research.checkpoint.com Open in urlscan Pro
141.193.213.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Submission: On October 01 via manual (October 1st 2021, 4:01:54 am UTC) from IN — Scanned from DE

Summary HTTP 159 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 27 domains to perform 159 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is research.checkpoint.com.
TLS certificate: Issued by R3 on July 31st 2021. Valid for: 3 months.

This is the only time research.checkpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
8	104.111.231.109 104.111.231.109	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.145.47 13.226.145.47	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:4e00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.29.0.64 52.29.0.64	16509 (AMAZON-02) (AMAZON-02)
9	104.111.233.140 104.111.233.140	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2600:9000:218... 2600:9000:2182:be00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.67.149.147 3.67.149.147	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
62	13.226.145.61 13.226.145.61	() ()
2	54.147.21.139 54.147.21.139	() ()
2	50.16.7.188 50.16.7.188	() ()
1	13.226.145.59 13.226.145.59	() ()
159	34

28 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

research.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.111.231.109 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-231-109.deploy.static.akamaitechnologies.com

sc1.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-47.dus51.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:4e00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.111.233.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2182:be00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.149.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-149-147.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

750-dqh-528.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 13.226.145.61 (None, )

ASN- ()

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.21.139 (None, )

ASN- ()

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.7.188 (None, )

ASN- ()

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.59 (None, )

ASN- ()

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com	731 KB
36	checkpoint.com research.checkpoint.com sc1.checkpoint.com	2 MB
13	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com platform-cdn.sharethis.com	52 KB
9	6sc.co j.6sc.co c.6sc.co b.6sc.co	15 KB
6	onesignal.com cdn.onesignal.com onesignal.com img.onesignal.com	86 KB
4	drift.com metrics.api.drift.com bootstrap.api.drift.com	323 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	facebook.com www.facebook.com	414 B
2	facebook.net connect.facebook.net	170 KB
2	marketo.net munchkin.marketo.net	6 KB
2	6sense.com epsilon.6sense.com	492 B
2	googleapis.com fonts.googleapis.com	2 KB
1	driftcdn.com embeds.driftcdn.com	9 KB
1	mktoresp.com 750-dqh-528.mktoresp.com	311 B
1	t.co t.co	454 B
1	twitter.com analytics.twitter.com	659 B
1	ads-twitter.com static.ads-twitter.com	6 KB
1	licdn.com snap.licdn.com	2 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	google.de www.google.de	522 B
1	google.com www.google.com	522 B
1	doubleclick.net stats.g.doubleclick.net	468 B
1	adnxs.com secure.adnxs.com	699 B
1	googletagmanager.com www.googletagmanager.com	73 KB
1	jquery.com code.jquery.com	30 KB
1	fontawesome.com use.fontawesome.com	12 KB
159	27

	Domain	Requested by
62	js.driftt.com	research.checkpoint.com js.driftt.com
28	research.checkpoint.com	research.checkpoint.com
10	platform-cdn.sharethis.com	research.checkpoint.com
8	sc1.checkpoint.com	research.checkpoint.com
7	b.6sc.co	research.checkpoint.com
3	onesignal.com	cdn.onesignal.com
3	www.google-analytics.com	www.googletagmanager.com research.checkpoint.com
2	bootstrap.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	www.facebook.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	research.checkpoint.com connect.facebook.net
2	munchkin.marketo.net	research.checkpoint.com munchkin.marketo.net
2	epsilon.6sense.com	j.6sc.co
2	cdn.onesignal.com	research.checkpoint.com cdn.onesignal.com
2	fonts.googleapis.com	research.checkpoint.com js.driftt.com
1	embeds.driftcdn.com	js.driftt.com
1	750-dqh-528.mktoresp.com	munchkin.marketo.net
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	img.onesignal.com	research.checkpoint.com
1	www.google.de	research.checkpoint.com
1	www.google.com	research.checkpoint.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	j.6sc.co	research.checkpoint.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	www.googletagmanager.com	research.checkpoint.com
1	platform-api.sharethis.com	research.checkpoint.com
1	code.jquery.com	research.checkpoint.com
1	use.fontawesome.com	research.checkpoint.com
159	38

This site contains links to these domains. Also see Links.

Domain
www.checkpoint.com
www.facebook.com
plus.google.com
www.linkedin.com
twitter.com
threatemulation.checkpoint.com
www.cpcheckme.com
threatmap.checkpoint.com
www.databreaches.net
www.zdnet.com
www.darkreading.com
threatpost.com
www.reuters.com
www.bankinfosecurity.com
www.bleepingcomputer.com
thehackernews.com
portswigger.net
www.theregister.com
www.guardicore.com
edition.cnn.com
www.microsoft.com
us-cert.cisa.gov
blog.checkpoint.com
bit.ly

Subject Issuer	Validity	Valid
research.checkpoint.com R3	`2021-07-31` - `2021-10-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.checkpoint.com GlobalSign GCC R3 DV TLS CA 2020	`2020-12-02` - `2022-01-03`	a year	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-16`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.6sense.com Amazon	`2021-06-30` - `2022-07-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Frame ID: 12DCA7C9A7D693D29959928CC1396530
Requests: 91 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
Frame ID: 104D425451E486E49AB38B0DEA7D1B62
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
Frame ID: 11488952A9FC6C6CC30C043773841303
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

27th September – Threat Intelligence Report - Check Point Research

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

159
Requests

99 %
HTTPS

51 %
IPv6

27
Domains

38
Subdomains

34
IPs

4
Countries

3567 kB
Transfer

6814 kB
Size

20
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.checkpoint.com/
Title: CheckPoint.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/checkpointresearch/

Search URL Search Domain Scan URL

URL: https://plus.google.com/+checkpoint/posts

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/check-point-software-technologies

Search URL Search Domain Scan URL

URL: https://twitter.com/_cpresearch_

Search URL Search Domain Scan URL

URL: https://threatemulation.checkpoint.com/
Title: SandBlast File Analysis

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/urlcat/
Title: URL Categorization

Search URL Search Domain Scan URL

URL: http://www.cpcheckme.com/checkme/
Title: Instant Security Assessment

Search URL Search Domain Scan URL

URL: https://threatmap.checkpoint.com/ThreatPortal/livemap.html
Title: Live Threat Map

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/threatcloud-incident-response/

Search URL Search Domain Scan URL

URL: https://www.databreaches.net/major-european-call-center-provider-goes-down-in-ransomware-attack-not-negotiating-with-conti/
Title: hit

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/voip-company-battles-massive-ransom-ddos-attack/
Title: are targeting

Search URL Search Domain Scan URL

URL: https://www.darkreading.com/threat-intelligence/famoussparrow-apt-group-flocks-to-hotels-governments-businesses
Title: exploiting

Search URL Search Domain Scan URL

URL: https://threatpost.com/crystal-valley-farm-coop-hit-with-ransomware/174928/
Title: was victim

Search URL Search Domain Scan URL

URL: https://www.reuters.com/technology/minnesota-grain-handler-targeted-ransomware-attack-2021-09-23/
Title: has

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/blackmatter-knocks-marketron-off-air-a-17588
Title: launched

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/united-health-centers-ransomware-attack-claimed-by-vice-society/
Title: fell

Search URL Search Domain Scan URL

URL: https://thehackernews.com/2021/09/urgent-chrome-update-released-to-patch.html
Title: released

Search URL Search Domain Scan URL

URL: https://portswigger.net/daily-swig/netgear-fixes-rce-flaw-in-routers-parental-controls-feature
Title: patched

Search URL Search Domain Scan URL

URL: https://www.theregister.com/2021/09/22/macos_rce_flaw/
Title: revealed

Search URL Search Domain Scan URL

URL: https://www.guardicore.com/labs/autodiscovering-the-great-leak/
Title: leak

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/hackers-exploiting-critical-vmware-vcenter-cve-2021-22005-bug/
Title: urges

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/raidforums-data-marketplace-accidentally-exposes-private-staff-page/
Title: exposed

Search URL Search Domain Scan URL

URL: https://edition.cnn.com/2021/09/24/europe/russia-accused-ghostwriter-cyberattacks-german-election-intl/index.html
Title: linked

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/09/21/catching-the-big-fish-analyzing-a-large-scale-phishing-as-a-service-operation/
Title: found

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/alerts/aa21-265a
Title: alert

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/advisories/
Title: IPS ADVISORIES

Search URL Search Domain Scan URL

URL: http://blog.checkpoint.com/
Title: CHECK POINT BLOG

Search URL Search Domain Scan URL

URL: https://bit.ly/2Pmx8R2

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1633060907971&url=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D51830%26time%3D1633060907971%26url%3Dhttps%253A%252F%252Fresearch.checkpoint.com%252F2021%252F27th-september-threat-intelligence-report%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1633060907971&url=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1633060907971&url=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&liSync=true&e_ipv6=AQIG0T8hUj86eAAAAXw6A-78AFV400c3qrkNuf2GiNROmGjKwEWC9pCINNcopZcLhGsVWBPtgg

159 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
research.checkpoint.com/2021/27th-september-threat-intelligence-report/ 30 KB
9 KB 545ms
501ms Document
text/html 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

a9b2d0b6836a6742f2ed98e869c1440b6ab2e73dbd87e346389ad4aa3186b4c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: research.checkpoint.com
:scheme: https
:path: /2021/27th-september-threat-intelligence-report/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://research.checkpoint.com/?p=25375>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6972caab8bf7693d-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
research.checkpoint.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 26ms
24ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Jul 2021 16:17:32 GMT
server: cloudflare
age: 5483902
etag: W/"6102d49c-13abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6972caaee93d693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
research.checkpoint.com/wp-content/themes/research/ 18 KB
4 KB 21ms
19ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/style.css?ver=1.29
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27e3e60081926b895d5615743273a67f3280908e74e364f789df932ddc0661e8

Request headers

:path: /wp-content/themes/research/style.css?ver=1.29
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Sep 2021 14:23:14 GMT
server: cloudflare
age: 652422
etag: W/"614c8dd2-4967"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6972caaee940693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bootstrap.min.css
research.checkpoint.com/wp-content/themes/research/css/ 137 KB
22 KB 23ms
21ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/css/bootstrap.min.css?ver=4.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255

Request headers

:path: /wp-content/themes/research/css/bootstrap.min.css?ver=4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:49 GMT
server: cloudflare
age: 6039674
etag: W/"5dc49a65-22485"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6972caaee944693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 flickity.min.css
research.checkpoint.com/wp-content/themes/research/css/ 2 KB
700 B 22ms
20ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/css/flickity.min.css?ver=1.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8da941d8a446516c824ebc9fb77b42e6b92c6deed1daed266bd821ed27bc516

Request headers

:path: /wp-content/themes/research/css/flickity.min.css?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
age: 13904965
etag: W/"5dc49a64-71d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6972caaee945693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 33ms
13ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=5.6.3
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7458844
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7B30DF5E076WDCM1
x-amz-id-2: BVkEzUdofMKWsfastCqvc8/iJlSmp0wn/Tph6XMVOcs1lk4V9uIq+qEv/wqWwJkAveS78t9gdks=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvD%2Fki7t3%2B%2BwlAf5LhHGAU0J0WftI1PVYrnQT6DZzADe%2BU2kUrwwqjzTTSBQr5OANiskh%2FIyzyDhvSQx8oXfUttQDVVEw88YoUZrY23e3fE6pmhwmRP0VchC%2FQPSXPbXyJOXFoqoDGtkdYDElBnfdJ9l"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6972caaf0ef94e38-FRA

