pages.getretain.com Open in urlscan Pro
104.16.94.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.click.getretain.com/MTM0LUZBVS0yMzIAAAGNx65chk1nUmzcRijTHheVZAP4vUE454SW0Bm_f2jTVi_7o963vcfV9muH2Wz2_dqARKAnmj8=
Effective URL:
https://pages.getretain.com/Recover-More.html
Submission: On August 24 via manual (August 24th 2023, 7:18:02 pm UTC) from IN — Scanned from DE

Summary HTTP 141 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 25 domains to perform 141 HTTP transactions. The main IP is 104.16.94.80, located in and belongs to CLOUDFLARENET, US. The main domain is pages.getretain.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2023. Valid for: a year.

This is the only time pages.getretain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.184.251.130 52.184.251.130	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	104.16.94.80 104.16.94.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e0:... 2606:4700:e0::ac40:660b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.102.38.132 104.102.38.132	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
9	95.100.146.27 95.100.146.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
69	13.224.222.23 13.224.222.23	16509 (AMAZON-02) (AMAZON-02)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	2600:9000:25e... 2600:9000:25eb:9e00:9:d7d4:1380:93a1	16509 (AMAZON-02) (AMAZON-02)
8 8	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:f200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	44.239.250.189 44.239.250.189	16509 (AMAZON-02) (AMAZON-02)
1	52.26.188.232 52.26.188.232	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
141	30

1 52.184.251.130 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

email.click.getretain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.94.80 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.getretain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.38.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-38-132.deploy.static.akamaitechnologies.com

templates.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.trueaccord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

134-fau-232.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.100.146.27 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-27.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 13.224.222.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-222-23.lhr61.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

metadata-static-files.sfo2.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25eb:9e00:9:d7d4:1380:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.metadata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:21::14 (United States) 8 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:f200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.239.250.189 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-250-189.us-west-2.compute.amazonaws.com

insights.metadata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.26.188.232 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-188-232.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::214:8e70 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	driftt.com js.driftt.com — Cisco Umbrella Rank: 5702	884 KB
10	linkedin.com 8 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 357 www.linkedin.com — Cisco Umbrella Rank: 582 px4.ads.linkedin.com — Cisco Umbrella Rank: 6211	9 KB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 5612 c.6sc.co — Cisco Umbrella Rank: 8464 ipv6.6sc.co — Cisco Umbrella Rank: 5885 b.6sc.co — Cisco Umbrella Rank: 3914	18 KB
9	getretain.com email.click.getretain.com pages.getretain.com	585 KB
6	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 6539 metrics.api.drift.com — Cisco Umbrella Rank: 6378 event.api.drift.com — Cisco Umbrella Rank: 7126	5 KB
6	trueaccord.com pages.trueaccord.com	855 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6490	778 B
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 93	4 KB
4	marketo.net templates.marketo.net — Cisco Umbrella Rank: 154300 munchkin.marketo.net — Cisco Umbrella Rank: 3366	8 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1065	88 KB
3	metadata.io cdn.metadata.io — Cisco Umbrella Rank: 31477 insights.metadata.io — Cisco Umbrella Rank: 32959	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37 region1.google-analytics.com — Cisco Umbrella Rank: 2412	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	244 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 ajax.googleapis.com — Cisco Umbrella Rank: 366	31 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 982	31 KB
1	usbrowserspeed.com a.usbrowserspeed.com — Cisco Umbrella Rank: 6879
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 859	378 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 150	2 KB
1	digitaloceanspaces.com metadata-static-files.sfo2.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 54576	6 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 772	5 KB
1	mktoresp.com 134-fau-232.mktoresp.com	318 B
1	gstatic.com fonts.gstatic.com	27 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	3 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 6030	431 B
141	25

	Domain	Requested by
69	js.driftt.com	email.click.getretain.com js.driftt.com
8	pages.getretain.com	email.click.getretain.com pages.getretain.com
7	b.6sc.co	pages.getretain.com
6	px.ads.linkedin.com	6 redirects
6	pages.trueaccord.com	pages.getretain.com
4	www.google.de	pages.getretain.com
4	www.google.com	1 redirects pages.getretain.com
4	use.fontawesome.com	pages.getretain.com use.fontawesome.com
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
3	www.googletagmanager.com	pages.getretain.com www.googletagmanager.com
3	munchkin.marketo.net	pages.getretain.com munchkin.marketo.net email.click.getretain.com
2	event.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	bootstrap.api.drift.com	js.driftt.com
2	insights.metadata.io	cdn.metadata.io
2	px4.ads.linkedin.com	pages.getretain.com
2	www.linkedin.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	maxcdn.bootstrapcdn.com	pages.getretain.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	stats.g.doubleclick.net	www.google-analytics.com
1	a.usbrowserspeed.com	cdn.metadata.io
1	cdn.linkedin.oribi.io	snap.licdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.metadata.io	email.click.getretain.com
1	metadata-static-files.sfo2.cdn.digitaloceanspaces.com	email.click.getretain.com
1	snap.licdn.com	www.googletagmanager.com
1	j.6sc.co	email.click.getretain.com
1	134-fau-232.mktoresp.com	munchkin.marketo.net
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	pages.getretain.com
1	templates.marketo.net	pages.getretain.com
1	cdnjs.cloudflare.com	pages.getretain.com
1	fonts.googleapis.com	pages.getretain.com
1	bit.ly	1 redirects
1	email.click.getretain.com
141	38

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
getretain.com

Subject Issuer	Validity	Valid
pages.getretain.com Cloudflare Inc ECC CA-3	`2023-08-08` - `2024-08-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
pages.trueaccord.com Cloudflare Inc ECC CA-3	`2023-08-02` - `2024-07-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
6sc.co R3	`2023-08-19` - `2023-11-17`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.sfo2.cdn.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-04`	a year	crt.sh
*.metadata.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-18` - `2024-01-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
a.usbrowserspeed.com Amazon RSA 2048 M01	`2022-12-01` - `2023-12-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://pages.getretain.com/Recover-More.html
Frame ID: 8F458E8691B2A5E7346BA0DBE9E3DEFC
Requests: 66 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
Frame ID: 9165A0D3BC8C73F5737BDE1994FC8610
Requests: 37 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
Frame ID: D4B7D2BF14F13E2FFA7F74504E32496B
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.click.getretain.com/MTM0LUZBVS0yMzIAAAGNx65chk1nUmzcRijTHheVZAP4vUE454SW0Bm_f2jTVi_7o963vcfV9muH... Page URL
http://bit.ly/3YQ2qnZ?mkt_tok=MTM0LUZBVS0yMzIAAAGNx65chn0eOoISF674Ot_aU2bwdThja5AKRFQH8IDY... HTTP 301
https://pages.getretain.com/Recover-More.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

141
Requests

97 %
HTTPS

56 %
IPv6

25
Domains

38
Subdomains

30
IPs

5
Countries

2820 kB
Transfer

5448 kB
Size

28
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/people/Get-Retain/100094895335871/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/truemlco/

Search URL Search Domain Scan URL

URL: https://getretain.com/privacy-policy/
Title: TrueML Product's privacy policy

Search URL Search Domain Scan URL

URL: https://getretain.com/
Title: Visit GetRetain.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.click.getretain.com/MTM0LUZBVS0yMzIAAAGNx65chk1nUmzcRijTHheVZAP4vUE454SW0Bm_f2jTVi_7o963vcfV9muH2Wz2_dqARKAnmj8= Page URL
http://bit.ly/3YQ2qnZ?mkt_tok=MTM0LUZBVS0yMzIAAAGNx65chn0eOoISF674Ot_aU2bwdThja5AKRFQH8IDYb_wlupiIqScdY3_zlyO5jxe5TX5vUnGABBrt1qILBEX5G5VoYc3ayBsHaPja-u1f HTTP 301
https://pages.getretain.com/Recover-More.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://px.ads.linkedin.com/collect/?pid=2704196&fmt=gif HTTP 302
https://px.ads.linkedin.com/collect?pid=2704196&fmt=gif&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D2704196%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?pid=2704196&fmt=gif&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?pid=2704196&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQLIVasO8ZCiTAAAAYoo-1_CgntYKT2UYvzZlJ7qd_dFe4F07g9drs2jgXqP4cfobMo0bF_DOZ--

Request Chain 43

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2704196&time=1692904676750&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2704196&time=1692904676750&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2704196%26time%3D1692904676750%26url%3Dhttps%253A%252F%252Fpages.getretain.com%252FRecover-More.html%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2704196&time=1692904676750&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2704196&time=1692904676750&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&cookiesTest=true&liSync=true&e_ipv6=AQKwpLZBtzysygAAAYoo-2BZxems6kGUycXkCdS_LJ7mAPM9SHu2N0UERncpv9wn24LeprSCr-Er

Request Chain 48

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984158236/?random=890175895&cv=11&fst=1692904676649&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&ref=http%3A%2F%2Femail.click.getretain.com%2F&label=ld0vCMSOwMIDEJygpNUD&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=9298714.1692904677&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5KznZNvFK63G9u8Pg6CMSA&sscte=1&crd=&pscrd=EkpDaEFJOFAtYnB3WVE4cnIxZ3FmRXI2OUhFaU1BOGtJSHFnaDctYkRBOXAyMTBPSjdhdi1XQmk1Zk9GcnZkandyM19qTEhOX050QRpUQ2hBSThQLWJwd1lRdHVEQ2hNeXM4TTE5RWlzQXVOTXMtQlRxa2pKbDBoelREc0JLbENBR09jT3dGZHdYT3Bqb2RYYlJGeHJybVprdU5OQ1VkQWU2IhMI28eTr4H2gAMVLaP9Bx0DEAMJ HTTP 302
https://www.google.com/pagead/1p-conversion/984158236/?random=890175895&cv=11&fst=1692904676649&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&ref=http%3A%2F%2Femail.click.getretain.com%2F&label=ld0vCMSOwMIDEJygpNUD&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=9298714.1692904677&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkpDaEFJOFAtYnB3WVE4cnIxZ3FmRXI2OUhFaU1BOGtJSHFnaDctYkRBOXAyMTBPSjdhdi1XQmk1Zk9GcnZkandyM19qTEhOX050QRpUQ2hBSThQLWJwd1lRdHVEQ2hNeXM4TTE5RWlzQXVOTXMtQlRxa2pKbDBoelREc0JLbENBR09jT3dGZHdYT3Bqb2RYYlJGeHJybVprdU5OQ1VkQWU2IhMI28eTr4H2gAMVLaP9Bx0DEAMJ&is_vtc=1&ocp_id=5KznZNvFK63G9u8Pg6CMSA&cid=CAQSKQBpAlJW5TI4MEMM-nWWW8QN1ZbsQFhClRlSE0ixizGTijhNig8fAbeL&random=2613639402 HTTP 302
https://www.google.de/pagead/1p-conversion/984158236/?random=890175895&cv=11&fst=1692904676649&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&ref=http%3A%2F%2Femail.click.getretain.com%2F&label=ld0vCMSOwMIDEJygpNUD&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=9298714.1692904677&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkpDaEFJOFAtYnB3WVE4cnIxZ3FmRXI2OUhFaU1BOGtJSHFnaDctYkRBOXAyMTBPSjdhdi1XQmk1Zk9GcnZkandyM19qTEhOX050QRpUQ2hBSThQLWJwd1lRdHVEQ2hNeXM4TTE5RWlzQXVOTXMtQlRxa2pKbDBoelREc0JLbENBR09jT3dGZHdYT3Bqb2RYYlJGeHJybVprdU5OQ1VkQWU2IhMI28eTr4H2gAMVLaP9Bx0DEAMJ&is_vtc=1&ocp_id=5KznZNvFK63G9u8Pg6CMSA&cid=CAQSKQBpAlJW5TI4MEMM-nWWW8QN1ZbsQFhClRlSE0ixizGTijhNig8fAbeL&random=2613639402&ipr=y

