2kst
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 352ms
115ms Preflight
text/plain 34.204.215.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/5dfsgn7m2kst

Protocol

Server

34.204.215.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-215-213.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 16:52:43 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: HEAD,GET,OPTIONS
requestid: drift0a98b574b36b459e80c95e14efb

GET
H2 200 5dfsgn7m2kst Show response
targeting.api.drift.com/hours/availability/combined/ Frame 79AC 60 B
504 B 137ms
137ms XHR
application/json 34.204.215.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/5dfsgn7m2kst

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.215.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-215-213.compute-1.amazonaws.com

Software

Resource Hash

65cbf46e6aafba33a4660d47ec7f28ac26419702887e7ce7a5b959f27d3113f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5NTM3MTY4MjI1IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTA5NjI1MCIsImV4cCI6MTY1MTY4MzE2MiwiaWF0IjoxNjIwMTQ3MTYyfQ.zDcTscbafDhU9glXzNzuTACqVsLkDUuOJ4GV1m02LPp_ehVy3Ob1FobU0ZAOML500RiSdxV_i4KCjYHcH6to6A

Response headers

date: Tue, 04 May 2021 16:52:43 GMT
requestid: cd80e344dfe2b4cc
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 60
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 track Show response
event.api.drift.com/ Frame 79AC 645 B
1 KB 117ms
116ms XHR
application/json 54.145.60.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.145.60.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-60-34.compute-1.amazonaws.com

Software

Resource Hash

db8eba89b3109eaced23894cc7999fbe233763ef37751f2d64efb4480ffcca6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5NTM3MTY4MjI1IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTA5NjI1MCIsImV4cCI6MTY1MTY4MzE2MiwiaWF0IjoxNjIwMTQ3MTYyfQ.zDcTscbafDhU9glXzNzuTACqVsLkDUuOJ4GV1m02LPp_ehVy3Ob1FobU0ZAOML500RiSdxV_i4KCjYHcH6to6A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 16:52:43 GMT
requestid: f86dc23a2d2ebb4d
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 645

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 350ms
117ms Preflight
text/plain 54.145.60.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

54.145.60.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-60-34.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 16:52:43 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: driftb5418ee43bb92b5a14448b1d444

GET
H2 200 44.a62fd4b8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FA71 17 KB
6 KB 41ms
40ms Script
application/javascript 65.9.84.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.a62fd4b8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

324d01ef7f0060b668eb74ff00816d2daedbe385bb4a9d83ffacd023a51464c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 12:31:42 GMT
content-encoding: gzip
age: 447661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"975a68568d054bd43cff65c64b196a99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GF2od9k.Rlz.mQ8IIJyUY3sxYlADtpc8
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o8zSN97LUUA5x7NB9hYewuF-pWTUQfl8n4SZLpqKq-pulwMexMENMg==

POST
H/1.1 200
OK bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 79AC 25 B
697 B 126ms
126ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5NTM3MTY4MjI1IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTA5NjI1MCIsImV4cCI6MTY1MTY4MzE2MiwiaWF0IjoxNjIwMTQ3MTYyfQ.zDcTscbafDhU9glXzNzuTACqVsLkDUuOJ4GV1m02LPp_ehVy3Ob1FobU0ZAOML500RiSdxV_i4KCjYHcH6to6A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 16:52:43 GMT
server: istio-envoy
requestid: f275730e5427641f
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H/1.1 200
OK bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 115ms
115ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

HTTP/1.1

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 16:52:43 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift24a133341268b0f45529262d564
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/12/ Frame D3C3 85 KB
31 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/12/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cac2b0eb4792338c47e5692a01b975e32fc979c6280ab87e971c349d3d5e1654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 17:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 21:57:52 GMT
server: sffe
age: 83026
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31684
x-xss-protection: 0
expires: Tue, 03 May 2022 17:48:59 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/12/ Frame D3C3 280 KB
86 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/12/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc79d142fe5b1b38a92d46689548d3047b703d5b00cebcf90f46a0d4ffcc3236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 10:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 21:57:52 GMT
server: sffe
age: 21536
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87544
x-xss-protection: 0
expires: Wed, 04 May 2022 10:53:49 GMT

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame D3C3 62 B
83 B 37ms
23ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%3Forigin%3Dmfe%26pb%3D!1m3!2m1!1sAtlanta%2C%2BGA!6i14&2sgoogle-maps-embed&callback=_xdc_._x7nhn7&client=google-maps-embed&token=125519

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/12/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