GET
H2 200 enlighterjs.min.css
research.checkpoint.com/wp-content/plugins/enlighter/cache/ 78 KB
9 KB 27ms
25ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/plugins/enlighter/cache/enlighterjs.min.css?ver=TJ0/7+iAWMKbDKS
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6048e330c0f362be46b20de45d35a5ace57a04be04a29da10448d6949f6f69ce

Request headers

:path: /wp-content/plugins/enlighter/cache/enlighterjs.min.css?ver=TJ0/7+iAWMKbDKS
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Feb 2021 20:35:46 GMT
server: cloudflare
age: 13904965
etag: W/"602adb22-13686"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6972caaee947693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery-3.4.0.min.js Show response
code.jquery.com/ 86 KB
30 KB 40ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.0.min.js?ver=5.8
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2019 19:56:14 GMT
server: nginx
etag: W/"5cae4a5e-15857"
vary: Accept-Encoding
x-hw: 1633060907.dop131.fr8.t,1633060907.cds201.fr8.hn,1633060907.cds051.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30632

GET
H2 200 bootstrap.bundle.min.js Show response
research.checkpoint.com/wp-content/themes/research/js/lib/ 66 KB
19 KB 44ms
42ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/js/lib/bootstrap.bundle.min.js?ver=4.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db

Request headers

:path: /wp-content/themes/research/js/lib/bootstrap.bundle.min.js?ver=4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
age: 13904965
etag: W/"5dc49a64-1089e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6972caaee949693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 flickity.pkgd.min.js Show response
research.checkpoint.com/wp-content/themes/research/js/lib/ 54 KB
14 KB 27ms
25ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/js/lib/flickity.pkgd.min.js?ver=1.0.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2df9f6df4b4a8d7174d259f563b8d9e28e4c03f8f4092fd9db6044e0e64c32

Request headers

:path: /wp-content/themes/research/js/lib/flickity.pkgd.min.js?ver=1.0.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
age: 3285998
etag: W/"5dc49a64-d7c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6972caaee94b693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 single-post.js Show response
research.checkpoint.com/wp-content/themes/research/js/ 422 B
310 B 24ms
22ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/js/single-post.js?ver=1.0.4
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f5bd223eafa1c6d1aff21c91c6bfb825f7f36830d97eef41c432681ed671f85

Request headers

:path: /wp-content/themes/research/js/single-post.js?ver=1.0.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jan 2020 00:00:05 GMT
server: cloudflare
age: 13904965
etag: W/"5e1d0485-1a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6972caaee94c693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 inc-header.js Show response
research.checkpoint.com/wp-content/themes/research/header/ 1 KB
495 B 25ms
24ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/header/inc-header.js?v=1.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae3754c54a0880a98a94c423d3e67f39b5b6f3c63516dafa33866e3e74c9f97d

Request headers

:path: /wp-content/themes/research/header/inc-header.js?v=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
age: 13904965
etag: W/"5dc49a64-47a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6972caaee94f693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
research.checkpoint.com/wp-content/themes/research/header/ 9 KB
2 KB 26ms
24ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/header/style.css
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fe8bcbcd24ab838fbbd773001253fc0353956e81c5ba9c8e23951ebdbae305a

Request headers

:path: /wp-content/themes/research/header/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
age: 14048525
etag: W/"5dc49a64-25cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6972caaee948693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 45ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 03:37:15 GMT
server: ESF
date: Fri, 01 Oct 2021 04:01:47 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 01 Oct 2021 04:01:47 GMT

GET
H/1.1 200
OK facebook.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 1 KB
2 KB 66ms
8ms Image
image/gif 104.111.231.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/facebook.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 791d8c8cb135d3d53915096e999d3857b6ee16966c20a019f38699f09f6aa2ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "7eb7015574801089503dd7095e1d4313:1506366539"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1254

GET
H/1.1 200
OK google-plus.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 2 KB
2 KB 65ms
7ms Image
image/gif 104.111.231.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/google-plus.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1998582382fbf956231d65be84b76e08c0c86e5ced8a99c703bdec416d876d76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "eedd0b2cde10b6b1930d57a10c6d0422:1612322629.149034"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1653

GET
H/1.1 200
OK linkedin.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 1 KB
2 KB 65ms
8ms Image
image/gif 104.111.231.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/linkedin.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a22d6b8782097b7cd9588ab582e119bfd6290278275661e9d0f96b2baec0cb8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "6789b034de6591b26bbd9b5fa6b451ca:1506366539"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1416

GET
H/1.1 200
OK email.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 1 KB
2 KB 64ms
7ms Image
image/gif 104.111.231.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/email.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3643b2c826a615065303aa44b8f463eb854d77934f5f25dc1f74f60d4698f9f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "15f1e1004accdbc019365e658249f334:1506366539"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1407

GET
H/1.1 200
OK rss.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 2 KB
2 KB 75ms
7ms Image
image/gif 104.111.231.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/rss.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b7cfb1c9430d90b22b3f4497543a4cfef719dc40a3cce130cad766171abe8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "8cc18e3677ea53cc679e33e82bf9497a:1506366539"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1620

GET
H/1.1 200
OK twitter.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 2 KB
2 KB 76ms
7ms Image
image/gif 104.111.231.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/twitter.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a59bba774218f207179b30aa8bbd21bad0f7355a52321e08138bd77a308c27d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "6b05f4fc9522afa0cdbeb1a2c0bccc2c:1506366539"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1608

GET
H/1.1 200
OK check-point-research-logo.gif
sc1.checkpoint.com/sc1/inc/html/images/ 3 KB
3 KB 21ms
8ms Image
image/gif 104.111.231.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/check-point-research-logo.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b1fd89254c5a1e26226d533849c501ce8d17f47d4271e907f0084d7a25f1f242

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Last-Modified: Mon, 09 Jul 2018 21:15:16 GMT
Server: AkamaiNetStorage
ETag: "c425f4400a5c9dfbaecb24275f494931:1531172224"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 2901

GET
H3 200 under-attack.gif
research.checkpoint.com/wp-content/themes/research/img/lib/ 458 B
831 B 42ms
41ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/themes/research/img/lib/under-attack.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f7ef8329ae6da56bd269492901fb024a05d7b67e977995a82b506af4b3b030

Request headers

:path: /wp-content/themes/research/img/lib/under-attack.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 116436
cf-polished: origFmt=gif, origSize=1666
content-disposition: inline; filename="under-attack.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 458
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
etag: "5dc49a64-682"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caaf589d695d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 email-decode.min.js Show response
research.checkpoint.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
937 B 13ms
13ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Sep 2021 15:51:34 GMT
server: cloudflare
etag: W/"6149ff86-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 6972caaf3865695d-FRA
vary: Accept-Encoding
expires: Sun, 03 Oct 2021 04:01:47 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 183 KB
41 KB 34ms
11ms Script
text/javascript 13.226.145.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-47.dus51.r.cloudfront.net
Software: /
Resource Hash: 0f6bbb7e286f1f3ad2aadaa4794d4f1ce8d2a1a262f1a9b8851533edbd41ae79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 03:57:42 GMT
content-encoding: gzip
age: 245
etag: W/"2dcf1-WwF+elP/xnuwOSlGKk64bx4O0JA"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/javascript; charset=utf-8
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: V6EF4cn_oBOxsL14OAOnWQ_YZRp0nHTQJo5-PasSbUqOsH7OnQtHmg==

GET
H3 200 CfP_1021x580_A.jpg
research.checkpoint.com/wp-content/uploads/2018/11/ 128 KB
128 KB 42ms
42ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2018/11/CfP_1021x580_A.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b409a25be19b9494a8c248fc9e5068f933903da1dc0494b4f17120c300e53e7c

Request headers

:path: /wp-content/uploads/2018/11/CfP_1021x580_A.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 2524933
cf-polished: origSize=134980, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 130571
last-modified: Thu, 07 Nov 2019 22:27:41 GMT
server: cloudflare
etag: "5dc49a5d-20f44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caaf589e695d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 enlighterjs.min.js Show response
research.checkpoint.com/wp-content/plugins/enlighter/cache/ 57 KB
17 KB 28ms
27ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/plugins/enlighter/cache/enlighterjs.min.js?ver=TJ0/7+iAWMKbDKS
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e0c4a1ed3d232553d98c82ea0e04cee8975d0a67df819e161f96e7c32179e8c

Request headers

:path: /wp-content/plugins/enlighter/cache/enlighterjs.min.js?ver=TJ0/7+iAWMKbDKS
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Feb 2021 20:35:46 GMT
server: cloudflare
age: 13904965
etag: W/"602adb22-e33f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6972caaf5899695d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 34ms
16ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 742
etag: W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6972caaf7bef5c7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 04 Oct 2021 04:01:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 252 KB
73 KB 39ms
16ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6dd0854f0a88166286a6f6b54835b2da64b17de089ea7648aeebd6fba9fd3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74700
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Oct 2021 04:01:47 GMT

GET
H/1.1 200
OK search-icon.gif
sc1.checkpoint.com/sc1/inc/html/images/ 2 KB
2 KB 21ms
9ms Image
image/gif 104.111.231.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/search-icon.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/wp-content/themes/research/header/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 953d6908ab55929254e46c77e5c751a6e2df7ab84430f134edc3bb62d8f7d32f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "2e1aa25e7e77e6a393fd38efb413370f:1506366539"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1755

GET
H3 200 34CA47_6_0.woff2
research.checkpoint.com/wp-content/themes/research/fonts/ 58 KB
58 KB 27ms
27ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/fonts/34CA47_6_0.woff2
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/wp-content/themes/research/style.css?ver=1.29
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc686423c26cb1030032fd7e4f2dd664c4b08517a8990c0b46269dd4e01910b

Request headers

:path: /wp-content/themes/research/fonts/34CA47_6_0.woff2
pragma: no-cache
origin: https://research.checkpoint.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/wp-content/themes/research/style.css?ver=1.29
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://research.checkpoint.com/wp-content/themes/research/style.css?ver=1.29
Origin: https://research.checkpoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
age: 13904965
etag: "5dc49a64-e890"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caaf68a9695d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 59536

GET
H3 200 ThreatIntelligenceBulletin.jpg
research.checkpoint.com/wp-content/uploads/2020/05/ 140 KB
140 KB 23ms
23ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2020/05/ThreatIntelligenceBulletin.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a3e2ff9c3e1fe170d596eb368690eff259e9e9693af660e4796f6e5ea8092f6