141 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 302
Found MTM0LUZBVS0yMzIAAAGNx65chk1nUmzcRijTHheVZAP4vUE454SW0Bm_f2jTVi_7o963vcfV9muH2Wz2_dqARKAnmj8=
email.click.getretain.com/ 507 B
1009 B 630ms
167ms Document
text/html 52.184.251.130
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://email.click.getretain.com/MTM0LUZBVS0yMzIAAAGNx65chk1nUmzcRijTHheVZAP4vUE454SW0Bm_f2jTVi_7o963vcfV9muH2Wz2_dqARKAnmj8=

Protocol

HTTP/1.1

Server

52.184.251.130 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

adobe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-rJx92zd4YE1l/fIxwYpAbieRbnlrP7jDISuDB6b5Ie0=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
content-length: 507
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-rJx92zd4YE1l/fIxwYpAbieRbnlrP7jDISuDB6b5Ie0=';object-src 'none';form-action 'none';frame-src 'none'
content-type: text/html;charset=UTF-8
date: Thu, 24 Aug 2023 19:17:54 GMT
referrer-policy: strict-origin
server: adobe
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 86cc3c4fe48f81e8

GET
H2

200

Primary Request Recover-More.html Show response
pages.getretain.com/
Redirect Chain

http://bit.ly/3YQ2qnZ?mkt_tok=MTM0LUZBVS0yMzIAAAGNx65chn0eOoISF674Ot_aU2bwdThja5AKRFQH8IDYb_wlupiIqScdY3_zlyO5jxe5TX5vUnGABBrt1qILBEX5G5VoYc3ayBsHaPja-u1f
https://pages.getretain.com/Recover-More.html

42 KB
11 KB

835ms
414ms

Document
text/html

104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.getretain.com/Recover-More.html

Requested by

Host: email.click.getretain.com
URL: http://email.click.getretain.com/MTM0LUZBVS0yMzIAAAGNx65chk1nUmzcRijTHheVZAP4vUE454SW0Bm_f2jTVi_7o963vcfV9muH2Wz2_dqARKAnmj8=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852064e1ade8f2fd86d6f184c605c35292a813d5dfdac62a28409943673a6016

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://email.click.getretain.com/MTM0LUZBVS0yMzIAAAGNx65chk1nUmzcRijTHheVZAP4vUE454SW0Bm_f2jTVi_7o963vcfV9muH2Wz2_dqARKAnmj8=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: stale-while-revalidate=60, max-age=300, public
cf-cache-status: DYNAMIC
cf-ray: 7fbdf02c2b7b382e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 24 Aug 2023 19:17:55 GMT
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
server: cloudflare
vary: *,Accept-Encoding
x-asset-type: LP
x-cache-status: EXPIRED
x-content-type-options: nosniff
x-mkto-nginx-cache: true

Redirect headers

Cache-Control: private, max-age=90
Content-Length: 132
Content-Security-Policy: referrer always;
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Aug 2023 19:17:54 GMT
Location: https://pages.getretain.com/Recover-More.html
Referrer-Policy: unsafe-url
Server: nginx
Via: 1.1 google

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 88ms
39ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.getretain.com/
Origin: https://pages.getretain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1078
age: 4534
cdn-cachedat: 07/06/2023 22:31:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7b5cc7ce2ffb19fa47e1e56b2c8da326
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7fbdf02f0ca41915-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1005 B 87ms
33ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin:400,700|Lato:300,400,600,700

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df9ff0c8b785b523d8bd02ecc3b57b02119c52da84a6e73471fbf6cf5c6c1f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 19:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 19:17:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 19:17:55 GMT

GET
H2 200 eac3e0dbf0.js Show response
use.fontawesome.com/ 9 KB
4 KB 80ms
30ms Script
text/javascript 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/eac3e0dbf0.js
Requested by: Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7ef75f290069960361e2d7668bbd5e546823ba9db6ccc09da5de92de83bc86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KJV3NP2B83YK7SPY
age: 5447
alt-svc: h3=":443"; ma=86400
x-amz-id-2: P1qYAcQkPeis4pur24+pBwyC0RSuIqJ5mFiBsjuund+cEbV36XjChDrOcYNYq3HHgwkjjTv7W3Zw8Tt+vyun8ZgdwHoqydFc2OjsicgHr68=
last-modified: Thu, 01 Jul 2021 19:59:17 GMT
server: cloudflare
etag: W/"8ab30e1d12f78213e4d8f36645432992"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOpeTEPN2SOfLmWGHEaPAU5NNuJiTqvyADIckDUVC4BOQqGpxSugyDykyExtrK1uZJY0%2BbXu9lpMSk3ggFn4YwFdnE6XHFNbQtLJhhmwERtVww4JvGQCf2KgJuaLXQjV2CnQl%2BXiJBnJB0LKfyS1Li9o"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 7fbdf02f0d8e3641-FRA

GET
H2 200 simple-line-icons.min.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/ 11 KB
3 KB 77ms
29ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.min.css

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06723045419949302e1d4abe65cb4a535582e60d1a53645ab838b06079d98eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.getretain.com/
Origin: https://pages.getretain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5437343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2006
last-modified: Mon, 10 Aug 2020 15:57:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f316e72-2abf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYsnYRQ03c4429asFxL9stYgyRdeSQn4oyoy6sUiAgWfaxIfa2y9dXOJNjAcxT6OGtFEJaqQxwUu8Qd4GOynrXnGFi3jvNqmUV4VzNRpLRnXuAJWCBw62Ht4%2F6NQEcqniCCsU6kbsRvmT34vSByAe3T3"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fbdf02f0e0119b3-FRA
expires: Tue, 13 Aug 2024 19:17:55 GMT

GET
H/1.1 200
OK ie10-viewport-bug-workaround.js Show response
templates.marketo.net/template1/js/ 694 B
982 B 747ms
39ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://templates.marketo.net/template1/js/ie10-viewport-bug-workaround.js
Requested by: Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 19:17:56 GMT
Last-Modified: Thu, 28 May 2015 00:15:45 GMT
Server: AkamaiNetStorage
ETag: "b5a0dd7ce1f7c1c6b80b5abe13308dd2:1432772145"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 694

GET
H2 200 retain-logo_lp.png
pages.trueaccord.com/rs/134-FAU-232/images/ 7 KB
8 KB 405ms
201ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pages.trueaccord.com/rs/134-FAU-232/images/retain-logo_lp.png

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe1f778683240e23c51fa92a1b26d4a5e325524c72d55dedceb3b2670f12f8d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 04 Aug 2023 14:46:17 GMT
server: cloudflare
etag: "58053e-1cf8-60219f593e0b7"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 7fbdf0336df1920b-FRA
content-length: 7416
expires: Thu, 24 Aug 2023 19:18:56 GMT

GET
H2 200 forms2.min.js Show response
pages.getretain.com/js/forms2/js/ 208 KB
69 KB 41ms
40ms Script
application/x-javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.getretain.com/js/forms2/js/forms2.min.js

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/Recover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 18:50:22 GMT
server: cloudflare
age: 4537
etag: "1e0b4e-34099-60062cdee3780"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7fbdf02f58b3382e-FRA
expires: Thu, 24 Aug 2023 23:17:55 GMT

GET
H2 200 Seth%20Peters.jpeg
pages.getretain.com/rs/134-FAU-232/images/ 70 KB
70 KB 208ms
207ms Image
image/jpeg 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pages.getretain.com/rs/134-FAU-232/images/Seth%20Peters.jpeg

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8747c8a898e0792da938242ef1d70462a7af4c48611aba939ca41b17bb9f3d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/Recover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Wed, 02 Aug 2023 17:40:15 GMT
server: cloudflare
etag: "2880952-11797-601f428090faa"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 7fbdf0336fdf382e-FRA
content-length: 71575
expires: Thu, 24 Aug 2023 19:18:56 GMT

GET
H2 200 glenn%20walters.png
pages.getretain.com/rs/134-FAU-232/images/ 425 KB
426 KB 215ms
215ms Image
image/png 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pages.getretain.com/rs/134-FAU-232/images/glenn%20walters.png

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e1edec85ed09966b1c4542efa11797248b0985b5366d90aeb1892bf0272b01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/Recover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 02 Aug 2023 17:40:15 GMT
server: cloudflare
etag: "2880951-6a5d4-601f4280903f2"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 7fbdf0336fe3382e-FRA
content-length: 435668
expires: Thu, 24 Aug 2023 19:18:56 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 78ms
24ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 07:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Aug 2024 07:28:22 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 31ms
29ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.getretain.com/
Origin: https://pages.getretain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1053
age: 4533
cdn-cachedat: 11/15/2022 10:30:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 04bb652abaf66cf3e3edfadcac54653c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7fbdf030bff81915-FRA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK munchkin-beta.js Show response
munchkin.marketo.net// 1 KB
1 KB 133ms
38ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin-beta.js
Requested by: Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: aaf173c00687da3d4328c0a1593d764175af1cb6708fa79ca5febcdc5f7de161

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 19:17:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Feb 2023 02:35:29 GMT
Server: AkamaiNetStorage
ETag: "7ea9bdc17bda32d919638e9e573666e3:1675391729.535053"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H2 200 stripmkttok.js Show response
pages.getretain.com/js/ 2 KB
841 B 56ms
56ms Script
application/x-javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.getretain.com/js/stripmkttok.js

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/Recover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 18:50:23 GMT
server: cloudflare
age: 4534
etag: "2660d7d-602-60062cdfd79c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fbdf031cd3e382e-FRA
content-length: 678
expires: Thu, 24 Aug 2023 23:17:56 GMT