45993632d01b14267d96113417739d5cc2a768a0b8e72111b3dfcdb74d2c4d86

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:52:45 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=9
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 79AC 25 B
696 B 116ms
116ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5NTM3MTY4MjI1IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTA5NjI1MCIsImV4cCI6MTY1MTY4MzE2MiwiaWF0IjoxNjIwMTQ3MTYyfQ.zDcTscbafDhU9glXzNzuTACqVsLkDUuOJ4GV1m02LPp_ehVy3Ob1FobU0ZAOML500RiSdxV_i4KCjYHcH6to6A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 16:52:46 GMT
server: istio-envoy
requestid: 17e5d30707a155d5
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H/1.1 200
OK bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 116ms
116ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

HTTP/1.1

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 16:52:46 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift7e70d294b469d299a2349c50461
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nkimffhpgcdokjcjnffnpdajfbapllpk
URL: chrome-extension://nkimffhpgcdokjcjnffnpdajfbapllpk/packages/adobe-engage/injector.js

Domain: nkimffhpgcdokjcjnffnpdajfbapllpk
URL: chrome-extension://nkimffhpgcdokjcjnffnpdajfbapllpk/packages/adobe-engage/injector.js

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 03:24:03	Name: IDE Value: AHWqTUn4LlgQZVElUeudgqNDxhNPoLfwmhGAbciQzYKXnfYXvWrlu1fhr9W9CQTMFt4
.go.proofpoint.com/	1970-01-20 02:48:03	Name: __ar_v4 Value: %7C7YJ7XZCLMRHSVCXIHB5HIT%3A20210503%3A1%7CYV5KYXXEJZATZCT37YRTMK%3A20210503%3A1%7CT47Y2VPPABDUBJXFROMZZM%3A20210503%3A1
go.proofpoint.com/	1970-01-19 18:02:28	Name: drift_campaign_refresh Value: 36dd48dd-f2e6-45df-b30e-aec1e7a02dbc
.proofpoint.com/	1970-01-19 20:12:03	Name: _fbp Value: fb.1.1620147160749.1359616860
.go.proofpoint.com/	1970-01-20 02:48:24	Name: __adroll_fpc Value: c495910805aab7807d696b7d4d85f76c-1620147160501

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 309-RHV-619 [object Object]
console-api	log	URL: https://visitor.reactful.com/dist/main.rtfl.js(Line 39) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://visitor.reactful.com/dist/main.rtfl.js(Line 39) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	warning	URL: https://js.driftt.com/core/assets/js/24.51b9fb55.chunk.js(Line 1) Message: react-i18next:: You will need to pass in an i18next instance by using initReactI18next