Request headers

:path: /wp-content/uploads/2020/05/ThreatIntelligenceBulletin.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 6039411
cf-polished: origSize=148629, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 143385
last-modified: Mon, 25 May 2020 14:18:25 GMT
server: cloudflare
etag: "5ecbd3b1-24495"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caaf9902695d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 PIX_blog_header.jpg
research.checkpoint.com/wp-content/uploads/2021/09/ 134 KB
135 KB 32ms
30ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2021/09/PIX_blog_header.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: acb170a85af5c17e9a6efa0309bb2f4bbcd84987e8808401e6acc9023737c02c

Request headers

:path: /wp-content/uploads/2021/09/PIX_blog_header.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 76591
cf-polished: origSize=143150, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 137403
last-modified: Thu, 30 Sep 2021 06:44:52 GMT
server: cloudflare
etag: "61555ce4-22f2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caaf9904695d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 WormableWhatsApp_blog_header.jpg
research.checkpoint.com/wp-content/uploads/2021/04/ 175 KB
176 KB 34ms
32ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2021/04/WormableWhatsApp_blog_header.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b049970b7e8ff76ac4c87ab5aecba4d748c51f541e5d6f4f6b198910fdcf076f

Request headers

:path: /wp-content/uploads/2021/04/WormableWhatsApp_blog_header.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 633895
cf-polished: origFmt=jpeg, origSize=194611
content-disposition: inline; filename="WormableWhatsApp_blog_header.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 179538
last-modified: Mon, 05 Apr 2021 08:22:52 GMT
server: cloudflare
etag: "606ac8dc-2f833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caaf9905695d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 GooglePlayBanner-Social-1021x580B.jpg
research.checkpoint.com/wp-content/uploads/2020/12/ 136 KB
137 KB 39ms
37ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2020/12/GooglePlayBanner-Social-1021x580B.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3e60fe4713184efbce78a84f4fe694f7e2cee7e62b19ab7c65006e6c19cebfc

Request headers

:path: /wp-content/uploads/2020/12/GooglePlayBanner-Social-1021x580B.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 4792776
cf-polished: origFmt=jpeg, origSize=161982
content-disposition: inline; filename="GooglePlayBanner-Social-1021x580B.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 139408
last-modified: Thu, 03 Dec 2020 06:44:48 GMT
server: cloudflare
etag: "5fc88960-278be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caaf990a695d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 graphology_of_an_exploit.jpg
research.checkpoint.com/wp-content/uploads/2020/09/ 39 KB
40 KB 42ms
39ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2020/09/graphology_of_an_exploit.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb0610c35f9a429f5c3cf77d501f14f3740516830849dc6fea1c4baa84c95109

Request headers

:path: /wp-content/uploads/2020/09/graphology_of_an_exploit.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 13900997
cf-polished: origSize=42072, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 40273
last-modified: Thu, 01 Oct 2020 15:23:12 GMT
server: cloudflare
etag: "5f75f460-a458"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caafa90b695d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 AlexaHacked_blog_header-1.jpg
research.checkpoint.com/wp-content/uploads/2020/08/ 147 KB
147 KB 42ms
40ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2020/08/AlexaHacked_blog_header-1.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28bf8a14cc3a9afd1252e081c83111e9cc5856a949c41260987b454b27a5a6f8

Request headers

:path: /wp-content/uploads/2020/08/AlexaHacked_blog_header-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 13900998
cf-polished: origSize=156645, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 150244
last-modified: Wed, 12 Aug 2020 11:35:58 GMT
server: cloudflare
etag: "5f33d41e-263e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caafa90d695d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 GooglePlayBanner-Social-1021x580B.jpg
research.checkpoint.com/wp-content/uploads/2020/07/ 177 KB
177 KB 47ms
44ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2020/07/GooglePlayBanner-Social-1021x580B.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bef21bc8b3ccb5bdfdfa9121cdf9514978b5bee4d4a937c97ad0f71b95bf035

Request headers

:path: /wp-content/uploads/2020/07/GooglePlayBanner-Social-1021x580B.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 2521385
cf-polished: origFmt=jpeg, origSize=197039
content-disposition: inline; filename="GooglePlayBanner-Social-1021x580B.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 181168
last-modified: Thu, 09 Jul 2020 07:44:00 GMT
server: cloudflare
etag: "5f06cac0-301af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caafa90f695d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 Guacamole_CPR_FINAL-F-1021x580-3.jpg
research.checkpoint.com/wp-content/uploads/2020/06/ 255 KB
255 KB 23ms
21ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2020/06/Guacamole_CPR_FINAL-F-1021x580-3.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a8ea973aead3c693246d935cde5e118787091dbd8044af4049d6298587463c

Request headers

:path: /wp-content/uploads/2020/06/Guacamole_CPR_FINAL-F-1021x580-3.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 2025754
cf-polished: origFmt=jpeg, origSize=590084
content-disposition: inline; filename="Guacamole_CPR_FINAL-F-1021x580-3.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 260654
last-modified: Tue, 30 Jun 2020 05:53:32 GMT
server: cloudflare
etag: "5efad35c-90104"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caafa910695d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 CheckPointResearchTurkishRat_blog_header.jpg
research.checkpoint.com/wp-content/uploads/2020/02/ 253 KB
254 KB 53ms
51ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2020/02/CheckPointResearchTurkishRat_blog_header.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9760dd765524d14d8a303aa64b92d8805eda3d0939d1943233ae3983af4afe9d

Request headers

:path: /wp-content/uploads/2020/02/CheckPointResearchTurkishRat_blog_header.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 1926044
cf-polished: origFmt=jpeg, origSize=557062
content-disposition: inline; filename="CheckPointResearchTurkishRat_blog_header.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 259238
last-modified: Sun, 16 Feb 2020 10:02:32 GMT
server: cloudflare
etag: "5e491338-88006"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caafa911695d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 CheckPointResearchAzureStack_blog_header-FINAL-1.jpg
research.checkpoint.com/wp-content/uploads/2020/01/ 197 KB
197 KB 63ms
61ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2020/01/CheckPointResearchAzureStack_blog_header-FINAL-1.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f7fcb0d3c7aa7233a07b623712960046210e6e0a6d8060e1355fdfe1ca97d21

Request headers

:path: /wp-content/uploads/2020/01/CheckPointResearchAzureStack_blog_header-FINAL-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 13900997
cf-polished: origSize=206983, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 201288
last-modified: Fri, 24 Jan 2020 06:11:59 GMT
server: cloudflare
etag: "5e2a8aaf-32887"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caafa914695d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 PhishingCanadianBanks_blog_1021x580-1.jpg
research.checkpoint.com/wp-content/uploads/2019/12/ 129 KB
129 KB 67ms
65ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2019/12/PhishingCanadianBanks_blog_1021x580-1.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c29cbdf7e33e987443f6f7b14b5f9e5ac7e15d3e755b725a8fa28c477e662b

Request headers

:path: /wp-content/uploads/2019/12/PhishingCanadianBanks_blog_1021x580-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 13900997
cf-polished: origSize=136390, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 131843
last-modified: Sun, 22 Dec 2019 09:00:05 GMT
server: cloudflare
etag: "5dff3095-214c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972caafa915695d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 5a3031770f16c70012a3c297.js Show response
buttons-config.sharethis.com/js/ 525 B
898 B 148ms
122ms Script
text/javascript 2600:9000:2182:4e00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5a3031770f16c70012a3c297.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:4e00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eee6d8fe37122ba1538560131fe5c95f9a4b6c45e2059076a7a92513fcb12f20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:48 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2017 19:43:54 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: "29c30155cdf2eaa96943948b94d537b6"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 525
x-amz-cf-id: 9N392DGywPoQOfVgR7Bc0AU6yc5sZn8s0tDwsx-el0iSuN2jJAnaqg==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
345 B 41ms
10ms XHR
text/plain 52.29.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=research.checkpoint.com&location=%2F2021%2F27th-september-threat-intelligence-report%2F&product=sticky-share-buttons&url=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=27th%20September%20%E2%80%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research&cms=unknown&publisher=5a3031770f16c70012a3c297&sop=true&version=st_sop.js&lang=en&description=For%20the%20latest%20discoveries%20in%20cyber%20research%20for%20the%20week%20of%2027th%20September%2C%20please%20download%20our%20Threat%20Intelligence%20Bulletin.%20Top%20Attacks%20and%20Breaches%20Conti%20ransomware%20gang%20has%20hit%20Covisian%E2%80%99s%20Spanish%20and%20Latin%20America%20subsidiary%2C%20Europe%E2%80%99s%20major%20customer%20service%20and%20call%20center%20providers%2C%20affecting%20several%20of%20their%20internal%20systems.%20According%20to%20the%20company%2C%20there%20were%20no...%20Click%20to%20Read%20More
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://research.checkpoint.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3 200 CPR_blog_article.jpg
research.checkpoint.com/wp-content/uploads/2021/09/ 231 KB
232 KB 20ms
20ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2021/09/CPR_blog_article.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 899936a56eeb98b2d78ec0a42105b3710d262e1b078f4afe4721135afcbfaf8d

Request headers

:path: /wp-content/uploads/2021/09/CPR_blog_article.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: research.checkpoint.com
referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 1317800
cf-polished: origFmt=jpeg, origSize=361582
content-disposition: inline; filename="CPR_blog_article.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 236674
last-modified: Thu, 02 Sep 2021 06:48:52 GMT
server: cloudflare
etag: "613073d4-5846e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6972cab019c6695d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 25ms
24ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 664
etag: W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6972cab03d2a5c7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 04 Oct 2021 04:01:47 GMT

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 26 KB
9 KB 26ms
8ms Script
application/javascript 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

9ec1002988b30be58344be55afcc9b1075519b3e2a96380b35ad343922e0d7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 8542
Pragma: no-cache
Last-Modified: Fri, 06 Aug 2021 19:26:06 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "610d8cce-69e1"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Fri, 01 Oct 2021 04:01:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 41ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4187
date: Fri, 01 Oct 2021 02:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 01 Oct 2021 04:52:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/3ba17c77-81bb-4a83-8917-7b62de3d6e22/ 3 KB
2 KB 16ms
16ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/3ba17c77-81bb-4a83-8917-7b62de3d6e22/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

899c1dee18a8a3984f50d360c2ff90dabe5a841febee6d9368e6806cb4c9372d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19
cf-polished: origSize=3450
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: fe6665a1-181f-419f-ae58-961c624d0b07
x-runtime: 0.094501
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"73cdcc746ee5953f8ce8483530b1f393"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6972cab0bdca5c7a-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 01 Oct 2021 05:01:47 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
699 B 45ms
18ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 04:01:47 GMT
X-Proxy-Origin: 168.119.25.199; 168.119.25.199; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6178f58d-5b9e-4794-a672-eb0f027efd5a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://research.checkpoint.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
379 B 24ms
7ms XHR
text/plain 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 10af20ed2e8225412f07ec5e9ba60de78083c6104c32e6b3a42a0dc81ecdd5a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://research.checkpoint.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 60ms
9ms Image
image/svg+xml 2600:9000:2182:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 02 Sep 2021 07:18:35 GMT
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2493793
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: 0Cef0kc3z31Gil_hNc9VKQEuiiTT8u0vEnxKNIFkCwS1OS-a1Vu36Q==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 61ms
10ms Image
image/svg+xml 2600:9000:2182:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 14 Sep 2021 06:43:20 GMT
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1459108
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 832
x-amz-cf-id: 6khce7ynyh05vkRHcFHLk0z7xhL__xEIYrLQBxdN6Bvp6GTe2Jk_RQ==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
678 B 61ms
11ms Image
image/svg+xml 2600:9000:2182:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 01 Sep 2021 06:32:33 GMT
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2582955
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: 7FRmbcoXipe81w4NIrHArIujKL5uDC9hrYqjkscNLkHkEYTrNtIO-Q==