GET
H2 200 eac3e0dbf0.css
use.fontawesome.com/ 1 KB
760 B 29ms
28ms Stylesheet
text/css 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/eac3e0dbf0.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/eac3e0dbf0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f26aaa5bf5fb98df2ed17604ca1543f8049cadfdcabc207dded629ef494cc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: D5KGHD063534TR32
age: 5447
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5Ib9cNHWH4SDPdOxIUNY0nl0ZTTzp+avDaPaBhO0hV2bzRwA5eBL1whhXY1sRNdj9kMY31UXVU8=
last-modified: Thu, 01 Jul 2021 19:59:17 GMT
server: cloudflare
etag: W/"e03b07594e5708204c1945612437d54e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dAcCpwuYJX1ThsRgpuFum6X%2Btojp1waHp4dzeAmkbkIgqGlvAsDbE5zvLVVmVnCDGOZBr8oSBraRGOfu5HM5CJ8o9yvr8KC8EhoLtY7Mx5DLj22muHpQIzvkwbvdFMKS4%2BS%2BruXhqswgA0KI0KGnPpU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 7fbdf02f5e023641-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 253 KB
90 KB 92ms
42ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5KJNB2

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b3a9b28dc6979ea5dd337ecd306773d39e51db27498ce0cda484b3e88a64948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91449
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 18:02:13 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Aug 2023 19:17:56 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 30ms
30ms Stylesheet
text/css 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/eac3e0dbf0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/eac3e0dbf0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0QHPNNV7SX3T19DE
age: 1898444
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CoMe04ILtaoTXdOMXkJEi15AhFfSutZooRZsH6QXwumQhNmZldTwXFqKQx0Qe3L0dX8kCpXO6rQ=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2al1er5gH4%2FcPUhxbPNWSyqx9%2BZHwWP9GCNxGk6toC1am9FDJ1p%2FD8Xw9BfXntp%2Bf4cl1MocDpSuPKhc0AImLahxXhBbXcOFZGPOxIye4%2FPz83FLXTSEEAVK8OYEQnbpF57NJ2m8i%2FF9cDls7lueH2q"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7fbdf02f8e5a3641-FRA

GET
H3 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 81ms
30ms Font
application/font-woff2 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/eac3e0dbf0.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/eac3e0dbf0.css
Origin: https://pages.getretain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 377S6WTG89QWEEF5
age: 4552
alt-svc: h3=":443"; ma=86400
content-length: 77160
x-amz-id-2: xv0JF0WbBQd4CmRX5sDK9hjJvvJxh18C+tK2gB6dpKM7K7N5EUlFiaxfynt5AhSnHkFJpP/xVd0=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNcBmnu4Ed1YWy2AdLyz%2Bs%2FJiAMbRlN2hSQV8FtefBZsDkDKWJv0dO7BuuxJsIq0yvbR%2FCfqsZtPwZbsBuQtreKdWNv0BDfUQpE0hzadP3zDhWiz9tCy5nYHFjlJnC3ttZE8F9ItX5RDe9dJcbDbAqcL"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7fbdf0302fd53738-FRA

GET
H2 200 ico_facebook_lp_blue.png
pages.trueaccord.com/rs/134-FAU-232/images/ 2 KB
3 KB 218ms
217ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pages.trueaccord.com/rs/134-FAU-232/images/ico_facebook_lp_blue.png

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bedfdbcd00672a76f753e3c2dc50889cd0665d50937b968ef6aa9e56892a3cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Thu, 10 Aug 2023 08:38:19 GMT
server: cloudflare
etag: "58063b-98f-6028d84a0dca3"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 7fbdf0338e17920b-FRA
content-length: 2447
expires: Thu, 24 Aug 2023 19:18:56 GMT

GET
H2 200 ico_linkedin_lp_blue.png
pages.trueaccord.com/rs/134-FAU-232/images/ 3 KB
3 KB 206ms
205ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pages.trueaccord.com/rs/134-FAU-232/images/ico_linkedin_lp_blue.png

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

619c618b7a5b4f394e89ad689db09793fbc8b22ce98b635916e759afa6643587

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 04 Aug 2023 14:47:30 GMT
server: cloudflare
etag: "580571-c33-60219f9e519db"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 7fbdf0338e1a920b-FRA
content-length: 3123
expires: Thu, 24 Aug 2023 19:18:56 GMT

GET
H2 200 landing_page_hero.png
pages.trueaccord.com/rs/134-FAU-232/images/ 833 KB
835 KB 225ms
225ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pages.trueaccord.com/rs/134-FAU-232/images/landing_page_hero.png

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c1add67b5d47749d1e547ca89fc856c0cd29c3b1a53e83e8e41066b6f2bbbe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Aug 2023 00:59:24 GMT
server: cloudflare
etag: "58059a-d05b1-601fa4a9181f3"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 7fbdf0338e1d920b-FRA
content-length: 853425
expires: Thu, 24 Aug 2023 19:18:56 GMT

GET
H2 200 ico_top_blue.png
pages.trueaccord.com/rs/134-FAU-232/images/ 3 KB
3 KB 207ms
206ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pages.trueaccord.com/rs/134-FAU-232/images/ico_top_blue.png

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d26849a012f1de601a07c60559bae2125b1e59ab6108725caa679e958ec4fe52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 04 Aug 2023 14:54:14 GMT
server: cloudflare
etag: "2880997-bfb-6021a11fc2165"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 7fbdf0338e1e920b-FRA
content-length: 3067
expires: Thu, 24 Aug 2023 19:18:56 GMT

GET
H2 200 ico_bottom_01.png
pages.trueaccord.com/rs/134-FAU-232/images/ 3 KB
3 KB 201ms
201ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pages.trueaccord.com/rs/134-FAU-232/images/ico_bottom_01.png

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c01e302a9d9a512b08b9804c51a1d0deb703dfec70360ddf6fd29eb574bb542

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 22 Jul 2023 11:15:00 GMT
server: cloudflare
etag: "580168-c43-601117e0a944a"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 7fbdf0338e1f920b-FRA
content-length: 3139
expires: Thu, 24 Aug 2023 19:18:56 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 27 KB
27 KB 72ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:400,700|Lato:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.getretain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 02:28:11 GMT
x-content-type-options: nosniff
age: 146985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 02:28:11 GMT

GET
H2 200 getForm Show response
pages.getretain.com/index.php/form/ 9 KB
3 KB 751ms
751ms XHR
application/javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.getretain.com/index.php/form/getForm?munchkinId=134-FAU-232&form=1436
Requested by: Host: pages.getretain.com
URL: https://pages.getretain.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cab8fc6af9481033d3bfef8fa3ba90042d821eb3edc3441f4ad304b3e3b03d4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://pages.getretain.com/Recover-More.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-form-service-request-id: 139cf#18a28fb5cfe
x-marketo-source: Form Service
cf-ray: 7fbdf033983d382e-FRA
cached: false

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 45ms
45ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin-beta.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 19:17:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sat, 02 Dec 2023 19:17:56 GMT

POST
H/1.1 200
OK visitWebPage
134-fau-232.mktoresp.com/webevents/ 2 B
318 B 1187ms
165ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://134-fau-232.mktoresp.com/webevents/visitWebPage?_mchNc=1692904676476&_mchCn=Recover-More&_mchId=134-FAU-232&_mchTk=_mch-getretain.com-1692904676475-65949&_mchWs=j1RR&_mchHo=pages.getretain.com&_mchPo=&_mchRu=%2FRecover-More.html&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=http%3A%2F%2Femail.click.getretain.com%2F&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 19:17:57 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 5901824e-eb41-44dd-a271-4f7be9aaf141

GET
H2 200 6si.min.js Show response
j.6sc.co/ 48 KB
14 KB 442ms
41ms Script
application/javascript 95.100.146.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: email.click.getretain.com
URL: http://email.click.getretain.com/MTM0LUZBVS0yMzIAAAGNx65chk1nUmzcRijTHheVZAP4vUE454SW0Bm_f2jTVi_7o963vcfV9muH2Wz2_dqARKAnmj8=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.146.27 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-146-27.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

ae3536ecd79c98f87387cee9060be3053e0eb8fe0871e7336554812ef8138772

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jul 2023 16:27:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64b9605e-bf6f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 14190
expires: Thu, 24 Aug 2023 19:17:56 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 115ms
41ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5KJNB2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 09:07:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=76958
accept-ranges: bytes
content-length: 4862

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 77ms
21ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5KJNB2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Aug 2023 17:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5293
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 24 Aug 2023 19:49:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/984158236/ 3 KB
2 KB 120ms
66ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984158236/?random=1692904676549&cv=11&fst=1692904676549&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&ref=http%3A%2F%2Femail.click.getretain.com%2F&hn=www.googleadservices.com&frm=0&auid=9298714.1692904677&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5KJNB2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a50a48223d0b9dd04fd0e093e5969192bc87f52914fcd8f6acf7cfc85e9f9b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1303
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 39ms
38ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: email.click.getretain.com
URL: http://email.click.getretain.com/MTM0LUZBVS0yMzIAAAGNx65chk1nUmzcRijTHheVZAP4vUE454SW0Bm_f2jTVi_7o963vcfV9muH2Wz2_dqARKAnmj8=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 19:17:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 9w4vzn46c2kn.js Show response
js.driftt.com/include/1692904800000/ 214 KB
60 KB 339ms
222ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1692904800000/9w4vzn46c2kn.js

Requested by

Host: email.click.getretain.com
URL: http://email.click.getretain.com/MTM0LUZBVS0yMzIAAAGNx65chk1nUmzcRijTHheVZAP4vUE454SW0Bm_f2jTVi_7o963vcfV9muH2Wz2_dqARKAnmj8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4906a6af959d89f594482bb8d02095fbee125bdef731f0b379d5ae5f47fde3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
x-amz-version-id: 2PF1Bcx5t0vgj2u18ljPPo.jTrznS2z4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Mon, 21 Aug 2023 19:32:55 GMT
server: istio-envoy
etag: W/"8d82060011d83f2dc04ccfe0e379c98a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RFcDJmJAevdIuTbMn3HjW_VIstDigT96pHRs9UWf8uspVVUIwTw5Cg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
69 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-984158236

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5KJNB2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff33d195a5691d0b440cd90c5537de1109fa341c16600473f0457303b25f44e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71036
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 18:02:13 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Aug 2023 19:17:56 GMT

GET
H2 200 lp.js Show response
metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/ 6 KB
6 KB 135ms
24ms Script
application/x-javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js

Requested by

Host: email.click.getretain.com
URL: http://email.click.getretain.com/MTM0LUZBVS0yMzIAAAGNx65chk1nUmzcRijTHheVZAP4vUE454SW0Bm_f2jTVi_7o963vcfV9muH2Wz2_dqARKAnmj8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

10261b710e399a8cee22c8ff4118167d91ac58254f5bf0291036d2219dd5cf25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Thu, 22 Sep 2022 17:10:43 GMT
x-amz-request-id: tx000000000000049c2bd9c-0064e60fd3-5155b967-sfo2a
etag: "9a8767fa98da937fb02cdbbc52a101bb"
x-envoy-upstream-healthchecked-cluster
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1692904676.dop221.fr8.t,1692904676.cds150.fr8.hn,1692904676.cds270.fr8.c
content-type: application/x-javascript
cache-control: max-age=499056
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5776

