www.checkpoint.com Open in urlscan Pro
2a02:26f0:3500:581::38f0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEmtSVtwzlUUZfmUKo8H4EODRo60N2PC_68ZuLkh3TGtG-jjKohL1DJT23qmvpL6kunJ9d6xw=
Effective URL:
https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaT...
Submission Tags: falconsandbox
Submission: On May 25 via api (May 25th 2022, 6:02:48 pm UTC) from US — Scanned from DE

Summary HTTP 215 Redirects Links 44 Behaviour Indicators

Summary

This website contacted 61 IPs in 8 countries across 50 domains to perform 215 HTTP transactions. The main IP is 2a02:26f0:3500:581::38f0, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.checkpoint.com. The Cisco Umbrella rank of the primary domain is 187729.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 6th 2022. Valid for: a year.

This is the only time www.checkpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 57	2a02:26f0:350... 2a02:26f0:3500:581::38f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.201.125.192 35.201.125.192	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	35.190.5.192 35.190.5.192	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
10	104.92.74.202 104.92.74.202	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	34.111.78.58 34.111.78.58	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3 5	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:350... 2a02:26f0:3500:695::1c91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e019	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
2	104.92.72.193 104.92.72.193	16625 (AKAMAI-AS) (AKAMAI-AS)
5	104.92.90.132 104.92.90.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	178.250.0.147 178.250.0.147	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	52.57.195.65 52.57.195.65	16509 (AMAZON-02) (AMAZON-02)
2	18.66.248.12 18.66.248.12	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	192.28.144.84 192.28.144.84	15224 (OMNITURE) (OMNITURE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	54.157.244.245 54.157.244.245	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
2 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.251.15.4 3.251.15.4	16509 (AMAZON-02) (AMAZON-02)
1	23.205.241.117 23.205.241.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2.18.232.170 2.18.232.170	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:224... 2600:9000:224a:8a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	54.77.142.93 54.77.142.93	16509 (AMAZON-02) (AMAZON-02)
1	104.92.106.130 104.92.106.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.198.74.136 18.198.74.136	16509 (AMAZON-02) (AMAZON-02)
1 2	54.155.185.156 54.155.185.156	16509 (AMAZON-02) (AMAZON-02)
2 2	52.2.34.196 52.2.34.196	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5	14618 (AMAZON-AES) (AMAZON-AES)
1	35.169.111.138 35.169.111.138	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:612... 2600:1f18:612b:4200:ada2:2974:cd33:9395	14618 (AMAZON-AES) (AMAZON-AES)
1 1	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (STACKPATH...) (STACKPATH-CDN)
64	143.204.215.12 143.204.215.12	() ()
4	54.147.21.139 54.147.21.139	() ()
215	61

1 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

click.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 2a02:26f0:3500:581::38f0 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.125.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.125.201.35.bc.googleusercontent.com

marvel-b2-cdn.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.5.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.5.190.35.bc.googleusercontent.com

cdn.b0e8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.92.74.202 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-202.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.78.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.78.111.34.bc.googleusercontent.com

a1.b0e8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.13 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:695::1c91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e019 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.72.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-193.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.92.90.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-90-132.deploy.static.akamaitechnologies.com

abrtp1-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.147 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.195.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-195-65.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-12.dus51.r.cloudfront.net

assets.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.28.144.84 (United States)

ASN15224 (OMNITURE, US)

abrtp1.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.157.244.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-244-245.compute-1.amazonaws.com

trackingapi.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

750-dqh-528.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.251.15.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-15-4.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.241.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-117.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (Harrodsburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-170.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:8a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.142.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-142-93.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.106.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-130.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.74.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-74-136.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.185.156 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-185-156.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.34.196 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-34-196.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.111.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-111-138.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:ada2:2974:cd33:9395 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.112 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 143.204.215.12 (None, )

ASN- ()

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.147.21.139 (None, )

ASN- ()