GET
H2 200 linkedin.svg
platform-cdn.sharethis.com/img/ 456 B
834 B 61ms
11ms Image
image/svg+xml 2600:9000:2182:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/linkedin.svg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 17 Sep 2021 18:32:37 GMT
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1157351
etag: "fa43b4ede18498b114fc7185993f6da7"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 456
x-amz-cf-id: smWStjJkdDLxgi66OCbmPNwrlLVwaWVJ0qTlddiNPAc8_T_zlg0mQw==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
721 B 62ms
12ms Image
image/svg+xml 2600:9000:2182:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/email.svg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 18:39:39 GMT
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1502529
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 343
x-amz-cf-id: mZJB8GBV5UIsAwO1P-2gsWXEMJlpT2tfJumY4FsI_9Cflg7DoAALxQ==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 62ms
12ms Image
image/svg+xml 2600:9000:2182:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 15 Sep 2021 02:35:17 GMT
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1387591
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 771
x-amz-cf-id: -5W8zesJ7xKrJljy-fE2JRAlup2a6pqQFL13kn9g6mzqDqjRIuzo2Q==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
892 B 10ms
9ms Image
image/svg+xml 2600:9000:2182:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 17 Sep 2021 06:11:13 GMT
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1201835
etag: "deecdaa377907db5cc1722fc831670a1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 514
x-amz-cf-id: odzxka_w080XxN3fR-TD4ViBFJCkZHvD-AdDH7CB8Dr6rg_48Wz8Kw==

GET
H2 200 reddit.svg
platform-cdn.sharethis.com/img/ 910 B
1 KB 11ms
10ms Image
image/svg+xml 2600:9000:2182:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/reddit.svg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 28 Sep 2021 23:06:08 GMT
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 190540
etag: "78d796ca648d8a5e665b48ed0217c56a"
x-edge-origin-shield-skipped: 0
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 910
x-amz-cf-id: p5NSPwb7d90t5VLHnt5BrCxU-QSSB-wF4lvpOwQKVeF3fmd_XikBow==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
944 B 11ms
11ms Image
image/svg+xml 2600:9000:2182:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/arrow_left.svg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 03 Sep 2021 13:15:42 GMT
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2385966
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 565
x-amz-cf-id: g73A1c01QTX2xExmKjL1nXHeBFmHaEd5Xg83D4MxV-BiNK9RPZ31ng==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
943 B 12ms
11ms Image
image/svg+xml 2600:9000:2182:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/arrow_right.svg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 22 Sep 2021 17:15:09 GMT
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 729999
etag: "9928d025bd5792b718ee0a185f62e67c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 565
x-amz-cf-id: 9wH8tXHdSGhLGZcugxBzPiNyyYBc0N-yw4LqnQJeeTIj8Quo6ESIGA==

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 487 B
492 B 34ms
16ms XHR
application/json 3.67.149.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.149.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-149-147.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5e9ad67c84642be141fab55e348db0cbd713d33c259eaa7e1100d5f3f89e15ec

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://research.checkpoint.com/
Accept-Language: de-DE,de;q=0.9
Authorization: Token 87c67a7c5a9e9b4dd1824f6727ed4e43fadadde4
EpsilonCookie: 64bb1002553f00002b88566167020000556d4100

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://research.checkpoint.com
access-control-allow-credentials: true
content-length: 302

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 35ms
8ms Preflight 3.67.149.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Server: 3.67.149.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-149-147.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,epsiloncookie
Origin: https://research.checkpoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
server: nginx
access-control-allow-origin: https://research.checkpoint.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET
access-control-allow-headers: authorization,epsiloncookie

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 213ms
197ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=64bb1002553f00002b88566167020000556d4100&session=bc935ebd-5403-4f20-879c-1c4a71e7d935&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A47%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%2227th%20September%20%E2%80%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&pageViewId=b48b1eef-ae8b-4b92-85f5-d193a0c8e47f&an_uid=0

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
468 B 47ms
16ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-194688-3&cid=1054973443.1633060908&jid=1244410163&gjid=127192744&_gid=1166408356.1633060908&_u=YGBAgEABAAAAAE~&z=1369960504

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://research.checkpoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 01 Oct 2021 04:01:47 GMT
content-type: text/plain
access-control-allow-origin: https://research.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=510332874&t=pageview&_s=1&dl=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&ul=en-us&de=UTF-8&dt=27th%20September%20%C3%A2%C2%80%C2%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1244410163&gjid=127192744&cid=1054973443.1633060908&tid=UA-194688-3&_gid=1166408356.1633060908&gtm=2wg9r05JCRGP&z=604546007

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 18:02:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35940
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=510332874&t=event&ni=1&_s=1&dl=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&ul=en-us&de=UTF-8&dt=27th%20September%20%C3%A2%C2%80%C2%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aGDAgEABAAAAAE~&jid=&gjid=&cid=1054973443.1633060908&tid=UA-194688-3&_gid=1166408356.1633060908&gtm=2wg9r05JCRGP&cd9=Acco%5BREDACTED%20EMAIL%5D.Tv%27s%20Account%20-%20ACcd4dd113&cd10=grauer.tv&cd11=&cd12=&cd13=&cd14=&cd17=Germany&z=959551553

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 18:02:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35940
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 18ms
18ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 752
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6972cab1cf415c7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 04 Oct 2021 04:01:47 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 40ms
17ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-194688-3&cid=1054973443.1633060908&jid=1244410163&_u=YGBAgEABAAAAAE~&z=1552153621

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 04:01:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 42ms
19ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-194688-3&cid=1054973443.1633060908&jid=1244410163&_u=YGBAgEABAAAAAE~&z=1552153621

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 04:01:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon Show response
onesignal.com/api/v1/apps/3ba17c77-81bb-4a83-8917-7b62de3d6e22/ 176 B
702 B 34ms
17ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/3ba17c77-81bb-4a83-8917-7b62de3d6e22/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R)

Resource Hash

57e48df5586242df165fa8424ae8cb9e360c8e81b6a711736bf1f395a2c02a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19
x-powered-by: Phusion Passenger(R)
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1a898373-5b6c-4613-838f-6717415ee65d
x-runtime: 0.007802
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"57e48df5586242df165fa8424ae8cb9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7200
cf-ray: 6972cab218254e2c-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 01 Oct 2021 06:01:47 GMT

GET
H2 200 7ec0ceb7-c110-40e8-9782-73562b05b110.gif
img.onesignal.com/t/ 3 KB
3 KB 13ms
13ms Image
image/gif 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onesignal.com/t/7ec0ceb7-c110-40e8-9782-73562b05b110.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1fd89254c5a1e26226d533849c501ce8d17f47d4271e907f0084d7a25f1f242

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
cf-cache-status: HIT
age: 18
x-amz-meta-cache-control: public, maxage=604800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2901
x-amz-id-2: IBKFkNsZJHLs//qz8dl3rgEfFQt6gwh9mj+myo0TSTFx4NMrcIxCTE9GD+uoBLNVwhnndQcEq7w=
last-modified: Mon, 26 Aug 2019 20:17:26 GMT
server: cloudflare
etag: "c425f4400a5c9dfbaecb24275f494931"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 691YVJAYFKY0BBAS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 6972cab22fb65c7a-FRA
expires: Mon, 01 Nov 2021 04:01:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://research.checkpoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 297250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 27 Sep 2022 17:27:37 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 27ms
10ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=46357
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 28ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:47 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra: DE-BY
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200037-IAD, cache-hhn11573-HHN

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 39ms
7ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 01:40:41 GMT
Server: AkamaiNetStorage
ETag: "5379c4a40ff8ae9d2fc6484dd1c57349:1622166041.794746"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

010197d1993c80fa2d28758f166043e0eace7c062d11df8a4bcb342fa8755b53

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: A+wk38U41GD1jXTE/HzkRCbrHwrX8ARCSEzJ+u1bRdrxFbZi2nMPfRLnSM8luvdTwiLsg9CLX47hNczNYq9C1Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 01 Oct 2021 04:01:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1633060907971&url=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D51830%26time%3D1633060907971%26url%3Dhttps%253A%252F%252Fresearch.checkpoint.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1633060907971&url=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1633060907971&url=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&liSync=true&e_ipv6=AQIG0...

0
156 B

319ms
121ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1633060907971&url=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&liSync=true&e_ipv6=AQIG0T8hUj86eAAAAXw6A-78AFV400c3qrkNuf2GiNROmGjKwEWC9pCINNcopZcLhGsVWBPtgg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:49 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: BU9Umz7MqRbgCGxnSCsAAA==

Redirect headers

date: Fri, 01 Oct 2021 04:01:48 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1633060907971&url=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&liSync=true&e_ipv6=AQIG0T8hUj86eAAAAXw6A-78AFV400c3qrkNuf2GiNROmGjKwEWC9pCINNcopZcLhGsVWBPtgg
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: ZCcLgz7MqRZAN7EOnysAAA==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 133ms
116ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nxi3o&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4aa25930-0009-42ef-bad5-b78435aaf416&tw_document_href=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 01 Oct 2021 04:01:48 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bc4526d618973d34f71a19b0d166933741ba974201e7786cbf68b9328ef94d38
x-transaction: bef01f5cd5a7770e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
454 B 130ms
113ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nxi3o&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4aa25930-0009-42ef-bad5-b78435aaf416&tw_document_href=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 01 Oct 2021 04:01:48 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 80eadf3b5971848362c1d1405f50ee92b69e8feff200e2eb561cfd9a78b5f4f5
x-transaction: 9d10ac466faf9364
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 1692853834349189 Show response
connect.facebook.net/signals/config/ 490 KB
143 KB 68ms
67ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1692853834349189?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42925a15f587187903789e678d7bce544a312565dc627a158df1ed9040282712

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: B0MxoDVbCiRARk6xf4VmGFQZsq3NrPrbbfGYBHeydXwG28nOfpgKWqVitmTCkqNpt3VB/NTGnztxiuULRG5i1A==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 01 Oct 2021 04:01:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/160/ 11 KB
5 KB 8ms
8ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/160/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 02:54:38 GMT
Server: AkamaiNetStorage
ETag: "19a9335fd71267d56e65bc19390f3100:1613703278.138281"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4811
Expires: Sun, 09 Jan 2022 04:01:47 GMT

POST
H/1.1 200
OK visitWebPage
750-dqh-528.mktoresp.com/webevents/ 2 B
311 B 509ms
100ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://750-dqh-528.mktoresp.com/webevents/visitWebPage?_mchNc=1633060908002&_mchCn=&_mchId=750-DQH-528&_mchTk=_mch-checkpoint.com-1633060908002-51188&_mchHo=research.checkpoint.com&_mchPo=&_mchRu=%2F2021%2F27th-september-threat-intelligence-report%2F&_mchPc=https%3A&_mchVr=160&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/160/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://research.checkpoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 01 Oct 2021 04:01:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: d73678ca-a9ad-401e-94cf-7a1933d0914e