GET
H2 200 site-insights.js Show response
cdn.metadata.io/ 3 KB
2 KB 205ms
14ms Script
application/javascript 2600:9000:25eb:9e00:9:d7d4:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.metadata.io/site-insights.js

Requested by

Host: email.click.getretain.com
URL: http://email.click.getretain.com/MTM0LUZBVS0yMzIAAAGNx65chk1nUmzcRijTHheVZAP4vUE454SW0Bm_f2jTVi_7o963vcfV9muH2Wz2_dqARKAnmj8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25eb:9e00:9:d7d4:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c70e11016c081695bdb4ffbabd5256305813baaf49f2fb9079ae3ddf1accc245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: V0nkAa1z_qFsvRg.lgOpxeXWtv46G9Ma
content-encoding: gzip
via: 1.1 6812ba1c26abf20c0ba6ea000d71fb52.cloudfront.net (CloudFront)
date: Thu, 24 Aug 2023 07:12:03 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MXP53-P3
age: 52702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Apr 2023 16:53:20 GMT
server: AmazonS3
etag: W/"fe7d9a877e481321a707820d060478af"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: I17rm0AiHdw7jOHG29YjWYMIBOCENE27lbMb12Onm_V_vz5trr4a7g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
85 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KQVSNJQKHD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5KJNB2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4395f3552543f41051b3bc466d641d460c47d225505e3afd3483315579ca3d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86798
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Aug 2023 19:17:56 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect/?pid=2704196&fmt=gif
https://px.ads.linkedin.com/collect?pid=2704196&fmt=gif&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D2704196%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue
https://px.ads.linkedin.com/collect?pid=2704196&fmt=gif&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?pid=2704196&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQLIVasO8ZCiTAAAAYoo-1_CgntYKT2UYvzZlJ7qd_dFe4F07g9drs2jgXqP4cfobMo0bF_DOZ--

43 B
351 B

277ms
212ms

Image
image/gif

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?pid=2704196&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQLIVasO8ZCiTAAAAYoo-1_CgntYKT2UYvzZlJ7qd_dFe4F07g9drs2jgXqP4cfobMo0bF_DOZ--
Requested by: Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3C2EF89D27BB437CA41BDF0C2B8DF892 Ref B: DUS30EDGE0306 Ref C: 2023-08-24T19:17:57Z
linkedin-action: 1
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
content-type: image/gif
x-li-proto: http/2
content-length: 65
x-li-uuid: AAYDsBXx9M7dZsMZMVbaNQ==

Redirect headers

date: Thu, 24 Aug 2023 19:17:57 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 817D83F46DFB4EA8B335D7425263E2EE Ref B: FRAEDGE1116 Ref C: 2023-08-24T19:17:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?pid=2704196&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQLIVasO8ZCiTAAAAYoo-1_CgntYKT2UYvzZlJ7qd_dFe4F07g9drs2jgXqP4cfobMo0bF_DOZ--
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDsBXt7VS+3xQ12iFWzw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/984158236/ 3 KB
1 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984158236/?random=1692904676633&cv=11&fst=1692904676633&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&ref=http%3A%2F%2Femail.click.getretain.com%2F&hn=www.googleadservices.com&frm=0&auid=9298714.1692904677&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-984158236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75b4c85ce535b241ea5fdcb29936bce606aefc1c1a9ee04bcd562ae8873ece74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/984158236/ 3 KB
2 KB 85ms
35ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/984158236/?random=1692904676649&cv=11&fst=1692904676649&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&ref=http%3A%2F%2Femail.click.getretain.com%2F&label=ld0vCMSOwMIDEJygpNUD&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=9298714.1692904677&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-984158236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b97bbc42267401c86a3218f62d4dacffd0d2da2a8f7a5a0706f7616bd2d6e79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1561
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 98ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KQVSNJQKHD&gtm=45je38n0&_p=1281535536&cid=1467547056.1692904677&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692904676&sct=1&seg=0&dl=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&dr=http%3A%2F%2Femail.click.getretain.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KQVSNJQKHD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.getretain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 50ms
27ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1281535536&t=pageview&_s=1&dl=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&dr=http%3A%2F%2Femail.click.getretain.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=1861965919&gjid=1930225950&cid=1467547056.1692904677&tid=UA-38559990-1&_gid=471124650.1692904677&_r=1&_slc=1&gtm=45He38n0n81M5KJNB2&cd2=1692904676545.yga32v7r&cd3=2023-08-24T21%3A17%3A56.545%2B02%3A00&cd1=1467547056.1692904677&z=1031628384

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.getretain.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.getretain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2704196/domain/pages.getretain.com/ 36 B
378 B 232ms
174ms XHR
application/json 2600:9000:2315:f200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2704196/domain/pages.getretain.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:f200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://pages.getretain.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
content-encoding: gzip
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: p7n59Iw7nijAa7xnpuMpf1IJgv1aCXGZ4IPg6nwzWDC8jdtGbdHxMA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2704196&time=1692904676750&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2704196&time=1692904676750&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2704196%26time%3D1692904676750%26url%3Dhttps%253A%252F%252Fpages.getretain.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2704196&time=1692904676750&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2704196&time=1692904676750&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&cookiesTest=true&liSync=true&e_ipv6=AQKwpLZBtzysygAAAYoo-2BZ...

0
164 B

218ms
216ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2704196&time=1692904676750&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&cookiesTest=true&liSync=true&e_ipv6=AQKwpLZBtzysygAAAYoo-2BZxems6kGUycXkCdS_LJ7mAPM9SHu2N0UERncpv9wn24LeprSCr-Er
Requested by: Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:56 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D91BD07BCBBA46EC9314E1D4FDCF3512 Ref B: DUS30EDGE0306 Ref C: 2023-08-24T19:17:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDsBXzaFLLIWbmrLBNCw==

Redirect headers

date: Thu, 24 Aug 2023 19:17:57 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FAC1432416FB4300BA2A88962F756D13 Ref B: FRAEDGE1116 Ref C: 2023-08-24T19:17:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2704196&time=1692904676750&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&cookiesTest=true&liSync=true&e_ipv6=AQKwpLZBtzysygAAAYoo-2BZxems6kGUycXkCdS_LJ7mAPM9SHu2N0UERncpv9wn24LeprSCr-Er
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDsBXwQgW7mB39XGxZQQ==

GET
H2 200 /
www.google.com/pagead/1p-user-list/984158236/ 42 B
108 B 91ms
33ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/984158236/?random=1692904676549&cv=11&fst=1692903600000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&ref=http%3A%2F%2Femail.click.getretain.com%2F&frm=0&fmt=3&is_vtc=1&random=4152194629&rmt_tld=0&ipr=y

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/984158236/ 42 B
108 B 92ms
34ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/984158236/?random=1692904676549&cv=11&fst=1692903600000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&ref=http%3A%2F%2Femail.click.getretain.com%2F&frm=0&fmt=3&is_vtc=1&random=4152194629&rmt_tld=1&ipr=y

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/984158236/ 42 B
455 B 88ms
32ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/984158236/?random=1692904676633&cv=11&fst=1692903600000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&ref=http%3A%2F%2Femail.click.getretain.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2781991116&rmt_tld=0&ipr=y

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/984158236/ 42 B
455 B 89ms
34ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/984158236/?random=1692904676633&cv=11&fst=1692903600000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&ref=http%3A%2F%2Femail.click.getretain.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2781991116&rmt_tld=1&ipr=y

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/984158236/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984158236/?random=890175895&cv=11&fst=1692904676649&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages...
https://www.google.com/pagead/1p-conversion/984158236/?random=890175895&cv=11&fst=1692904676649&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FReco...
https://www.google.de/pagead/1p-conversion/984158236/?random=890175895&cv=11&fst=1692904676649&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecov...

42 B
108 B

36ms
36ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/984158236/?random=890175895&cv=11&fst=1692904676649&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&ref=http%3A%2F%2Femail.click.getretain.com%2F&label=ld0vCMSOwMIDEJygpNUD&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=9298714.1692904677&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkpDaEFJOFAtYnB3WVE4cnIxZ3FmRXI2OUhFaU1BOGtJSHFnaDctYkRBOXAyMTBPSjdhdi1XQmk1Zk9GcnZkandyM19qTEhOX050QRpUQ2hBSThQLWJwd1lRdHVEQ2hNeXM4TTE5RWlzQXVOTXMtQlRxa2pKbDBoelREc0JLbENBR09jT3dGZHdYT3Bqb2RYYlJGeHJybVprdU5OQ1VkQWU2IhMI28eTr4H2gAMVLaP9Bx0DEAMJ&is_vtc=1&ocp_id=5KznZNvFK63G9u8Pg6CMSA&cid=CAQSKQBpAlJW5TI4MEMM-nWWW8QN1ZbsQFhClRlSE0ixizGTijhNig8fAbeL&random=2613639402&ipr=y

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/984158236/?random=890175895&cv=11&fst=1692904676649&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&ref=http%3A%2F%2Femail.click.getretain.com%2F&label=ld0vCMSOwMIDEJygpNUD&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=9298714.1692904677&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkpDaEFJOFAtYnB3WVE4cnIxZ3FmRXI2OUhFaU1BOGtJSHFnaDctYkRBOXAyMTBPSjdhdi1XQmk1Zk9GcnZkandyM19qTEhOX050QRpUQ2hBSThQLWJwd1lRdHVEQ2hNeXM4TTE5RWlzQXVOTXMtQlRxa2pKbDBoelREc0JLbENBR09jT3dGZHdYT3Bqb2RYYlJGeHJybVprdU5OQ1VkQWU2IhMI28eTr4H2gAMVLaP9Bx0DEAMJ&is_vtc=1&ocp_id=5KznZNvFK63G9u8Pg6CMSA&cid=CAQSKQBpAlJW5TI4MEMM-nWWW8QN1ZbsQFhClRlSE0ixizGTijhNig8fAbeL&random=2613639402&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 traffic
insights.metadata.io/ Frame 0
0 752ms
192ms Preflight 44.239.250.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insights.metadata.io/traffic

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.239.250.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-250-189.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pages.getretain.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Thu, 24 Aug 2023 19:17:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 202 traffic
insights.metadata.io/ 0
0 193ms
192ms Fetch 44.239.250.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insights.metadata.io/traffic

Requested by

Host: cdn.metadata.io
URL: https://cdn.metadata.io/site-insights.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.239.250.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-250-189.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://pages.getretain.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 24 Aug 2023 19:17:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 0

GET
H2 204 cs
a.usbrowserspeed.com/ 0
0 793ms
236ms Fetch 52.26.188.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.usbrowserspeed.com/cs?pid=5de38576d91fe7ac65e01de48078379caf9e72e979b06a5762372b0c12e930ef&puid=llpjqgmb6253dcv5lls
Requested by: Host: cdn.metadata.io
URL: https://cdn.metadata.io/site-insights.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.26.188.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-26-188-232.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:57 GMT
server: awselb/2.0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 94ms
33ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-38559990-1&cid=1467547056.1692904677&jid=1861965919&gjid=1930225950&_gid=471124650.1692904677&_u=YADAAEAAAAAAACAEK~&z=1180144311