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4788165.fls.doubleclick.net
ad.doubleclick.net
ads.avct.cloud
ads.avocet.io
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.company-target.com
bat.bing.com
bootstrap.api.drift.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
embeds.driftcdn.com
event.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
go.proofpoint.com
gwmtracking.com
ib.adnxs.com
id.rlcdn.com
js.driftt.com
maps.google.com
maps.googleapis.com
maps.gstatic.com
marketosandbox.perkuto.com
match.prod.bidr.io
metrics.api.drift.com
munchkin.marketo.net
nkimffhpgcdokjcjnffnpdajfbapllpk
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
scripts.demandbase.com
secure.chip2gift.com
segments.company-target.com
simage2.pubmatic.com
snap.licdn.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
tag.demandbase.com
targeting.api.drift.com
tracking.g2crowd.com
us-u.openx.net
use.fontawesome.com
visitor.reactful.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
nkimffhpgcdokjcjnffnpdajfbapllpk
104.17.71.206
104.17.73.206
108.174.10.14
141.226.228.48
142.250.185.98
143.204.202.113
172.217.16.134
172.217.23.102
18.196.184.242
18.215.11.20
184.30.20.207
185.33.220.240
185.64.190.80
2.18.234.21
216.200.122.11
23.111.9.35
23.79.155.18
2606:4700::6812:1abe
2606:4700::6812:bcf
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2013
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9d
2a02:26f0:6c00:2b0::25ea
2a02:26f0:6c00::210:bac8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.248.28.111
3.64.28.223
3.94.218.138
34.204.215.213
34.98.64.218
35.244.174.68
51.140.39.77
52.17.151.21
52.215.139.246
52.28.254.214
54.145.60.34
54.78.31.47
64.202.112.31
65.9.84.101
65.9.84.103
65.9.84.34
65.9.84.49
65.9.84.68
69.173.144.165
0111a438baf0bb8365ab3fc981f4c0a6747533ccfe45bfbf17cba9d197581491
014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55
067a3f3a6d50349a650f9df58b4c118f0ca0a2136ee24163742dea4625b85cff
09698cbca28bc2f3d73d1f57ac823d2c707082442b068badf5fdd774f3d9b1b5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
17ed3e1266678ae7eff9e1a8f632e6fba0c38e41bc2a268b4778615749f76939
1eb6fc1ae525969af80aeb115b54d6556b9724078553881220e9305b8ed5338c
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
270212e65cb4c2ddde71885f54f0d8d1ef1e5812335c26d2f1fcf27effe61242
2bf0b536a769d3b2f41deba6a8f8f9886418682e9f05e5a9a6d4e8663a10355c
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f48aaf841af7fb16c3359611bebccf6c25a9daa9556d107b1231f57399fab38
2ff0301ee0a7740af6130069310f3dadd270e5f6a16acb16ca207ceb01fd6bbf
302e1a06cf45cb9dc221eee6eb8a619a6af3820e7918f1e4bf50f091954526f5
3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299
3200b4fbd5f5164830fb4d1918ca1e080c7c24604f90e05a6e95e3a4d4305963
324d01ef7f0060b668eb74ff00816d2daedbe385bb4a9d83ffacd023a51464c3
34409902b3e73e47e9ad8984395412df7ead31c257f60ea31799bb7ca520adbc
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
42141c48114a0d1c1829ba7d25c2b84a638b6dcab36c2c9f0c87eb6fa31ce846
45993632d01b14267d96113417739d5cc2a768a0b8e72111b3dfcdb74d2c4d86
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
475dbccf84ca50f8d13df95ef5a85c58198fd65fefa481850453de7feb2d4bb2
47929c9d389eee6f5311da414440b4b4ce37a82ee99507b0a0226b9e367b5610
499b83f5ba2db52fa89064af164f8d5db6be509c3941160c50e8625456b8456f
4af78aebdb1034e8312d2de4acafa9fc9c479a8f772a7e6c13323c77791906fa
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b96fcdb0d9e90f7527b30c33c4259e8a83595f0cf73d7224df7b6e362c82af6
4c858ea92bdc30e89d30d477c30228c47b19648e1539829bb2303a176f0c23dd
4d71e28edcd31a762462d68b69b58c84965188c5f19c64f9d55fe0520e33985d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4ab87946162884af2a2fc74e126b9ac2f3e6553212104d1938528bd3dc1d0e
5079c386ea01b5b3bdb994f1ab91e4cc8cf03cb9eed0e905cd76759ba85509d1
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
577a7a6a9078e03b81bcae9bcb1eb6ba2304bd732b5955e671dd9025c6b8449d
59c23ac6c266273e5b45d6f10da69ca3972d7a4279b64546d4ada35b4842a15c
5a6cc7e12feb9f0869e8791d856881c0fd16808aa3667108cc95e82815c64283
5ac5cc7747c4fa7fc591a26f85aa3591487f97f197b6f11d98b0ae56d732255f
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5fb88804addcda4fed8c6c37ab3e4b88914953e0d8e84522f89aaa42bb6d8512
6147eb27f1262940ab9b1b603aa7b36d1987a76bc949de41d39226c9da67cede
6272558b271ac14aacde204e353eee48b68ce319aabda94af246b5961454ef0c
62b33c7813e7ad094f92e3917fa81aff0546a584602763b43ce4bcd4ea7b46c8
65cbf46e6aafba33a4660d47ec7f28ac26419702887e7ce7a5b959f27d3113f3
65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276
66191e0a76c6a1ba662a7bb3e79c7322679fa561af89b314875cb48d91efa837
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
696498ba7fb224613064950cbf0148619f6642b53413a8f6331f06af3e563a84