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 24ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1692853834349189&ev=PageView&dl=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&rl=&if=false&ts=1633060908191&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633060908189.860255299&it=1633060907986&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 01 Oct 2021 04:01:48 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 216ms
216ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=64bb1002553f00002b88566167020000556d4100&session=bc935ebd-5403-4f20-879c-1c4a71e7d935&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A48%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A47%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%2227th%20September%20%E2%80%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&pageViewId=b48b1eef-ae8b-4b92-85f5-d193a0c8e47f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:48 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1692853834349189&ev=Microdata&dl=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&rl=&if=false&ts=1633060908694&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%2227th%20September%20%E2%80%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research%22%2C%22meta%3Adescription%22%3A%22Latest%20Research%20by%20our%20Team%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%2227th%20September%20%E2%80%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research%22%2C%22og%3Adescription%22%3A%22For%20the%20latest%20discoveries%20in%20cyber%20research%20for%20the%20week%20of%2027th%20September%2C%20please%20download%20our%20Threat%20Intelligence%20Bulletin.%20Top%20Attacks%20and%20Breaches%20Conti%20ransomware%20gang%20has%20hit%20Covisian%E2%80%99s%20Spanish%20and%20Latin%20America%20subsidiary%2C%20Europe%E2%80%99s%20major%20customer%20service%20and%20call%20center%20providers%2C%20affecting%20several%20of%20their%20internal%20systems.%20According%20to%20the%20company%2C%20there%20were%20no...%20Click%20to%20Read%20More%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F%22%2C%22og%3Asite_name%22%3A%22Check%20Point%20Research%22%2C%22article%3Apublished_time%22%3A%222021-09-26T16%3A36%3A16%2B00%3A00%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fresearch.checkpoint.com%2Fwp-content%2Fuploads%2F2020%2F05%2FThreatIntelligenceBulletin.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%221021%22%2C%22og%3Aimage%3Aheight%22%3A%22580%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633060908189.860255299&it=1633060907986&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 01 Oct 2021 04:01:48 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 199ms
198ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=64bb1002553f00002b88566167020000556d4100&session=bc935ebd-5403-4f20-879c-1c4a71e7d935&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A49%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A48%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%2227th%20September%20%E2%80%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&pageViewId=b48b1eef-ae8b-4b92-85f5-d193a0c8e47f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:49 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 180ms
180ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=64bb1002553f00002b88566167020000556d4100&session=bc935ebd-5403-4f20-879c-1c4a71e7d935&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A50%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A49%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%2227th%20September%20%E2%80%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&pageViewId=b48b1eef-ae8b-4b92-85f5-d193a0c8e47f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:50 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 183ms
183ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=64bb1002553f00002b88566167020000556d4100&session=bc935ebd-5403-4f20-879c-1c4a71e7d935&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A51%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A50%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224008%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%2227th%20September%20%E2%80%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&pageViewId=b48b1eef-ae8b-4b92-85f5-d193a0c8e47f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:51 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 179ms
179ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=64bb1002553f00002b88566167020000556d4100&session=bc935ebd-5403-4f20-879c-1c4a71e7d935&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A52%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A51%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225009%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%2227th%20September%20%E2%80%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&pageViewId=b48b1eef-ae8b-4b92-85f5-d193a0c8e47f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:52 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 wxbvs5zxy7iy.js Show response
js.driftt.com/include/1633061100000/ 214 KB
61 KB 183ms
131ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1633061100000/wxbvs5zxy7iy.js

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2021/27th-september-threat-intelligence-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fecb468b83f55a89343b6504341a4ede40a94fb16ad6e685147f0faba521f443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: .qS2Ub2EYI_s2A3EUW2B1rTHqL_c_O74
content-encoding: gzip
etag: W/"b6b84cce8b61dfdee3bbf1440cdecd26"
x-edge-origin-shield-skipped: 0
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 19:29:50 GMT
server: nginx
date: Fri, 01 Oct 2021 04:01:53 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VkRUUlrT4z09O-x7mg8q8qik0aZ8A2M_C8dj40GS0DRE3Yu6QbJOeQ==

GET
H2 200 core Show response
js.driftt.com/ Frame 104D 2 KB
1 KB 302ms
302ms Document
text/html 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1633061100000/wxbvs5zxy7iy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1fc3822f7dc11be056b5fcef652759837d2e03655a666d3cf6dce57edf68b558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://research.checkpoint.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 30 Sep 2021 19:29:38 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: .5nozklu3uRDdEPa.Oi6hOrrsi9TuFlw
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 01 Oct 2021 04:01:53 GMT
cache-control: no-cache
etag: W/"5c25477b35f510df12f74b6345f299a7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 4qHSaZoiuEQQ0mmtl_VKCnp0r3hXexrHmgCjZ_Arvee05e1NPD-JVQ==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 1148 2 KB
1 KB 302ms
302ms Document
text/html 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1633061100000/wxbvs5zxy7iy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1fc3822f7dc11be056b5fcef652759837d2e03655a666d3cf6dce57edf68b558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://research.checkpoint.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 30 Sep 2021 19:29:38 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: .5nozklu3uRDdEPa.Oi6hOrrsi9TuFlw
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 01 Oct 2021 04:01:53 GMT
cache-control: no-cache
etag: W/"5c25477b35f510df12f74b6345f299a7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: KMylYiq0kwHBp2pK9TKDgK8-t1OpBX6AjHlXBPoRXN0YX1tCOQWuEQ==

GET
H2 200 runtime~main.cce2b570.js Show response
js.driftt.com/core/assets/js/ Frame 104D 6 KB
3 KB 10ms
10ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

442af90e2f39691cf8713d11494f9e2adf376e0c1c6a5e8c1126694bf0efcb8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:29:37 GMT
content-encoding: gzip
age: 30736
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 19:15:47 GMT
server: nginx
etag: W/"da45c450171dcf80f8b3ead4ae862b8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ztYoqaPep272AnAOiHX7u6lXg1abI9Sc
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k8C2rmCc8vpf7BSshaXynkad9EtXUyZF87bhJZqJFp-92NiUdh0-sw==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 58 KB
20 KB 13ms
12ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uC6EQ6kVyiEs-XiIkJxvCFWsSz_2ETdrOIc3gOP5gBlUanDYuRfdAA==

GET
H2 200 main~493df0b3.e771f19b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 6 KB
3 KB 10ms
10ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e771f19b.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

2dafb4c739fbf5d52042d02b5346f60121ff607b6175e44bb5af8a4d4d5141fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:36:40 GMT
content-encoding: gzip
age: 343513
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 24 Sep 2021 14:18:07 GMT
server: nginx
etag: W/"b7041fcff7097ac261c9216ad56c7aea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: T_VpUe7iNPN6IMRAW9dNGIyA_P_cEnOb
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1-bv0GxbF_jl6pH1RilP2_iE4-XUMnkyvZlToH7wssrZw2Sk2NHMVA==

GET
H2 200 runtime~main.cce2b570.js Show response
js.driftt.com/core/assets/js/ Frame 1148 6 KB
3 KB 10ms
10ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

442af90e2f39691cf8713d11494f9e2adf376e0c1c6a5e8c1126694bf0efcb8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:29:37 GMT
content-encoding: gzip
age: 30736
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 19:15:47 GMT
server: nginx
etag: W/"da45c450171dcf80f8b3ead4ae862b8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ztYoqaPep272AnAOiHX7u6lXg1abI9Sc
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nZcns64dPkFmEIxRYaKho_jAuAyMSCDZPvoFPG7DdRG9YS57auZIiA==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 58 KB
20 KB 11ms
10ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V3nWiXIjdbg-hJuWLNxVm96OvTvDdcsywDUAL1e0JI1SuVFVdx3XDw==

GET
H2 200 main~493df0b3.e771f19b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 6 KB
3 KB 11ms
11ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e771f19b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

2dafb4c739fbf5d52042d02b5346f60121ff607b6175e44bb5af8a4d4d5141fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:36:40 GMT
content-encoding: gzip
age: 343513
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 24 Sep 2021 14:18:07 GMT
server: nginx
etag: W/"b7041fcff7097ac261c9216ad56c7aea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: T_VpUe7iNPN6IMRAW9dNGIyA_P_cEnOb
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5nsB-BhqdpontVf36Aj6jaESVLXsNX0dzlwEDjcDyNfWeRkwS0QUrQ==

GET
H2 200 42.3b1c2441.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 47 KB
14 KB 11ms
10ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:58 GMT
content-encoding: gzip
age: 294955
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 17:53:30 GMT
server: nginx
etag: W/"62fe06940598a98760a9eae46800ff59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .VUhmN0wteSIOoD7zf42Fx9jVTzQPjY_
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MOVvzzV-JqiqRRgpCMu1yEhPjf3pGgXu9wa4d1A_GLP893ffKu2TDw==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 44 KB
13 KB 10ms
9ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 15:45:04 GMT
content-encoding: gzip
age: 44209
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 14:53:53 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: epMuKR1SK2idtGdfgpFU1pzsaoH_Wikv
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -KJ5sNMkLWOEa04MWI-XzipsH3luY9UEDbYzmrmT9b9MsJKDM2_Heg==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 25 KB
8 KB 11ms
10ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 3318816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1I09NUqlw54C3qTPS3eShOaQpBS5lcLu
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SpPmTuUYAUHWPFJoPBz6qVWMDZRhwJtbCtF2lnUTddyMu5DmZzbKMQ==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 16 KB
5 KB 13ms
12ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sdcmku7ptCJwJLHqLHPhH7l0rHo_e5BuuNj7k2OJZUaXAVnPhueBPA==

GET
H2 200 19.990a7667.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 68 KB
21 KB 11ms
11ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.990a7667.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