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.getretain.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Aug 2023 19:17:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.getretain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 59ms
58ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38559990-1&cid=1467547056.1692904677&jid=1861965919&_u=YADAAEAAAAAAACAEK~&z=387826500

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
60ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38559990-1&cid=1467547056.1692904677&jid=1861965919&_u=YADAAEAAAAAAACAEK~&z=387826500

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
195 B 50ms
40ms XHR
text/html 95.100.146.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.27 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:57 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://pages.getretain.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
316 B 111ms
20ms XHR
text/html 2a02:26f0:ab00::214:8e70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9396a03f992569985b844f39a0e20187bd4f89bd03b35137050ba22c50798297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 19:17:57 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://pages.getretain.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:1b60:2:240:3247::2
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692904677059_34901612_119866223_21_840_18_52_219";dur=1
content-length: 23
expires: Thu, 24 Aug 2023 19:17:57 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 414ms
396ms Image
image/gif 95.100.146.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=3362919df467bdd9d8d1c2d103ed4be9&svisitor=null&visitor=07c01474-a5a1-40c8-84db-ce50c83af154&session=f187ea63-cd9f-40f8-8391-93ffe2bb3be8&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2024%20Aug%202023%2019%3A17%3A57%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2019%3A17%3A57%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%223362919df467bdd9d8d1c2d103ed4be9%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2019%3A17%3A57%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2019%3A17%3A57%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%22%7D&cb=&r=http%3A%2F%2Femail.click.getretain.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&pageViewId=1ce79229-fbe0-4216-8cce-210ebdc0278c&v=1.1.5

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.146.27 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-146-27.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:57 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 437ms
436ms Image
image/gif 95.100.146.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=3362919df467bdd9d8d1c2d103ed4be9&svisitor=null&visitor=07c01474-a5a1-40c8-84db-ce50c83af154&session=f187ea63-cd9f-40f8-8391-93ffe2bb3be8&event=ipv6&q=%7B%22address%22%3A%222001%3A1b60%3A2%3A240%3A3247%3A%3A2%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%22%7D&cb=&r=http%3A%2F%2Femail.click.getretain.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html&pageViewId=1ce79229-fbe0-4216-8cce-210ebdc0278c&v=1.1.5

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/Recover-More.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.146.27 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-146-27.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:57 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 forms2.css
pages.getretain.com/js/forms2/css/ 13 KB
3 KB 53ms
52ms Stylesheet
text/css 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.getretain.com/js/forms2/css/forms2.css

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/Recover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 18:50:22 GMT
server: cloudflare
age: 4538
etag: "1e0b49-3437-60062cdee3780"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fbdf0385927382e-FRA
content-length: 2623
expires: Thu, 24 Aug 2023 23:17:57 GMT

GET
H2 200 forms2-theme-plain.css
pages.getretain.com/js/forms2/css/ 828 B
365 B 50ms
50ms Stylesheet
text/css 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.getretain.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: pages.getretain.com
URL: https://pages.getretain.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/Recover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 18:50:22 GMT
server: cloudflare
age: 4487
etag: "1e0b48-33c-60062cdee3780"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fbdf038592b382e-FRA
content-length: 246
expires: Thu, 24 Aug 2023 23:17:57 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 9165 2 KB
1 KB 293ms
292ms Document
text/html 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1692904800000/9w4vzn46c2kn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

053a01136cfac10dcdde9b9a0037e1793b49f0c52812640b3f4afd4c5cfa642d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pages.getretain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 24 Aug 2023 19:17:58 GMT
etag: W/"7aa1fd7154d66cce48b5519438446858"
last-modified: Mon, 21 Aug 2023 19:32:27 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-id: i9tNL9gNsaRHmu5voBGOhdY7PfHiYKgwh2vguM-RlBBC_GN2gReL6Q==
x-amz-cf-pop: LHR61-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: wjyxT13_g6vJ9zXxMFNuYK9ENjLQXIyn
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 19

GET
H2 200 chat Show response
js.driftt.com/core/ Frame D4B7 2 KB
1 KB 124ms
123ms Document
text/html 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1692904800000/9w4vzn46c2kn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

053a01136cfac10dcdde9b9a0037e1793b49f0c52812640b3f4afd4c5cfa642d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pages.getretain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 24 Aug 2023 19:17:57 GMT
etag: W/"7aa1fd7154d66cce48b5519438446858"
last-modified: Mon, 21 Aug 2023 19:32:27 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-id: KCfIDwbyXwSBZZJ0knc2jVDSiVoD_1wol9tnCe31F6X3UDtDVxsf3g==
x-amz-cf-pop: LHR61-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: wjyxT13_g6vJ9zXxMFNuYK9ENjLQXIyn
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 18

GET
H2 200 runtime~main.a33c11b7.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 6 KB
3 KB 33ms
33ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

46e4f04042e77435de08e0cd0d961786f5415fd9c6e8fbc569f2faafb0d01230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:32:27 GMT
x-amz-version-id: _V7xL2BqKI.FEUuI_wYuPAkfaYhpCJ_C
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 258330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 18 Aug 2023 19:22:24 GMT
server: istio-envoy
etag: W/"ddc8ca5b0563491dbf4c2c07057c251d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BXHdciRMiXQP_v-agaqOV01Ie4V6vfY-mL2DaVYbi6R8diOOXV44Sg==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 35 KB
13 KB 37ms
37ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: HqxDaow1dV3Itb7.Propn6venaXuigTH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 28 Jul 2023 18:55:12 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8jTHsbL9YfpskklDjDB3WpbnvpL2zTOPrFtG1Lz6w9uQpi3oag44_A==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 7 KB
3 KB 39ms
38ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: 2zyEGUMzvveqkJzL6nFDTJ0WIZ_8_gTF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Fri, 28 Jul 2023 18:55:12 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CuFggghlIbVMoC9PoWamZwDSgEOvRH-udoihEymFpDYofZIaEM9-ow==

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 23 KB
8 KB 38ms
32ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:34 GMT
x-amz-version-id: RF_MaikriQRKmDSerM_NjZ2DzJcatbFh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rlRg5q1yfILj8OyhxWQYzmDL6jZr5CwSNgDPMvKqVKS3orWx0vRLug==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 36 KB
10 KB 42ms
35ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: aTcWT0_oDatU0NplDaxtQooxX0aYXp9F
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 53
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XbYjSOt23ygHy7UDpbZBs4fWUcs9rxbfXvZ9SZ7zJesi_-TCwje83w==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 32 KB
11 KB 45ms
38ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: Iq6q_gvY8pNzoTs.Gj7cRHHiJM4JZUUq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5eJc3i7YwgM8e1b0BX_0a1NINxNU6CGnckmhJmpTkG9avFHc47gcFA==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 17 KB
6 KB 46ms
40ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: JPXX6K0aplvUvqEZqtogwjQAu9YJDlhV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sSA3E-sugXzC0NjYUubbVJFCTbAQy4gaDbJWpB3VfPCGHUmTv7f3Rg==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 25 KB
8 KB 49ms
43ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: hi6ffj_OO_ksesF7y5NdJQbsQPrIqc4z
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ky9zS68Dvc9Q-shs4dUhzEFr-neeswz3kM4c0Ib7jqCVjHJRo0qLww==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 74 KB
23 KB 54ms
48ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: lVlqh6MySKOTy_0md4AkHpR1m_bq1UyG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f0awAN9k4kMP8uxycfpKP1mswGpPghyS0j5vEBcPbmnwkc4kZkyUUw==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 66 KB
20 KB 64ms
58ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: QuflpVsRjQoeLsgyzbb2dO87jCp6veQD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mMDTXlhly-9kp71S_-r0w-ksfV8VQEgN8wANZdYvwBZcUjTFhd47aw==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 91 KB
28 KB 73ms
67ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: UVAGBQXFQT42zP9fzulQFRgNtxqcFzTQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0hhBzVCT-zdJCNIO-AjeZ6Iou2PhNIhaIGc7Ol6C8UvmFTrA5DZCLg==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 23 KB
24 KB 85ms
80ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 13:20:36 GMT
x-amz-version-id: XALwdHUjlDrXmfQxY7mECXEpA8db3neE
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: LHR61-C2
age: 23349441
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
content-length: 23865
last-modified: Tue, 22 Nov 2022 15:49:57 GMT
server: istio-envoy
etag: "4049f38c00add1738dc4806148ff8829"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1ZlnjLQ7CWCFwfjD45havXzZ0OFixURrun0rT3vWvuhEAba-pSHyYA==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 62 KB
20 KB 91ms
85ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:34 GMT
x-amz-version-id: fCU1rHK8PZHGjSHZj5aLYRigEERsAl0V
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P3o_BNC7qnWB17G1qoCqEVavvQwndBAkHlkoFKC6ygwzqY91X4qrsg==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 105 KB
34 KB 95ms
91ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:34 GMT
x-amz-version-id: 2IhktUzWcqWESbfAlNnxZhdAxAltP0_K
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dgUrQdGIdk6XtYAII7lRlOSd8_2i3eySs-1kPoi4RRocRX5kM8UsBg==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 12 KB
4 KB 100ms
96ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:34 GMT
x-amz-version-id: oLks30VC7mucTd1YEdsltbefYUqYsOI0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9GwBoiTH6IosL-wC4HZAaW7yqr1VwMtD1BblsYeWyTeA_MaLCvzYBA==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 13 KB
6 KB 100ms
96ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: t01wUvQTWRlZK8JHMwJ4Y0OP7DeghICO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9pcw6HfPa1irEyqQ8EvSiP0BR6zz9X51PXN8cVu7UzS6P_Q5PmaKRg==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 17 KB
7 KB 101ms
97ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:34 GMT
x-amz-version-id: rITDjXEpthOTAiahCXONMRPruIsBsv5Z
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 90iGNPKs0W-AVbtlRu-vtpMXQrIr-TnyvsffkuI-UtLroycOW4NS8A==

GET
H2 200 8.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame D4B7 31 KB
4 KB 85ms
82ms Stylesheet
text/css 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: Fcpb6tBZ3KvSa_7_hOfooAKnMbI61_qd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Fri, 28 Jul 2023 18:55:08 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0ihAORa9ahjeM4qdby4MB-ZfvdBP2GENbw7dlSnWscr9pmCJFBB7cQ==

GET
H2 200 8.94b86ac7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 81 KB
25 KB 101ms
98ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.94b86ac7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:34 GMT
x-amz-version-id: eRH5kuv8l8xctz4FBjfFQ4rjDY366g9e
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 72
last-modified: Fri, 28 Jul 2023 18:55:12 GMT
server: istio-envoy
etag: W/"c01af04dcc374efd61d695b2f1e6a2c5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Gittqa9bbDBvQaX0SfZzbT91VxW-YjaXllcMk56Q3bRIqRwj7DGVWw==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame D4B7 24 B
698 B 86ms
83ms Stylesheet
text/css 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 04:19:50 GMT
x-amz-version-id: 9lTZnbrmDvZQQl7ijC3JNBzirLe.LP5M
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: LHR61-C2
age: 2559488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
content-length: 24
last-modified: Tue, 25 Jul 2023 18:08:12 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o5YTEELnJSGXvgCABfUGQLlRqbovUYgSfUoHhpg8EVZGcqRAxkWiGg==