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com	754 KB
58	checkpoint.com 2 redirects click.checkpoint.com — Cisco Umbrella Rank: 753174 www.checkpoint.com — Cisco Umbrella Rank: 187729	1 MB
11	marketo.com abrtp1-cdn.marketo.com — Cisco Umbrella Rank: 34727 rtp-static.marketo.com — Cisco Umbrella Rank: 17759 abrtp1.marketo.com — Cisco Umbrella Rank: 42830	124 KB
11	6sc.co j.6sc.co — Cisco Umbrella Rank: 7782 c.6sc.co — Cisco Umbrella Rank: 11738 ipv6.6sc.co — Cisco Umbrella Rank: 15956 b.6sc.co — Cisco Umbrella Rank: 5389	17 KB
10	criteo.com 3 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4508 gum.criteo.com — Cisco Umbrella Rank: 393 mug.criteo.com — Cisco Umbrella Rank: 2669 sslwidget.criteo.com — Cisco Umbrella Rank: 1705 widget.us.criteo.com — Cisco Umbrella Rank: 18771 dis.criteo.com — Cisco Umbrella Rank: 725	20 KB
8	trendemon.com assets.trendemon.com — Cisco Umbrella Rank: 82424 trackingapi.trendemon.com — Cisco Umbrella Rank: 30281	50 KB
8	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 424 ib.adnxs.com — Cisco Umbrella Rank: 240	8 KB
4	drift.com metrics.api.drift.com bootstrap.api.drift.com	367 B
4	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 1156 sp.analytics.yahoo.com — Cisco Umbrella Rank: 849 ups.analytics.yahoo.com — Cisco Umbrella Rank: 297	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 511 www.linkedin.com — Cisco Umbrella Rank: 616 px4.ads.linkedin.com — Cisco Umbrella Rank: 4745	4 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 525 i6.liadm.com — Cisco Umbrella Rank: 1678	1 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 92 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	1 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 675 cdn.stickyadstv.com — Cisco Umbrella Rank: 2389	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 646	853 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1551	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 330	629 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	500 B
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 12992	408 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	113 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3700	6 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	b0e8.com cdn.b0e8.com — Cisco Umbrella Rank: 10571 a1.b0e8.com — Cisco Umbrella Rank: 10971	22 KB
2	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1364	84 KB
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2097	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1181	428 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 634	262 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 611	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1259	99 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1779	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1872	336 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 741	238 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 526	785 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 414	140 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 606	585 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 354	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1413	427 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 782	476 B
1	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 3513	234 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 1869	232 B
1	mktoresp.com 750-dqh-528.mktoresp.com — Cisco Umbrella Rank: 752253	311 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	14 KB
1	t.co t.co — Cisco Umbrella Rank: 495	336 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 534	355 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 638	14 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 939	3 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5483	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 7	501 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	76 KB
1	bc0a.com marvel-b2-cdn.bc0a.com — Cisco Umbrella Rank: 20106	4 KB
215	50

	Domain	Requested by
64	js.driftt.com	click.checkpoint.com js.driftt.com
57	www.checkpoint.com	2 redirects click.checkpoint.com www.checkpoint.com
8	b.6sc.co
6	trackingapi.trendemon.com	assets.trendemon.com
6	abrtp1.marketo.com	abrtp1-cdn.marketo.com rtp-static.marketo.com
5	secure.adnxs.com	3 redirects j.6sc.co
4	rtp-static.marketo.com	abrtp1-cdn.marketo.com
3	ib.adnxs.com	3 redirects
3	dis.criteo.com
3	gum.criteo.com	2 redirects static.criteo.net
2	bootstrap.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	idsync.rlcdn.com
2	cm.g.doubleclick.net	2 redirects
2	www.facebook.com
2	px.ads.linkedin.com	2 redirects
2	assets.trendemon.com	click.checkpoint.com assets.trendemon.com
2	epsilon.6sense.com	j.6sc.co
2	connect.facebook.net	click.checkpoint.com connect.facebook.net
2	munchkin.marketo.net	click.checkpoint.com munchkin.marketo.net
2	www.google-analytics.com	www.googletagmanager.com www.checkpoint.com
2	www.googleoptimize.com	www.checkpoint.com www.googletagmanager.com
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	s.ad.smaato.net
1	contextual.media.net
1	eb2.3lift.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	sp.analytics.yahoo.com
1	ads.yahoo.com
1	c.aaxads.com
1	partner.mediawallahscript.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com
1	750-dqh-528.mktoresp.com	munchkin.marketo.net
1	static.criteo.net	dynamic.criteo.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	t.co
1	analytics.twitter.com
1	dynamic.criteo.com	www.googletagmanager.com
1	abrtp1-cdn.marketo.com	click.checkpoint.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	www.google.de	www.checkpoint.com
1	www.google.com	www.checkpoint.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	a1.b0e8.com	www.checkpoint.com
1	j.6sc.co	click.checkpoint.com
1	www.googletagmanager.com	www.checkpoint.com
1	cdn.b0e8.com	www.checkpoint.com
1	marvel-b2-cdn.bc0a.com	www.checkpoint.com
1	click.checkpoint.com
215	72

This site contains links to these domains. Also see Links.