47e3482c9085cffebfe163e19c4bc6ab7a51a18cf30c12ed15033ff973fb14ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 14:03:24 GMT
content-encoding: gzip
age: 2383109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 13:37:01 GMT
server: nginx
etag: W/"e90795967e116591284f1b56d8085a5d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sqAeBNndNqCDnUDpxtBkko44xwryPo34
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Iwtkydy3qmn74aaNO4F9_gD2EkAvmCJTTO0AXwRVjyCjpr-Asr-JGA==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 16 KB
6 KB 13ms
13ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 3318816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SPqSo.47y7907Wglh2zWsWSyACYHB_Zc
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7W8g-ieFLW-y6orWRPv4A04Kd5_o0FHgFfXPQogXzpzq6XYi0GliPQ==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 59 KB
19 KB 14ms
13ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OSsKQPGUUAyedugaIUW7B1cwsHSmOUpgALPHRH1s7AzPbMfu2rUSDw==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 91 KB
28 KB 14ms
14ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LhKGIjNKqzCQy3l0iJ00Q3nqrcjsGpY_Y4swmES0XnJ5JKd3iw0w2g==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 23 KB
7 KB 15ms
14ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Mc7dkc03r0pig3HNBg-nmAe8NPfZZA4YxXBI6wgSBlWn_JX4M5r5Pg==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 62 KB
19 KB 15ms
14ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fU_Na6buAxTALpOp9lCKqzcHfodmD18iueOLbaoJScjLBwPevRdD2w==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 105 KB
34 KB 18ms
17ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 3318816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9jXV8w0bWzHPQtgsCAjrFrN9PLNAN.Ap
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DmHm6CTaIWImTc41Jiz0piDY3y-MnTzKbZklf5ApJJAtPa6C06RdOw==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 12 KB
4 KB 21ms
21ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 3318816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ocjv..MVaCaOGNo5kiC5l3ewWVKjMwbS
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qOi2PGJ1grZnxY6CHkpgBhriq83Lby6NCrIYDcKIFDGckiL6zYHsdQ==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 12 KB
5 KB 22ms
22ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YqEQ5Wc1Etl1y60t5kmLleeawEU6WD1thHVGmPDy2b9O1tcQt-eqiQ==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 17 KB
7 KB 27ms
27ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 3318816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mlbxReFt8YmdLvOZ4ChXgFfj8NP88809
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9u_O1lZUEIVvYJt1nqsRv-4KW0UNiDXpQQBo0f3RsEl5jmEQsifeRw==

GET
H2 200 7.e7855ffa.chunk.css
js.driftt.com/core/assets/css/ Frame 1148 12 KB
3 KB 27ms
27ms Stylesheet
text/css 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.e7855ffa.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ddbff1fdf55f5fcc80d6eca42f3a2efb36b38f4ddd1eea47ce8a0ba437ac8247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 2973948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:20:59 GMT
server: nginx
etag: W/"7d15d8ca77c5224990008b95f855f068"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _KkaYuOVnNJgDqYnVHO6FMmLzVtkgHHQ
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HpWDRGIMDfklSLxSq3fyd5tO_8aIeYDe-3bAiASZtndgzVCEtyKzEg==

GET
H2 200 7.91ba1517.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 70 KB
21 KB 22ms
22ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.91ba1517.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

475d17d786e093413ff089c2a04557fe87613a937a57b71cc4e52134334dd549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:40:31 GMT
content-encoding: gzip
age: 1948882
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 08 Sep 2021 13:26:43 GMT
server: nginx
etag: W/"e31621c6ca6e135e537a9dfa1049434f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vczZQgXoO.uqP6FiSFSNBccGF7xrJ2AC
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dR032nJqocsZ4IEmGQGWJ1nuGAWUsW0TJ_4q1sJvEWr2Xuo5Dk9DBg==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 1148 24 B
667 B 23ms
22ms Stylesheet
text/css 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1cByza-5tUMpR4Ve5GgP1RBNx35QDlSA8ThdpmrYN1-_Hvc3KwFBDA==

GET
H2 200 14.878d84dc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 71 KB
18 KB 23ms
23ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.878d84dc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1ab2216f41605ccbff090c54435afc67d7f258ac81815892dacdbf3deca54a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:40:31 GMT
content-encoding: gzip
age: 1948882
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 08 Sep 2021 13:26:41 GMT
server: nginx
etag: W/"0ed7c022cdd25d839293a533b47491a2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JaFnYD_9ozyFk7Pk7zw3.oXS95ZlGb_e
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pJJcFfTqnOZ9G7wdHtm0vdqvBcz0BfrYx9MJe2w66e48RjPN1BkYiQ==

GET
H2 200 21.0829076b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 44 KB
12 KB 26ms
26ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.0829076b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

844cc9e774b9be396d567ee3b49acda3d537677cf3c41502ad299df96e9c9a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 19:38:19 GMT
content-encoding: gzip
age: 1412614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 14 Sep 2021 18:57:09 GMT
server: nginx
etag: W/"5f14252d5de2cee3a3955a908db2c7f3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wuagUGJVcI3Pm9yHxfH1bODPUsEb8uwt
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QT_X4j64vwNuJVkj-76xcCKoNbL9bn83lv9AL5JzT_W9du9IJnjTgw==

GET
H2 200 13.25ec5280.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 38 KB
13 KB 24ms
24ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.25ec5280.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1aa3a24204dc9d9c082bf6cdaf65a83c8d9156af8d382a51ec505b575b7a42d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:29:37 GMT
content-encoding: gzip
age: 30736
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 19:15:44 GMT
server: nginx
etag: W/"6e39a50f709beea67d6c24c890e08ddc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ttWHBni.aFeiCfuTxnxgqWWqDTobpqHg
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OljDivhGAHiQ3lto9b3sqjWKYZWDxoHmVcJQttp_l-c6fS3jN1clhg==

GET
H2 200 42.3b1c2441.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 47 KB
14 KB 22ms
22ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:58 GMT
content-encoding: gzip
age: 294955
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 17:53:30 GMT
server: nginx
etag: W/"62fe06940598a98760a9eae46800ff59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .VUhmN0wteSIOoD7zf42Fx9jVTzQPjY_
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Y0lSdkcOAO8zLuF_Fp2g89nudh90fF6fem7XvmC19Pl24D_CU8TNKw==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 44 KB
13 KB 24ms
23ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 15:45:04 GMT
content-encoding: gzip
age: 44209
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 14:53:53 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: epMuKR1SK2idtGdfgpFU1pzsaoH_Wikv
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qQBRstz9Eer0iPAhyBOKK-zvIPSX9hc9maHdSufK6GTII9eW0clCPQ==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 25 KB
8 KB 25ms
23ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 3318816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1I09NUqlw54C3qTPS3eShOaQpBS5lcLu
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WgEBKacaLxckxxts-67aWQ0EyrlUfzEBFsUIl8x_eKSt8DXtRU-LaA==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 16 KB
5 KB 25ms
13ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rcdvFMrgKpAvJK54wEBMFTqu2OVv6GPnFbAlupPmR7Hn_SVGkxdShw==

GET
H2 200 19.990a7667.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 68 KB
21 KB 25ms
10ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.990a7667.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

47e3482c9085cffebfe163e19c4bc6ab7a51a18cf30c12ed15033ff973fb14ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 14:03:24 GMT
content-encoding: gzip
age: 2383109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 13:37:01 GMT
server: nginx
etag: W/"e90795967e116591284f1b56d8085a5d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sqAeBNndNqCDnUDpxtBkko44xwryPo34
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WIxbOteW8Hb5PFrBuGqCoav7wt0sW-O1z34x8IZQOK3bx1xvrt64_Q==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 16 KB
6 KB 20ms
6ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 3318816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SPqSo.47y7907Wglh2zWsWSyACYHB_Zc
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WqSxOAXAAlojVic7fb1n4HXC_aBJbVZQlqmqbQFRbwW-9o2KPg01MA==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 59 KB
19 KB 21ms
6ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y4L6AQRHORNwDVNvNGOjHIfRbBQsmACYNSRxi3a8af4HcGG-EPYkrA==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 91 KB
28 KB 21ms
7ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QtBEQ7_L1HUBykNAEfgTJtupovMn5DZPSB1hWniuVLWgc3W29cbF_w==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 23 KB
7 KB 24ms
9ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Vu6DAgRvnojmhNCd_Nyuq7unyLhQYr04CWNako5IeV-WEqGGglpKOg==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 62 KB
19 KB 23ms
7ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2TGMYBJ2OycFQZAYjjdRjQhb--jhVZ3uopSOui7kOCrO6oW8m0Vbqg==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 105 KB
34 KB 23ms
8ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 3318816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9jXV8w0bWzHPQtgsCAjrFrN9PLNAN.Ap
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ecGJIGc33C5lc41YvEglMbTmCu1Rwnjbuw44R4AgTO_OOObZ5BG-YQ==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 12 KB
4 KB 25ms
9ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 3318816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ocjv..MVaCaOGNo5kiC5l3ewWVKjMwbS
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9kdrvDvFrvq3MP7G_nd9T7RtaRFlJ5yl3wjhqqm16QT_AeOFt8NLVg==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 12 KB
5 KB 25ms
10ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JHYicTiN6ajFYYHUo-d20fP2CeXprEB0PvtO4XFM1D-1Ri6tlJoCvA==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 17 KB
7 KB 26ms
11ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 3318816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mlbxReFt8YmdLvOZ4ChXgFfj8NP88809
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bYfy_NEFzyX9puos1nbzuy3cN2zeSHDvgRvtXkvBCJaCvCwb9aADVQ==

GET
H2 200 7.e7855ffa.chunk.css
js.driftt.com/core/assets/css/ Frame 104D 12 KB
3 KB 21ms
6ms Stylesheet
text/css 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.e7855ffa.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ddbff1fdf55f5fcc80d6eca42f3a2efb36b38f4ddd1eea47ce8a0ba437ac8247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 2973948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:20:59 GMT
server: nginx
etag: W/"7d15d8ca77c5224990008b95f855f068"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _KkaYuOVnNJgDqYnVHO6FMmLzVtkgHHQ
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oQQCMljeQGQUWvB-tbfTpecQKhnvJ3Hop7TwUoKOniFY4qAbWbxWdA==

GET
H2 200 7.91ba1517.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 70 KB
21 KB 26ms
11ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.91ba1517.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

475d17d786e093413ff089c2a04557fe87613a937a57b71cc4e52134334dd549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:40:31 GMT
content-encoding: gzip
age: 1948882
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 08 Sep 2021 13:26:43 GMT
server: nginx
etag: W/"e31621c6ca6e135e537a9dfa1049434f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vczZQgXoO.uqP6FiSFSNBccGF7xrJ2AC
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RNSNzEbghauEakz7cFPZHyk_WxjQBiFy1bMIk5tIXyhD6MprqKDiFw==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 104D 24 B
667 B 21ms
6ms Stylesheet
text/css 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
age: 4782575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: isN09ezWkxvH5uKkgi8CHkfrXYP-CCoOvnXdtS1fZfES1u2Tx4qpqg==

GET
H2 200 14.878d84dc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 71 KB
18 KB 27ms
13ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.878d84dc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1ab2216f41605ccbff090c54435afc67d7f258ac81815892dacdbf3deca54a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:40:31 GMT
content-encoding: gzip
age: 1948882
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 08 Sep 2021 13:26:41 GMT
server: nginx
etag: W/"0ed7c022cdd25d839293a533b47491a2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JaFnYD_9ozyFk7Pk7zw3.oXS95ZlGb_e
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5eOPmxn_5S1x1ize60Voo8I-zwRQpoH4KQb576Zp_KRkNwKCawqrbA==

GET
H2 200 21.0829076b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 44 KB
12 KB 28ms
13ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.0829076b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

844cc9e774b9be396d567ee3b49acda3d537677cf3c41502ad299df96e9c9a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 19:38:19 GMT
content-encoding: gzip
age: 1412614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 14 Sep 2021 18:57:09 GMT
server: nginx
etag: W/"5f14252d5de2cee3a3955a908db2c7f3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wuagUGJVcI3Pm9yHxfH1bODPUsEb8uwt
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Zm6XiRParlw1tn4eQGcnVXWoGBYchuiDyfeomhKe7NLPpk-pc-5V6w==