GET
H2 200 16.8bd9e5a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 91 KB
24 KB 104ms
101ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.8bd9e5a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: rzljacJzqN37r9cYvWsZXzr5I9pj.xER
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2334042
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"ef144ff505a111b4fe4731aaba1cffed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f9HgMseV2jkHMGmaIki2u0blPziqNhiWM_5JuqwM2b9J_bc7MVVD3g==

GET
H2 200 24.380267cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 50 KB
14 KB 106ms
104ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.380267cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97c56217561cf3e434cd73c6136974b000b5fc4bd2c5183a5292d009d88736c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:32:27 GMT
x-amz-version-id: 8hWikhJQH5GfSgG2PvWZLnxoCVY3VOaQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 258331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Fri, 18 Aug 2023 19:22:22 GMT
server: istio-envoy
etag: W/"2b5e6260a27f45c0ebdabaab4c4ea3ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 73Maqfkv0zKYcL1hewo41UzJMhjOtCOMqnpZ9ia6KqC0HnBTAtadNg==

GET
H2 200 17.4cd64079.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 40 KB
13 KB 108ms
106ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.4cd64079.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b81890ba37fa54ccad75765a9406b00c1e42415a0535930c81d460e132a171f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:32:27 GMT
x-amz-version-id: pudlSGb3FDz6jiJXdGlm.W03Zp5sJ.NJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 258331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Fri, 18 Aug 2023 19:22:22 GMT
server: istio-envoy
etag: W/"69b954ce34c53a01750881fd21f7c5d4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 74flBlD58IvWyjSCMQm_-SnuNgeaPpO_dfqqjzdsvVdxDBjNMLbX5g==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 291ms
290ms Image
image/gif 95.100.146.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.146.27 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-146-27.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:58 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 runtime~main.a33c11b7.js Show response
js.driftt.com/core/assets/js/ Frame 9165 6 KB
3 KB 33ms
32ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

46e4f04042e77435de08e0cd0d961786f5415fd9c6e8fbc569f2faafb0d01230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:32:27 GMT
x-amz-version-id: _V7xL2BqKI.FEUuI_wYuPAkfaYhpCJ_C
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 258331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 18 Aug 2023 19:22:24 GMT
server: istio-envoy
etag: W/"ddc8ca5b0563491dbf4c2c07057c251d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SWfkPiYoDybctq2v7guXhJTdUAB68-WM6BoLi06op8C6ibQmuVS5bg==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 35 KB
13 KB 34ms
33ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: HqxDaow1dV3Itb7.Propn6venaXuigTH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 28 Jul 2023 18:55:12 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H7ybwOrJNFs3G9aFPczZYq5jkSmoGn0uC9kiRXHlFNuv72tQgho8uw==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 7 KB
3 KB 34ms
34ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: 2zyEGUMzvveqkJzL6nFDTJ0WIZ_8_gTF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Fri, 28 Jul 2023 18:55:12 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AuAMUusS9EsNZAMTBg05U_P9jv5hqlVe7Og2fcjLNBDiBUgWtFjA-Q==

GET
H2 200 37.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame D4B7 3 KB
1 KB 38ms
32ms Stylesheet
text/css 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/37.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:38 GMT
x-amz-version-id: 1Fvw.FePqdHMTWAULWhHtYDtzjDh8y58
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 28 Jul 2023 18:55:08 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7fyRUV62114hGd2QSQPY5Nez_a17qLBjdH_IGID54qsj-oDG9TTEZw==

GET
H2 200 37.298cbb69.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 3 KB
2 KB 39ms
33ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.298cbb69.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:38 GMT
x-amz-version-id: vQCHav8VOw4GjFcv4u5ld5OLsSZTomvo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 59
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"86b289eeb2bf9d30034f30d9794e8041"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M9-dQM_9qjwBlrHc_TM_lCznPOQeph740TNd10DrEVL-WvfhZIE_zg==

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 23 KB
8 KB 40ms
37ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:34 GMT
x-amz-version-id: RF_MaikriQRKmDSerM_NjZ2DzJcatbFh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YvQJSfx8zFNXNB6ExIUpAN_L8sHwx4NNxqmu93BFkWW3J56pIeHs1g==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 36 KB
10 KB 41ms
37ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: aTcWT0_oDatU0NplDaxtQooxX0aYXp9F
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 53
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JNmjSI3C7qIlVW-rxwaIQ1wEUP05L5zDTMqhq94gZOb1n0_J936P2w==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 32 KB
11 KB 41ms
37ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: Iq6q_gvY8pNzoTs.Gj7cRHHiJM4JZUUq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0GHlhueOX9x6jA_nFlOdtgzYofvX_hK0zYt6WZOXuT_AHzP9MU5XAg==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 17 KB
6 KB 42ms
38ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: JPXX6K0aplvUvqEZqtogwjQAu9YJDlhV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NNeTMTMqpQf2fv4swM54Itc4sPDWxn5YzGOIT7XApim6jpFxYcEs8A==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 25 KB
8 KB 42ms
38ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: hi6ffj_OO_ksesF7y5NdJQbsQPrIqc4z
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5iflAdC4_cb8fdW52FLVF-9BUpRELwxEf_1z3O1RXn735u2HDw7a5Q==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 74 KB
23 KB 43ms
39ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: lVlqh6MySKOTy_0md4AkHpR1m_bq1UyG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Slt3n7bb3lRKYYsYCzgAF40libtXYfnEg3AcNcAS6y-WNm-w87Cjxw==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 66 KB
20 KB 44ms
40ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: QuflpVsRjQoeLsgyzbb2dO87jCp6veQD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eQJWo40rM0pTtiCrdwec3kyEuGy2jzfoMNxpUCbe0d8kDB8eKfsctg==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 91 KB
28 KB 46ms
42ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: UVAGBQXFQT42zP9fzulQFRgNtxqcFzTQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fz6fyh-omBZBj9KIFK5xPyQyPoSzep1N0MulaBNi6-Ajj-6oPc7IOA==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 23 KB
24 KB 47ms
43ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 13:20:36 GMT
x-amz-version-id: XALwdHUjlDrXmfQxY7mECXEpA8db3neE
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: LHR61-C2
age: 23349442
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
content-length: 23865
last-modified: Tue, 22 Nov 2022 15:49:57 GMT
server: istio-envoy
etag: "4049f38c00add1738dc4806148ff8829"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7oo9UPP2ZZ5XCIrU9W81xjRSoyv4ukhSPwxHC-zX1USkTn58biRlDg==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 62 KB
20 KB 49ms
46ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:34 GMT
x-amz-version-id: fCU1rHK8PZHGjSHZj5aLYRigEERsAl0V
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P2h2rtWq0i9JO4klydzc3cCQtfnTUvn4BWk54uitVF1qffuW4DdYUA==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 105 KB
34 KB 51ms
48ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:34 GMT
x-amz-version-id: 2IhktUzWcqWESbfAlNnxZhdAxAltP0_K
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QbbNXNb-H2dJTIAlomNqInnaG6aIqemewvq80ea4OAmHeR_h2NuXoQ==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 12 KB
4 KB 90ms
87ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:34 GMT
x-amz-version-id: oLks30VC7mucTd1YEdsltbefYUqYsOI0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mpmIQlKPTs77eu-jj8SODSS7awaKWcRuJ80087rkVdcuenpYkXZ45g==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 13 KB
6 KB 90ms
87ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: t01wUvQTWRlZK8JHMwJ4Y0OP7DeghICO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iT68_j8bMbQTZdQKvNzFikOyx5ODNdoWRm_2SGFSfBOCFEA-EtZWqQ==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 17 KB
7 KB 91ms
88ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:34 GMT
x-amz-version-id: rITDjXEpthOTAiahCXONMRPruIsBsv5Z
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sWeiig3GLw7uCJEC4XP5B-mz4CDZW-Xa0aWCZhUTeIKf4BmNo9Lnhw==

GET
H2 200 8.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame 9165 31 KB
4 KB 43ms
40ms Stylesheet
text/css 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:33 GMT
x-amz-version-id: Fcpb6tBZ3KvSa_7_hOfooAKnMbI61_qd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Fri, 28 Jul 2023 18:55:08 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3MxjDDWXmLUmSkRbgvb7REe0Xkb6YBlCG7HnLKY7WsqtsRAN6vM3dg==

GET
H2 200 8.94b86ac7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 81 KB
25 KB 91ms
89ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.94b86ac7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:34 GMT
x-amz-version-id: eRH5kuv8l8xctz4FBjfFQ4rjDY366g9e
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 72
last-modified: Fri, 28 Jul 2023 18:55:12 GMT
server: istio-envoy
etag: W/"c01af04dcc374efd61d695b2f1e6a2c5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4P16azOMucSBIcwIlp3a4dh38tMQkaPLNdjPjEiYrZQByAMmOgA4yA==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 9165 24 B
698 B 43ms
41ms Stylesheet
text/css 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 04:19:50 GMT
x-amz-version-id: 9lTZnbrmDvZQQl7ijC3JNBzirLe.LP5M
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: LHR61-C2
age: 2559488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
content-length: 24
last-modified: Tue, 25 Jul 2023 18:08:12 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1UcnFJFtfUCU7sQRIkDNgf1EDk4mUNvZx6idkIWIzI6NQ4zrfD1nkw==

GET
H2 200 16.8bd9e5a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 91 KB
24 KB 92ms
91ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.8bd9e5a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: rzljacJzqN37r9cYvWsZXzr5I9pj.xER
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2334042
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"ef144ff505a111b4fe4731aaba1cffed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rhzllx88xhOUrYFXHMGi7_65XF24qHuSGCd6WaavfLm88ldext4DeA==

GET
H2 200 24.380267cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 50 KB
14 KB 93ms
91ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.380267cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97c56217561cf3e434cd73c6136974b000b5fc4bd2c5183a5292d009d88736c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:32:27 GMT
x-amz-version-id: 8hWikhJQH5GfSgG2PvWZLnxoCVY3VOaQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 258331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Fri, 18 Aug 2023 19:22:22 GMT
server: istio-envoy
etag: W/"2b5e6260a27f45c0ebdabaab4c4ea3ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yNDs1VqSDNcsyrLMFRpGqwaMr2rPrkf5PRZ1na2fdh62o8NWD_lQtQ==