69a12e6a2c6dff14902de0fec7a22b138a389be30d22265fa1f3c629373c295e
69b51ce5274738bb3e7a3462b821870ff6fdab7ed0181213356b7a789f3483ad
6a937cac6c1f73afedba2ff302d69c69560b9413ab327158718fd76bdc66a669
733ad44ac0b3537aec23cb9b9c58eceb309d248e4abd6a2d29a3b80041ef2d99
7727a4fef2ddbee57d52cac6cb2540ba5fbdcabd1153a9c687f02aab7f0f1151
773e03ac001d0d50aa313e801d59d2acb8e8740d969a218e004effc8f1334ef0
78fbb3a5eec2541f75ac4d79c190197f4e337da8777f95e17a4a0ed82ea58629
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7a7e8d84d263b5f05aa764301b122fd8dd05502fca1780d3221b6c25c5366540
7b9be083609cdb03285eae8d967c4b7f0c91f9056049335e5fd5aa26b6afa0a8
7d93cd0568a91f3fbb68efa30b3b427cd5ea9d4f8e7258c3bf427c40b514016e
817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485
82a557180fc468bdfc051140172475ed640c424fd73a78f27211c8ce949b5134
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8359e6fed2018724161852086b6c83004e986b32769abe2f6305095070e8733a
84481c66973dbcfaad9597e7109d4f2039bcddd5c734429bff4174fdcde5a0da
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86674f896cf689eb89553d1aeb2dffc1ec46cdbe90b81a92c550c885a6adfddf
8e763678a9fdc93f37f0b7408c601c4805bc9bfda1a46aaaaa4ef7f11385d3ff
8fa7e02441ac12b38e71dbcd72a60015e83a4b650962350fdce37bab18cf454f
9062e8f330834ebd0beec454ca50a7256f2438b8d9480aaa3a586f591a61fac9
972c94e24cd810cd05f2a2b3510f400edeb373d5a8355089d43ef3e4f650886e
9aff01bc783d8594a56120806445b231bf83e9cabd5b293a7ccfa61826a1edd9
9dd037a7fd28df8282c6687fa301fe0e6fef5f4ccdf872c71573e6af8ad343c8
9e55d7b21adc270fe972578e66fec4f92b0197f830a2b7c80ea4367906b9a7a2
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a530f18a3872bed929f7723682c3b1a67d302308741586dea8e73d756d85fb61
a700f71fb1bb8fbba02eb3a6e70c73441e24337c4521bacc1c4e2b97d7b191a9
ab80dc8754fc12f26b3cc534416c13d7b67f5d4f04920a51751cff3ea93337b8
ac8bb459420d05ec5d483621ca0c1eb83bedc23ea18ba043c189e1b6de034d2d
ace7e96948ab77c3b1dcf9bcfe643c91c13ded6e29c157a8400370b8ad34724b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15e134e5ad9f78288e327cd6949340d3fa8677f3a5fa0ddcb71161eb4c9874c
b824d2ca37d0850382ef9fc499ef7ddae7cb9ff5e0f4c0a5b0588e8bd1dfe4a6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc388d54064ba7d414eb6d1a5df6d2127a33618c1d6f3397105a2607f467268e
c8adaf3188585a5b34f8888433375deca3246c299c1c10b46bc804641bd55ddd
cac2b0eb4792338c47e5692a01b975e32fc979c6280ab87e971c349d3d5e1654
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4d63447718d9709833a01ac215139cf374cee06d8fb4c56c4e2432148bd526
d3528e4a656c1898832bd0aadf4b7493a6dab833bcf77de82220134cff487105
d411775260d8563a58272ca5581260d0594ff8377e4820e885eac1ffcba4d858
d75c1823f06b25faffc4d8177e4fbad465186322ee07a862adabf1de9f6606ce
da5be0996d98c4143d3ff55682a814a3fd0addefb010e90b9018533307569d76
db8eba89b3109eaced23894cc7999fbe233763ef37751f2d64efb4480ffcca6f
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
dc79d142fe5b1b38a92d46689548d3047b703d5b00cebcf90f46a0d4ffcc3236
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e01a31d1eb9be759017e7eb1cca7a856cdb6c73fd2495a3cae6fe24e15f3fef9
e2e558d5dbb9122da5ed93b123e9cd536e6f58e63e6f7ff0e1d77d3c60ad744e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7657b3001a9523fb81152df7eb790ac0e7c7a163d06c31c5052b6e1b25ca77d
ec2d67f1a083ab6c32a767ec1d22343e3159f3ca499edf414090d243be26d070
ecaef097a49429f00f55336367b45e898f27c6e85801c55cebb6e2f25ad8742e
ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7
eea13a14471b3c97ddd80b839f689118744c11737bc5ef16be0345f015fff606
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
eec26d4d2fe376f3f299b7d86086deef12b8b0f2611bc7a8898df278825f782a
eefa13031c3011cb8bab679bd8f52195d5a3f8b6bf3e9a44df9d304bada034a0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef403c6c759d482925f23c6f42e164d0d615d0b0f6fde37d8aeaf92c63833e2d
f55b80216d81f421d8da8c69ae09068b1231e4b0fb6d3912eae8d147b5232d9c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f72460c23395dda305f27ef54e3980e8bc69c000f0ff87097492aab1d26e839a
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
fa176af3695a7e918096d7d71a501167980482180f48dc0e4515855901b42969
fe5f2a40422e9a55187b3204161cbce1ba1d03a2eb4fa971bd10451562fed99a

go.proofpoint.com Open in urlscan Pro 104.17.73.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

183 Requests

98 %HTTPS

40 %IPv6

45 Domains

62 Subdomains

52 IPs

6 Countries

2511 kBTransfer

6362 kBSize

5 Cookies

11 Outgoing links

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.proofpoint.com Open in urlscan Pro
104.17.73.206 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

98 %
HTTPS

40 %
IPv6

45
Domains

62
Subdomains

52
IPs

6
Countries

2511 kB
Transfer

6362 kB
Size

5
Cookies

183 HTTP transactions
0 data transactions