GET
H2 200 13.25ec5280.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 38 KB
13 KB 29ms
15ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.25ec5280.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1aa3a24204dc9d9c082bf6cdaf65a83c8d9156af8d382a51ec505b575b7a42d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:29:37 GMT
content-encoding: gzip
age: 30736
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 19:15:44 GMT
server: nginx
etag: W/"6e39a50f709beea67d6c24c890e08ddc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ttWHBni.aFeiCfuTxnxgqWWqDTobpqHg
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S1ZKm9I1faqsWT1GzFSwL2wKwhCU15FBdujsJpVTEXRkWsQqUx7M3w==

GET
H2 200 30.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame 1148 6 KB
1 KB 11ms
10ms Stylesheet
text/css 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:29:47 GMT
content-encoding: gzip
age: 8080326
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 29 Jun 2021 15:10:44 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fetckuyHy7tVJ3YvictsA_agqEVkirdd
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F8GYp22gjyjwFvwR_WYIt3yeBfSybaOmUXXrDr6wG5D3aN_Zssk3WA==

GET
H2 200 30.894b0c48.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 2 KB
2 KB 10ms
10ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.894b0c48.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 3318816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"a4c169519747a3283936a635381e7676"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oTk.1igsNjrA3psg1hKGFNuJF2l7cLg8
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FRPZAea_7BZFyK1rYgfxdojCHGdh7lVoOPIR020RCEIzqvCVv8ekCQ==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 180ms
180ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=64bb1002553f00002b88566167020000556d4100&session=bc935ebd-5403-4f20-879c-1c4a71e7d935&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A53%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A52%20GMT%22%2C%22timeSpent%22%3A%221060%22%2C%22totalTimeSpent%22%3A%226069%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%2227th%20September%20%E2%80%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&pageViewId=b48b1eef-ae8b-4b92-85f5-d193a0c8e47f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 04:01:53 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 20.2c0861e6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 44 KB
13 KB 11ms
10ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2c0861e6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:01:53 GMT
content-encoding: gzip
age: 118800
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 29 Sep 2021 15:21:06 GMT
server: nginx
etag: W/"c767d19b675d51ecfc93c77b8fa0f24d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hwV0oz1FdEs4weSHBOgO4zDGgKskWNX4
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rU23oh0FADFj-cDJtSYM6KqH8ndlDzSz_di6EUw2Gc9yhYC28BKAFQ==

GET
H2 200 25.ff79a1b3.chunk.css
js.driftt.com/core/assets/css/ Frame 104D 8 KB
2 KB 10ms
9ms Stylesheet
text/css 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.ff79a1b3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fe4979bacb0e09f7aaed1c69dc2e0fc3d0134f62022d04bdbe4a8d4728701d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 15:26:46 GMT
content-encoding: gzip
age: 2378107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 14:38:30 GMT
server: nginx
etag: W/"ee2864ae799c33f0f2d115315233a9c8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WXr5O6YgCJ7Y3h3j4uzACRnTLS40F5Vg
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JNd2mPMO_Wx7_Cy8ZZM0_LmZEDNG6tECvq_d_FPDA6Jh0YQkbYZwJQ==

GET
H2 200 25.029558f2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 11 KB
5 KB 11ms
10ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.029558f2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a485a72c3f73fcff7be85bbf8ebc6d96ab33957d69656d15c736e2bca689ae11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:29:37 GMT
content-encoding: gzip
age: 30736
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 19:15:45 GMT
server: nginx
etag: W/"6287546fddc8c9a56249e2013e291586"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sY82YnSNAIjmM0UdiyNwdFMw_vc_hhFU
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uz1J8RoaD-KtRKHRuLVA_Tzj9KtsRJaqj--R2LBu7z29SUF1m7RggA==

GET
H2 200 17.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 104D 365 B
1007 B 12ms
12ms Stylesheet
text/css 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 03:12:44 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
age: 2162949
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Fri, 03 Sep 2021 14:38:30 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UKSWsWGbGioCjmYeX_nlq0JBJLACRmtV
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: znk6PkoSbkt-JhTKBVooy0qgjAZpinKaBuf2kYdg4SYhyeyw343mbA==

GET
H2 200 17.30d907e0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 104D 83 KB
23 KB 11ms
11ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.30d907e0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

9dd398099bab6f03422975c1113afeb82506d3fcdfa7ffd381d3f76be762cf2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=7cf49360-c402-4251-8fd5-de7b4942e172&sessionStarted=1633060913.16&campaignRefreshToken=cff6e866-ddf8-45f7-922e-c846b8e7c70b&hideController=false&pageLoadStartTime=1633060907303&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:29:37 GMT
content-encoding: gzip
age: 30736
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 19:15:44 GMT
server: nginx
etag: W/"a427a00cfa52a1a8b54ae4ec8763381f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ON20OIDzuJkFV7pxLkZHGYXlkthBhzDS
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qCTBLCTS-TQoJmCjEjeGGLiwh28dPptWpU92vewhMnKQD1V6G0Eldw==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 1148 7 KB
2 KB 10ms
10ms Stylesheet
text/css 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 07:05:26 GMT
content-encoding: gzip
age: 2148987
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 14:38:30 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: H3lCc5pGZRKjCHfgJqwvBl_pDrcMRgYg
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oSjkDxeK1sNXfZa1uqXJrbwoeVdus57RjeGPXFX4TL0Ph5jZ0fdoQg==

GET
H2 200 1.187c50a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 54 KB
16 KB 11ms
11ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.187c50a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 4968292
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:59 GMT
server: nginx
etag: W/"eeccccb655ee3b6bcb8b1a9b1da4fd30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bVTg0MSlE6rXjintZc.g75plFKA2.sd
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zXwNWUBaTx14RxCTTjUKCS2Uobs98RUCnqualeBlLd7yNDzPDs3gSQ==

GET
H2 200 0.00bf53d7.chunk.css
js.driftt.com/core/assets/css/ Frame 1148 41 KB
7 KB 12ms
12ms Stylesheet
text/css 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.00bf53d7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

27d4bda3cf3271bfad262305b912b7335878f4ebe77c656ee4bc89d5f366a027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:12:00 GMT
content-encoding: gzip
age: 298193
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 13:54:51 GMT
server: nginx
etag: W/"dca5ce689fe85e9122a06fb4729c54db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QipVG0Ch1eHEmTkEV9qp_l_RzBYOF65s
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CTHeAyAni8OH6fwCoGKEYF9WRkCZIYiTTVtPD2daj2yol9cVSCxcwQ==

GET
H2 200 0.a808a42e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 64 KB
21 KB 13ms
12ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.a808a42e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

761c6e542997fe950891c5c295bdc5d8615d97f8370b06d82056d20b4cb38bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:12:00 GMT
content-encoding: gzip
age: 298193
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 13:54:52 GMT
server: nginx
etag: W/"a212a0b056eebe9a087e456a22dafaeb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dvAAYS7PEVznXYqlctOrPlZmJQurTJjV
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NjYVbFy4MV1hC38ybFQ8akvjUA7zZjS4_CqrbfeDlZJ5fkgjWmppUw==

GET
H2 200 28.a35d8593.chunk.css
js.driftt.com/core/assets/css/ Frame 1148 11 KB
3 KB 14ms
14ms Stylesheet
text/css 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.a35d8593.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

561b202ea8a3cd9cf4878e88b0607b78016f428087923cc32472d578218d5e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 2973948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:20:59 GMT
server: nginx
etag: W/"4e87789253b9d2feb20461043b23122f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: J1sEuldtMhnAnjgvjFcK0h4LMaWYJ2d9
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bTYKjCkCDXecO1YSeulVE7hIoz0MopzLqD0y0vwlbCKh8Lr1sIsbLQ==

GET
H2 200 28.68265fc3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1148 11 KB
5 KB 13ms
13ms Script
application/javascript 13.226.145.61

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.68265fc3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cce2b570.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.61 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

719aee21d06e6900348b6662101171a4e39cbe1797d6881590063039adca1353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1633060907303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 19:38:19 GMT
content-encoding: gzip
age: 1412614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 14 Sep 2021 18:57:09 GMT
server: nginx
etag: W/"2626d4903b3d10ae2015ef77bd7d0efb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: e4nsu3dlb7Vs7jGEQ0UpzSWHL85aRxQ1
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ONTKY_5WNiZ-mYqpjs11s4NKl60sP443dDlzjaNKP-yn0SGJg-rL4w==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 104D 25 B
123 B 115ms
115ms XHR
application/json 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Oct 2021 04:01:54 GMT
server: istio-envoy
requestid: b294763ceb3a367f
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 334ms
105ms Preflight
text/plain 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 01 Oct 2021 04:01:54 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift8b12e42489c8350dad9a03508b4
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 css
fonts.googleapis.com/ Frame 104D 5 KB
773 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/13.25ec5280.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24d38ffafe555e5e99d87f14a1af8b17f927ae22a16cc632a3efe457fe52d749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 02:24:31 GMT
server: ESF
date: Fri, 01 Oct 2021 04:01:53 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 01 Oct 2021 04:01:53 GMT

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 104D 103 B
200 B 103ms
103ms XHR
application/json 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

9a5211f83ae7ff66f5d75abc832474c3e3fb3f35a46e983b9d093d209bae9521

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Oct 2021 04:01:54 GMT
server: istio-envoy
requestid: 3b1fb86bc65bf090
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 103
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 316ms
104ms Preflight
text/plain 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 01 Oct 2021 04:01:54 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift49328014429af715d4a8731c510
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 wxbvs5zxy7iy.json Show response
embeds.driftcdn.com/embeds/ Frame 104D 29 KB
9 KB 55ms
17ms XHR
application/json 13.226.145.59

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/wxbvs5zxy7iy.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.59 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebc359a270a7d60942e91a881a223c83e28e839a6d9ee0d34ae291edefaf43af

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:01:54 GMT
content-encoding: gzip
x-edge-origin-shield-skipped: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 01 Oct 2021 02:39:42 GMT
server: AmazonS3
etag: W/"92ed9e8c40f3d75a096f3cc0c8420412"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: e82dmofDJjE92Cko0Ioqi_8hUnoF4IRKHBDCnvQM3QRBMEt0NqwkRw==

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=64bb1002553f00002b88566167020000556d4100&session=bc935ebd-5403-4f20-879c-1c4a71e7d935&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A54%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2001%20Oct%202021%2004%3A01%3A53%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227070%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%2227th%20September%20%E2%80%93%20Threat%20Intelligence%20Report%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2021%2F27th-september-threat-intelligence-report%2F&pageViewId=b48b1eef-ae8b-4b92-85f5-d193a0c8e47f&an_uid=0