GET
H2 200 17.4cd64079.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 40 KB
13 KB 95ms
93ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.4cd64079.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b81890ba37fa54ccad75765a9406b00c1e42415a0535930c81d460e132a171f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:32:27 GMT
x-amz-version-id: pudlSGb3FDz6jiJXdGlm.W03Zp5sJ.NJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 258331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Fri, 18 Aug 2023 19:22:22 GMT
server: istio-envoy
etag: W/"69b954ce34c53a01750881fd21f7c5d4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _AnrkvdkbZV-7sOvcEN4MIHFr6W8hAcML_GdGhxea_ersgSZHk8MZg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 9 KB
3 KB 69ms
67ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 21:09:30 GMT
x-amz-version-id: v8CRq8SwJ.1n63gpnvh.yndOCUADbcdz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 3362908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Wed, 12 Jul 2023 14:36:15 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xxfkbofhfkX0ScWQ6u_BNac-vx7DOTnarCBrzD2I1ZDggjZpFDXbrw==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame D4B7 7 KB
2 KB 69ms
68ms Stylesheet
text/css 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 04:19:50 GMT
x-amz-version-id: j5T3mLpRDdyadQIG3vqJufmnbFM2PGXJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2559488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 99
last-modified: Tue, 25 Jul 2023 18:08:12 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BmrK77dSCSo7O2GJHttEdqHpuY8cDlQbIQzcDkE3cdGv2I1rQ8QBwA==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 54 KB
15 KB 70ms
69ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 05:45:58 GMT
x-amz-version-id: Sdaq6z0Yr.kcc8_RD2rWLZ3gFSJAWGwC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2727120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Fri, 21 Jul 2023 20:53:08 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1HHp7vAJ0X-CVQaqeABwO9aJK4g4QeULV81Se_RjnO9GGELjkPmZSw==

GET
H2 200 1.12ba17b6.chunk.css
js.driftt.com/core/assets/css/ Frame D4B7 44 KB
7 KB 69ms
68ms Stylesheet
text/css 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.12ba17b6.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:38 GMT
x-amz-version-id: eSNvdp0yfhg_hVHGVV1T0Cg9aS8M1FwM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Fri, 28 Jul 2023 18:55:08 GMT
server: istio-envoy
etag: W/"3b8ba82e1bac13ee29e9764a55620d99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nsdmTcqqZC_zEHF8aiwMj1FiDeZWASQkLk_KMPvs6_kxkYi8Xve9cg==

GET
H2 200 1.be8346b1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 54 KB
18 KB 70ms
69ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.be8346b1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

14c31b1fc92b43518a568d37d84d9f67783605ba8a894a17e2eef5d7de283f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:38 GMT
x-amz-version-id: Qzn498zebCoTnQo6nXMgO_6Igex61YXE
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Fri, 28 Jul 2023 18:55:09 GMT
server: istio-envoy
etag: W/"c2bd45f4e9f02db923342d39137bf141"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HX3JTdU5SQQUYSf2dBWc_B08WRmLg0JpSHsL6SZmLpUP2lO-sSV5GQ==

GET
H2 200 4.9d776499.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 23 KB
10 KB 71ms
70ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.9d776499.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:38 GMT
x-amz-version-id: fiMx4UIkfVk77__EbNZTeEpbb3IBbbkv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"cc02ad980b6b04f3bba61e68883356d4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NxRRwMWIDMeBY6UbLMPcUBPuba-0K8bImKOO3uRpI--vM_BQR0sKDQ==

GET
H2 200 34.0504aac4.chunk.css
js.driftt.com/core/assets/css/ Frame D4B7 16 KB
3 KB 71ms
70ms Stylesheet
text/css 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.0504aac4.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:38 GMT
x-amz-version-id: ezJ.dgXhzGsMycvT5B06QwQedwHaDcfp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 29
last-modified: Fri, 28 Jul 2023 18:55:08 GMT
server: istio-envoy
etag: W/"95b017fb41a8751bd7175f8a73f035f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hN29LvJE7Ga8_hW8Y-Sa2yuojRimyrN3Z19M_FlH03-6usSw89zXuQ==

GET
H2 200 34.26535e57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 12 KB
5 KB 71ms
71ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.26535e57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c7076a6235cd12720cc675334102d16bd5e46a33910f1b3ada0425b74ed020d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:38 GMT
x-amz-version-id: zimEW5MMc4dniZpXAOMuEdtXaNnspzUJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"d1f726d8d49e4c3e218775f6ce78039f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QIVlcYaG7g8bqyADelZPXE5KUt6pRuEBx7EmnEC_Vg0jBviR-1f8dw==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 9 KB
3 KB 33ms
32ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 21:09:30 GMT
x-amz-version-id: v8CRq8SwJ.1n63gpnvh.yndOCUADbcdz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 3362908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Wed, 12 Jul 2023 14:36:15 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TOFfoDWfCkG1x3NArvz_1eTcJAnbhdglq5l5bW2BJB5LMDB90ETg7A==

GET
H2 200 27.01c2bea5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 35 KB
10 KB 35ms
34ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.01c2bea5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:38 GMT
x-amz-version-id: OXjExC.ckA2XwHUeJAPG83.FoBV0ywfe
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"04a233a42dcf8c50a83bfecea8ba552d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q1tqXBTT2PFqTq-lC1HnEQVh-eoDG0mJkcKkFgUeeoVrx3KUMUB6bg==

GET
H2 200 28.b5e8f5e1.chunk.css
js.driftt.com/core/assets/css/ Frame 9165 8 KB
2 KB 34ms
33ms Stylesheet
text/css 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.b5e8f5e1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:43:19 GMT
x-amz-version-id: GQmEAoP.TkxyVgpTJcAqGECdex7HVNwB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2064879
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
last-modified: Fri, 28 Jul 2023 18:55:08 GMT
server: istio-envoy
etag: W/"e7107bc29ccb3c6d928f0f8f10a0f22d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 48fWPUrAfndbmYIcBhO6osgrz7sW3FO_PPYxZoJxPe6PYwvexHIloA==

GET
H2 200 28.bdd92ff2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 14 KB
6 KB 37ms
36ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.bdd92ff2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:38 GMT
x-amz-version-id: FvCtLBM3Ax0E94dTAA_8PRI1sla9ZXxV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"260fbabe310bd2cae5c44538f3d833ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 54gKDJ0gRz4Y5xxFA--HbgnZuxP4tSZde9zqWVQtslqdJgKmuATm3Q==

GET
H2 200 25.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 9165 365 B
1 KB 36ms
36ms Stylesheet
text/css 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:38 GMT
x-amz-version-id: 5DQ4Mwsls0UxlvRZ7TBfRzIOY72Sp6Zp
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 80
content-length: 365
last-modified: Fri, 28 Jul 2023 18:55:08 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 539HXmgqTvTNS7OPIWwyJkXpJARZYO4pyfSvgVk_4sACXHVcPqLR1A==

GET
H2 200 25.a9a52994.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 91 KB
25 KB 37ms
37ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.a9a52994.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d21b490fa72e9cd90e09db07c73ef43c0d65bf38de6a41dfd1c53338f71549a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:38 GMT
x-amz-version-id: L5..MrtNO7ybVFV0reRSWeqmwPPKqXTt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 155
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"34109a0bf2906f78b21b4a9f5fa4ab8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Yw_-B7TjWrxLhBbDnciPyi7sBhye-FD56QTAqViV3Aou8WR7BJ8lIA==

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame 9165 147 B
588 B 453ms
118ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

ba58e1b3e5cacd48e47b7b67d92e36dde9fcca83266f0f86aefeff395d27c108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 19:17:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: bac447eb3f9f1e98
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 9165 25 B
89 B 154ms
124ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 19:17:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: c7dbf1658386002a
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 9165 7 KB
3 KB 397ms
396ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

ce9706fee43dfe92b1adc52ada96d5b2a2d97df3f01deb51f08e639ebf866cdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 19:17:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: da3136c7a0a6ab94
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 283
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 3258

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 361ms
361ms Image
image/gif 95.100.146.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.146.27 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-146-27.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:17:59 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 track Show response
event.api.drift.com/ Frame 9165 577 B
637 B 116ms
115ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

2228184f7362baaa7926003b5e087bd34d294804efc745dea690e12a2be0e331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxOTI0MjQ1MjY0MSIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjUwMDI1MTciLCJleHAiOjE3MjQ1MjcwNzksImlhdCI6MTY5MjkwNDY3OX0.0_RFLZTh6EWU1IA_iScMNfcA-zdLvE5Dz3u6xEKDmU38Ohye7llIV1Qu51FHleSOjNcNi1ENOHVyDUMxbqXPSg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 24 Aug 2023 19:17:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 8fb5d93e7caecb12
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 577

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 141ms
113ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 24 Aug 2023 19:17:59 GMT
requestid: drift700ac6d4302a4e1e4b42d6b395f
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

GET
H2 200 57.28dde8ce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9165 19 KB
7 KB 33ms
32ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=9w4vzn46c2kn&eId=9w4vzn46c2kn&region=US&forceShow=false&skipCampaigns=false&sessionId=1a1a5f83-b11c-45a2-a2f8-8062fd9163c4&sessionStarted=1692904677.792&campaignRefreshToken=62552d67-cbf5-4b5b-a12d-36fb7b855b76&hideController=false&pageLoadStartTime=1692904675629&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fpages.getretain.com%2FRecover-More.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:39 GMT
x-amz-version-id: DEqn5K1lGF6whqBRMQ8nMCREXqgBelC7
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZotwYO161WuMEDlQoSzjuFXgyRlSjjI15hSzcVgGGKkRq8Wgofs6pg==

GET
H2 200 57.28dde8ce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D4B7 19 KB
7 KB 32ms
32ms Script
application/javascript 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1692904675629
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:28:39 GMT
x-amz-version-id: DEqn5K1lGF6whqBRMQ8nMCREXqgBelC7
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2065760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9Fvub8kfzcNKExVjTTCYs9SGYvtKqiuEqdICV4tRvTYz5O9vDkxGwg==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 9165 38 KB
39 KB 33ms
33ms Font
font/woff2 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 04:22:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2559301
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BWpRiMa14qbATreWpEWIpuaVjFUJWCaNMfliMGfAI5nJyshoGtDKOA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame D4B7 38 KB
39 KB 33ms
32ms Font
font/woff2 13.224.222.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.222.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-222-23.lhr61.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 04:22:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 2559301
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jHMe-s3I_jwLshMSIzYvwxoz2yApW6DKIV6tn2iSi0LXvBKi1rEUIQ==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 261ms
260ms Image
image/gif 95.100.146.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.146.27 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-146-27.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:18:00 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 279ms
278ms Image
image/gif 95.100.146.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.146.27 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-146-27.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:18:01 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event3/ Frame 9165 25 B
112 B 128ms
128ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 19:18:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: ba9252329ee27785
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 319ms
319ms Image
image/gif 95.100.146.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.146.27 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-146-27.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.getretain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:18:02 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 18:34:16	Name: _bit Value: n7ojhS-c0bc1f4764cd7f20dc-00H
.pages.getretain.com/	1970-01-20 14:15:06	Name: __cf_bm Value: qQ6bKlpINEYM5nQ.mdT3Qm3SGT8cfJfs0S3HmbRy8cw-1692904675-0-AT++XjFKHJ/c5Bq1rfZ9gwC6myduGSzBsnuQMj5lEFha9wgffUDHXg/qo7s8shYb7vCbhtMhbOwSTrI662+7rGY=
.getretain.com/	1970-01-20 23:51:04	Name: _mkto_trk Value: id:134-FAU-232&token:_mch-getretain.com-1692904676475-65949
.getretain.com/	1970-01-20 16:24:40	Name: _gcl_au Value: 1.1.9298714.1692904677
.pages.trueaccord.com/	1970-01-20 14:15:06	Name: __cf_bm Value: bE9XAUMDN7y8B5ykf0wyJP3GXwaNbpxXOh.9g.3Lgzg-1692904676-0-AeKdypfL8FYcupSX9wDWxHDIhS60w3stUvyfCdDtyNWt1mMHR0TIBcu3sPeuVUfis7tYJ8dA2KfTsfBH2sAphkE=
.getretain.com/	1970-01-20 23:51:04	Name: _ga_KQVSNJQKHD Value: GS1.1.1692904676.1.0.1692904676.0.0.0
.getretain.com/	1970-01-20 23:51:04	Name: _ga Value: GA1.2.1467547056.1692904677
.getretain.com/	1970-01-20 14:16:31	Name: _gid Value: GA1.2.471124650.1692904677
.getretain.com/	1970-01-20 14:15:04	Name: _gat_UA-38559990-1 Value: 1
pages.getretain.com/	1970-01-20 23:00:40	Name: Metadata_visitor_id Value: llpjqgmb6253dcv5lls
pages.getretain.com/	1970-01-20 14:15:06	Name: Metadata_session_id Value: llpjqgmbkdz66wxvt5b
.linkedin.com/	1970-01-20 14:16:31	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2577:u=1:x=1:i=1692904676:t=1692991076:v=2:sig=AQHRHmv6iju24pqU4ISqjPS4DgFduQnR"
.doubleclick.net/	1970-01-20 23:36:40	Name: IDE Value: AHWqTUnc4SIH9gvWnE-A1gpq6RTZYfDi2UCc0qU66NEAlyR8JdrFEkoK9NmHMfdj
pages.getretain.com/	1970-01-20 14:16:31	Name: ln_or Value: eyIyNzA0MTk2IjoiZCJ9
pages.getretain.com/	1970-01-20 23:51:04	Name: _gd_visitor Value: 07c01474-a5a1-40c8-84db-ce50c83af154
pages.getretain.com/	1970-01-20 14:15:19	Name: _gd_session Value: f187ea63-cd9f-40f8-8391-93ffe2bb3be8
.linkedin.com/	1970-01-20 16:24:40	Name: li_sugr Value: 1106a755-94f2-4b35-80e8-bcb2612f15a8
.linkedin.com/	1970-01-20 14:58:16	Name: UserMatchHistory Value: AQKnnKLg3HChWQAAAYoo-17B_1OGu8TQbA4iTll88jAF4nTf253k1Y3kCX3A7Hl1PVP7_eRLMsUhjA
.linkedin.com/	1970-01-20 14:58:16	Name: AnalyticsSyncHistory Value: AQLnGO6GL2PVXQAAAYoo-17BOFscQPPZ7mgaGQjKOGyxbX0esIWgx5UxGTsaCbB51xo76mUyeGh7DYgojIkk4A
.linkedin.com/	1970-01-20 23:00:40	Name: bcookie Value: "v=2&04723c4a-3b62-4ca3-8ca1-5b2a80e08fc5"
pages.getretain.com/	1969-12-31 23:59:59	Name: BIGipServersj13web-nginx-app_https Value: !j6up6PK36uniy8PMZROflEEG2tCiksiI/qd5AMHpxWBoYapkioBeXE86pkEgs3/CtpdbX48jR7nFocc=
.www.linkedin.com/	1970-01-20 23:00:40	Name: bscookie Value: "v=1&2023082419175741795c73-fbcc-4254-8d40-1b0e04e4bf8eAQFdI1Gub2-VwF6hodw8xSF6NdiZBo9h"
.linkedin.com/	1970-01-20 18:34:16	Name: li_gc Value: MTswOzE2OTI5MDQ2Nzc7MjswMjEQ2RUHYpoRl90Yr9IKCOogvTn+ClyMDGD+AIOPtfkkuQ==
.a.usbrowserspeed.com/	1970-01-20 23:00:40	Name: tuid Value: b625ea4a-2c70-49d1-ba6a-eaec4321f8e5
.6sc.co/	1970-01-20 23:51:04	Name: 6suuid Value: 1792645fe9f92900e5ace764030200002c7b4700
pages.getretain.com/	1970-01-20 14:15:06	Name: drift_campaign_refresh Value: 62552d67-cbf5-4b5b-a12d-36fb7b855b76
pages.getretain.com/	1970-01-20 23:51:04	Name: drift_aid Value: 39c1c534-e010-473a-8dbe-2e90eb30f26e
pages.getretain.com/	1970-01-20 23:51:04	Name: driftt_aid Value: 39c1c534-e010-473a-8dbe-2e90eb30f26e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-rJx92zd4YE1l/fIxwYpAbieRbnlrP7jDISuDB6b5Ie0=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

134-fau-232.mktoresp.com
a.usbrowserspeed.com
ajax.googleapis.com
b.6sc.co
bit.ly
bootstrap.api.drift.com
c.6sc.co
cdn.linkedin.oribi.io
cdn.metadata.io
cdnjs.cloudflare.com
email.click.getretain.com
event.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insights.metadata.io
ipv6.6sc.co
j.6sc.co
js.driftt.com
maxcdn.bootstrapcdn.com
metadata-static-files.sfo2.cdn.digitaloceanspaces.com
metrics.api.drift.com
munchkin.marketo.net
pages.getretain.com
pages.trueaccord.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
snap.licdn.com
stats.g.doubleclick.net
templates.marketo.net
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.102.38.132
104.16.94.80
104.17.74.206
13.107.42.14
13.224.222.23
142.250.185.130
192.28.147.68
2001:4860:4802:34::36
205.185.216.42
2600:9000:2315:f200:2:53b2:240:93a1
2600:9000:25eb:9e00:9:d7d4:1380:93a1
2606:4700::6811:190e
2606:4700::6812:bcf
2606:4700:e0::ac40:660b
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:828::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c09::9b
2a02:26f0:480:f::213:7edd
2a02:26f0:ab00::214:8e70
44.239.250.189
52.184.251.130
52.26.188.232
54.147.21.139
67.199.248.10
95.100.146.27
053a01136cfac10dcdde9b9a0037e1793b49f0c52812640b3f4afd4c5cfa642d
06723045419949302e1d4abe65cb4a535582e60d1a53645ab838b06079d98eb0
0c01e302a9d9a512b08b9804c51a1d0deb703dfec70360ddf6fd29eb574bb542
0c1add67b5d47749d1e547ca89fc856c0cd29c3b1a53e83e8e41066b6f2bbbe2
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
10261b710e399a8cee22c8ff4118167d91ac58254f5bf0291036d2219dd5cf25
14c31b1fc92b43518a568d37d84d9f67783605ba8a894a17e2eef5d7de283f9c
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1a50a48223d0b9dd04fd0e093e5969192bc87f52914fcd8f6acf7cfc85e9f9b1
2228184f7362baaa7926003b5e087bd34d294804efc745dea690e12a2be0e331
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e
2e1edec85ed09966b1c4542efa11797248b0985b5366d90aeb1892bf0272b01f
4395f3552543f41051b3bc466d641d460c47d225505e3afd3483315579ca3d28
46e4f04042e77435de08e0cd0d961786f5415fd9c6e8fbc569f2faafb0d01230
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
4906a6af959d89f594482bb8d02095fbee125bdef731f0b379d5ae5f47fde3a0
4cab8fc6af9481033d3bfef8fa3ba90042d821eb3edc3441f4ad304b3e3b03d4
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1
619c618b7a5b4f394e89ad689db09793fbc8b22ce98b635916e759afa6643587
622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a
75b4c85ce535b241ea5fdcb29936bce606aefc1c1a9ee04bcd562ae8873ece74
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852064e1ade8f2fd86d6f184c605c35292a813d5dfdac62a28409943673a6016
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8747c8a898e0792da938242ef1d70462a7af4c48611aba939ca41b17bb9f3d3c
8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
9396a03f992569985b844f39a0e20187bd4f89bd03b35137050ba22c50798297
97c56217561cf3e434cd73c6136974b000b5fc4bd2c5183a5292d009d88736c7
9b3a9b28dc6979ea5dd337ecd306773d39e51db27498ce0cda484b3e88a64948
aaf173c00687da3d4328c0a1593d764175af1cb6708fa79ca5febcdc5f7de161
ae3536ecd79c98f87387cee9060be3053e0eb8fe0871e7336554812ef8138772
ae7ef75f290069960361e2d7668bbd5e546823ba9db6ccc09da5de92de83bc86
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788
b81890ba37fa54ccad75765a9406b00c1e42415a0535930c81d460e132a171f7
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b97bbc42267401c86a3218f62d4dacffd0d2da2a8f7a5a0706f7616bd2d6e79c
ba58e1b3e5cacd48e47b7b67d92e36dde9fcca83266f0f86aefeff395d27c108
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
bedfdbcd00672a76f753e3c2dc50889cd0665d50937b968ef6aa9e56892a3cfd
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2
c7076a6235cd12720cc675334102d16bd5e46a33910f1b3ada0425b74ed020d3
c70e11016c081695bdb4ffbabd5256305813baaf49f2fb9079ae3ddf1accc245
ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852
ce9706fee43dfe92b1adc52ada96d5b2a2d97df3f01deb51f08e639ebf866cdb
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d21b490fa72e9cd90e09db07c73ef43c0d65bf38de6a41dfd1c53338f71549a3
d26849a012f1de601a07c60559bae2125b1e59ab6108725caa679e958ec4fe52
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9ff0c8b785b523d8bd02ecc3b57b02119c52da84a6e73471fbf6cf5c6c1f61
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
e5f26aaa5bf5fb98df2ed17604ca1543f8049cadfdcabc207dded629ef494cc7
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe1f778683240e23c51fa92a1b26d4a5e325524c72d55dedceb3b2670f12f8d4
ff33d195a5691d0b440cd90c5537de1109fa341c16600473f0457303b25f44e1

pages.getretain.com Open in urlscan Pro 104.16.94.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

97 %HTTPS

56 %IPv6

25 Domains

38 Subdomains

30 IPs

5 Countries

2820 kBTransfer

5448 kBSize

28 Cookies

4 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pages.getretain.com Open in urlscan Pro
104.16.94.80 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

97 %
HTTPS

56 %
IPv6

25
Domains

38
Subdomains

30
IPs

5
Countries

2820 kB
Transfer

5448 kB
Size

28
Cookies

141 HTTP transactions
0 data transactions