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
research.checkpoint.com/2021/27th-september-threat-intelligence-report	1969-12-31 23:59:59	Name: referralURL Value:
.6sc.co/	1970-01-20 15:08:52	Name: 6suuid Value: 64bb1002553f00002b88566167020000556d4100
research.checkpoint.com/	1970-01-20 15:08:52	Name: _gd_svisitor Value: 64bb1002553f00002b88566167020000556d4100
research.checkpoint.com/	1970-01-19 21:47:45	Name: _an_uid Value: 0
research.checkpoint.com/	1970-01-20 15:08:52	Name: _gd_visitor Value: d1a83a10-4b95-4149-80de-42a22cbb2768
research.checkpoint.com/	1970-01-19 21:37:55	Name: _gd_session Value: bc935ebd-5403-4f20-879c-1c4a71e7d935
.checkpoint.com/	1970-01-20 15:08:52	Name: _ga Value: GA1.2.1054973443.1633060908
.checkpoint.com/	1970-01-19 21:39:07	Name: _gid Value: GA1.2.1166408356.1633060908
.checkpoint.com/	1970-01-19 21:37:40	Name: _dc_gtm_UA-194688-3 Value: 1
.checkpoint.com/	1970-01-20 15:08:52	Name: _mkto_trk Value: id:750-DQH-528&token:_mch-checkpoint.com-1633060908002-51188
.twitter.com/	1970-01-20 15:08:52	Name: personalization_id Value: "v1_iWXArYUqREZc3XzU2WsuDw=="
.checkpoint.com/	1970-01-19 23:47:16	Name: _fbp Value: fb.1.1633060908189.860255299
.linkedin.com/	1970-01-19 22:20:52	Name: UserMatchHistory Value: AQJepp5YIfxjTQAAAXw6A-2AQCwLfgJ6dXWFl3UZvxEEh0Xr6wM0CvvssfV6o8bxrNuntVQRDLZJiQ
.linkedin.com/	1970-01-19 22:20:52	Name: AnalyticsSyncHistory Value: AQL5qm3FQ5rVMQAAAXw6A-2AiDX1znTjEqxj0-d_r-rI09I8pqMEh-QLbLuxZl6Z_7sfw2BSESBaTWrPXjxyog
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:09:34	Name: bcookie Value: "v=2&739d7a2d-5293-4fd3-8ce8-52599743a7dd"
.linkedin.com/	1970-01-19 21:39:07	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2542:u=1:x=1:i=1633060908:t=1633147308:v=2:sig=AQGjjzw5Icd9eVKVy1xJftL6apEcL0J3"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:09:34	Name: bscookie Value: "v=1&20211001040148125f759f-a922-47af-8d44-9d6368b4a8d2AQEV17c9ZOa4Z-hoU9FNipLtMxsPas4C"
.linkedin.com/	1970-01-20 15:04:22	Name: li_gc Value: MTswOzE2MzMwNjA5MDg7MjswMjFDZeYw+fYN5N8yM7aHPlHqQakupkNnVgWktr/lkbqnEg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

750-dqh-528.mktoresp.com
analytics.twitter.com
b.6sc.co
bootstrap.api.drift.com
buttons-config.sharethis.com
c.6sc.co
cdn.onesignal.com
code.jquery.com
connect.facebook.net
embeds.driftcdn.com
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
img.onesignal.com
j.6sc.co
js.driftt.com
l.sharethis.com
metrics.api.drift.com
munchkin.marketo.net
onesignal.com
platform-api.sharethis.com
platform-cdn.sharethis.com
px.ads.linkedin.com
px4.ads.linkedin.com
research.checkpoint.com
sc1.checkpoint.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
b.6sc.co
104.111.231.109
104.111.233.140
104.111.234.67
104.244.42.195
104.244.42.69
108.174.10.14
13.226.145.47
13.226.145.59
13.226.145.61
141.193.213.20
185.33.220.145
192.28.144.124
199.232.136.157
2001:4de0:ac18::1:a:3a
2600:9000:2182:4e00:c:abe:f440:93a1
2600:9000:2182:be00:1d:85c3:6640:93a1
2606:4700:3037::6815:4e07
2606:4700::6812:e134
2606:4700::6812:e234
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:80e::2004
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c08::9c
2a02:26f0:6c00:2b0::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.67.149.147
50.16.7.188
52.29.0.64
54.147.21.139
010197d1993c80fa2d28758f166043e0eace7c062d11df8a4bcb342fa8755b53
026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0f6bbb7e286f1f3ad2aadaa4794d4f1ce8d2a1a262f1a9b8851533edbd41ae79
0fc686423c26cb1030032fd7e4f2dd664c4b08517a8990c0b46269dd4e01910b
0fe8bcbcd24ab838fbbd773001253fc0353956e81c5ba9c8e23951ebdbae305a
10af20ed2e8225412f07ec5e9ba60de78083c6104c32e6b3a42a0dc81ecdd5a3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2
1998582382fbf956231d65be84b76e08c0c86e5ced8a99c703bdec416d876d76
1aa3a24204dc9d9c082bf6cdaf65a83c8d9156af8d382a51ec505b575b7a42d4
1ab2216f41605ccbff090c54435afc67d7f258ac81815892dacdbf3deca54a87
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1fc3822f7dc11be056b5fcef652759837d2e03655a666d3cf6dce57edf68b558
24d38ffafe555e5e99d87f14a1af8b17f927ae22a16cc632a3efe457fe52d749
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27d4bda3cf3271bfad262305b912b7335878f4ebe77c656ee4bc89d5f366a027
27e3e60081926b895d5615743273a67f3280908e74e364f789df932ddc0661e8
28bf8a14cc3a9afd1252e081c83111e9cc5856a949c41260987b454b27a5a6f8
2dafb4c739fbf5d52042d02b5346f60121ff607b6175e44bb5af8a4d4d5141fb
2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
3643b2c826a615065303aa44b8f463eb854d77934f5f25dc1f74f60d4698f9f0
3bef21bc8b3ccb5bdfdfa9121cdf9514978b5bee4d4a937c97ad0f71b95bf035
3f7fcb0d3c7aa7233a07b623712960046210e6e0a6d8060e1355fdfe1ca97d21
41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6
42925a15f587187903789e678d7bce544a312565dc627a158df1ed9040282712
442af90e2f39691cf8713d11494f9e2adf376e0c1c6a5e8c1126694bf0efcb8f
475d17d786e093413ff089c2a04557fe87613a937a57b71cc4e52134334dd549
47e3482c9085cffebfe163e19c4bc6ab7a51a18cf30c12ed15033ff973fb14ee
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870
561b202ea8a3cd9cf4878e88b0607b78016f428087923cc32472d578218d5e3a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57e48df5586242df165fa8424ae8cb9e360c8e81b6a711736bf1f395a2c02a2f
58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e9ad67c84642be141fab55e348db0cbd713d33c259eaa7e1100d5f3f89e15ec
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
6048e330c0f362be46b20de45d35a5ace57a04be04a29da10448d6949f6f69ce
6a3e2ff9c3e1fe170d596eb368690eff259e9e9693af660e4796f6e5ea8092f6
719aee21d06e6900348b6662101171a4e39cbe1797d6881590063039adca1353
71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7
75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b
761c6e542997fe950891c5c295bdc5d8615d97f8370b06d82056d20b4cb38bb2
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
791d8c8cb135d3d53915096e999d3857b6ee16966c20a019f38699f09f6aa2ff
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7e0c4a1ed3d232553d98c82ea0e04cee8975d0a67df819e161f96e7c32179e8c
7f5bd223eafa1c6d1aff21c91c6bfb825f7f36830d97eef41c432681ed671f85
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844cc9e774b9be396d567ee3b49acda3d537677cf3c41502ad299df96e9c9a3b
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a8ea973aead3c693246d935cde5e118787091dbd8044af4049d6298587463c
899936a56eeb98b2d78ec0a42105b3710d262e1b078f4afe4721135afcbfaf8d
899c1dee18a8a3984f50d360c2ff90dabe5a841febee6d9368e6806cb4c9372d
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
953d6908ab55929254e46c77e5c751a6e2df7ab84430f134edc3bb62d8f7d32f
9760dd765524d14d8a303aa64b92d8805eda3d0939d1943233ae3983af4afe9d
99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1
9a5211f83ae7ff66f5d75abc832474c3e3fb3f35a46e983b9d093d209bae9521
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9dd398099bab6f03422975c1113afeb82506d3fcdfa7ffd381d3f76be762cf2c
9ec1002988b30be58344be55afcc9b1075519b3e2a96380b35ad343922e0d7ec
a22d6b8782097b7cd9588ab582e119bfd6290278275661e9d0f96b2baec0cb8e
a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517
a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4
a485a72c3f73fcff7be85bbf8ebc6d96ab33957d69656d15c736e2bca689ae11
a59bba774218f207179b30aa8bbd21bad0f7355a52321e08138bd77a308c27d5
a8da941d8a446516c824ebc9fb77b42e6b92c6deed1daed266bd821ed27bc516
a9b2d0b6836a6742f2ed98e869c1440b6ab2e73dbd87e346389ad4aa3186b4c5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acb170a85af5c17e9a6efa0309bb2f4bbcd84987e8808401e6acc9023737c02c
ae3754c54a0880a98a94c423d3e67f39b5b6f3c63516dafa33866e3e74c9f97d
af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754
b049970b7e8ff76ac4c87ab5aecba4d748c51f541e5d6f4f6b198910fdcf076f
b1fd89254c5a1e26226d533849c501ce8d17f47d4271e907f0084d7a25f1f242
b409a25be19b9494a8c248fc9e5068f933903da1dc0494b4f17120c300e53e7c
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b7cfb1c9430d90b22b3f4497543a4cfef719dc40a3cce130cad766171abe8bbe
bb0610c35f9a429f5c3cf77d501f14f3740516830849dc6fea1c4baa84c95109
bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db
c0f7ef8329ae6da56bd269492901fb024a05d7b67e977995a82b506af4b3b030
c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
ddbff1fdf55f5fcc80d6eca42f3a2efb36b38f4ddd1eea47ce8a0ba437ac8247
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2c29cbdf7e33e987443f6f7b14b5f9e5ac7e15d3e755b725a8fa28c477e662b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e60fe4713184efbce78a84f4fe694f7e2cee7e62b19ab7c65006e6c19cebfc
e6dd0854f0a88166286a6f6b54835b2da64b17de089ea7648aeebd6fba9fd3d0
ebc359a270a7d60942e91a881a223c83e28e839a6d9ee0d34ae291edefaf43af
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
eee6d8fe37122ba1538560131fe5c95f9a4b6c45e2059076a7a92513fcb12f20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d
fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf
fe2df9f6df4b4a8d7174d259f563b8d9e28e4c03f8f4092fd9db6044e0e64c32
fe4979bacb0e09f7aaed1c69dc2e0fc3d0134f62022d04bdbe4a8d4728701d67
fecb468b83f55a89343b6504341a4ede40a94fb16ad6e685147f0faba521f443
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

research.checkpoint.com Open in urlscan Pro 141.193.213.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

159 Requests

99 %HTTPS

51 %IPv6

27 Domains

38 Subdomains

34 IPs

4 Countries

3567 kBTransfer

6814 kBSize

20 Cookies

29 Outgoing links

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

research.checkpoint.com Open in urlscan Pro
141.193.213.20 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

99 %
HTTPS

51 %
IPv6

27
Domains

38
Subdomains

34
IPs

4
Countries

3567 kB
Transfer

6814 kB
Size

20
Cookies

159 HTTP transactions
0 data transactions