Domain
supportcenter.checkpoint.com
usercenter.checkpoint.com
blog.checkpoint.com
www.checkpoint.com.cn
help.checkpoint.com
training-certifications.checkpoint.com
cyberpark.checkpoint.com
partnerlocator.checkpoint.com
www.youtube.com
resources.checkpoint.com
catalog.checkpoint.com
research.checkpoint.com
www.cybertalk.org
community.checkpoint.com
www.brighttalk.com
pages.checkpoint.com
youtu.be
www.zonealarm.com
virtual-cpx.checkpoint.com
threatmap.checkpoint.com
threatwiki.checkpoint.com
appwiki.checkpoint.com
careers.checkpoint.com
checkpointcompanystore.com
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
click.checkpoint.com Cloudflare Inc ECC CA-3	`2022-05-05` - `2023-05-05`	a year	crt.sh
*.checkpoint.com DigiCert SHA2 Secure Server CA	`2022-01-06` - `2023-01-06`	a year	crt.sh
cdn.bc0a.com GTS CA 1D4	`2022-05-10` - `2022-08-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
cdn.b0e8.com GTS CA 1D4	`2022-05-14` - `2022-08-12`	3 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
b0e8.com GTS CA 1D4	`2022-05-15` - `2022-08-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-04` - `2022-06-02`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.6sense.com Amazon	`2021-06-30` - `2022-07-29`	a year	crt.sh
*.trendemon.com SSL.com RSA SSL subCA	`2021-06-27` - `2022-07-28`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-05-02` - `2022-06-22`	2 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
Frame ID: 7A4D595173758C05A0ABA35F9EADA894
Requests: 115 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.checkpoint.com&origin=onetag
Frame ID: 9DB78D808F582F21286E17C1723301D2
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-y4Tk11IM1_qDTR6ZbNc1zMTDOdTOn1gSiN7VOw&google_gid=CAESEHGR2PkF-PpmsHdi-YTNvmQ&google_cver=1&google_ula=913071,0
Frame ID: 58A3DB9D3E1458BB72B627F69E9D8697
Requests: 30 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: B705B8DC3D8A9159F1941F4A3CD8BF5F
Requests: 32 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
Frame ID: 3A423EEFEE217084D129D2EEBB6C3EBE
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ransomware Hub - Check Point Software

Page URL History Show full URLs

https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEmtSVtwzlUUZfmUKo8H4EODRo60N2PC_68ZuLkh3TGtG-jjKohL1DJT23... Page URL
https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75d... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

215
Requests

93 %
HTTPS

28 %
IPv6

50
Domains

72
Subdomains

61
IPs

8
Countries

2602 kB
Transfer

6180 kB
Size

77
Cookies

44 Outgoing links

These are links going to different origins than the main page.

URL: https://supportcenter.checkpoint.com/
Title: Support Center

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/index.jsp
Title: Sign In

Search URL Search Domain Scan URL

URL: https://blog.checkpoint.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com.cn/
Title: Chinese (中文)

Search URL Search Domain Scan URL

URL: https://help.checkpoint.com/s/
Title: Create/View Service Request

Search URL Search Domain Scan URL

URL: https://training-certifications.checkpoint.com/#/
Title: Training & Certification

Search URL Search Domain Scan URL

URL: https://cyberpark.checkpoint.com/
Title: Cyber Park

Search URL Search Domain Scan URL

URL: https://partnerlocator.checkpoint.com/#/
Title: Find a Partner

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=gr2f2LqjUAE
Title: Watch Video

Search URL Search Domain Scan URL

URL: https://resources.checkpoint.com/
Title: Content Resource Center

Search URL Search Domain Scan URL

URL: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doShowprelanding&all
Title: Downloads & Documentation

Search URL Search Domain Scan URL

URL: https://catalog.checkpoint.com/
Title: Product Catalog

Search URL Search Domain Scan URL

URL: https://usercenter.checkpoint.com/usercenter/portal/media-type/html/role/usercenterUser/page/default.psml/js_pane/PricingToolsId,supportQuoteToolId
Title: Renewal Pricing Tool

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/
Title: Check Point Research

Search URL Search Domain Scan URL

URL: https://www.cybertalk.org/
Title: Cyber Talk for Executives

Search URL Search Domain Scan URL

URL: https://community.checkpoint.com/
Title: CheckMates Community

Search URL Search Domain Scan URL

URL: https://community.checkpoint.com/t5/General-Topics/CPX-360-2022/m-p/138585#M24678?utm_source=cp-home&utm_medium=cp-website&utm_campaign=cm_wr_21q4_ww_cpx_360_2022&utm_content=megamenu
Title: LEARN MORE

Search URL Search Domain Scan URL

URL: https://blog.checkpoint.com/2022/05/11/how-the-evolution-of-ransomware-changed-the-threat-landscape/
Title: LEARN MORE

Search URL Search Domain Scan URL

URL: https://www.brighttalk.com/webcast/16731/543219?utm_source=CheckPointSoftwareTechnologies&utm_medium=brighttalk&utm_campaign=543219
Title: REGISTER AMERICAS

Search URL Search Domain Scan URL

URL: https://www.brighttalk.com/webcast/16731/543218?utm_source=CheckPointSoftwareTechnologies&utm_medium=brighttalk&utm_campaign=543218
Title: REGISTER EMEA/APAC

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2022/behind-the-curtains-of-the-ransomware-economy-the-victims-and-the-cybercriminals/

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2022/ransomversary-wannacrys-5th-anniversary-special-and-the-evolution-of-ransomware/

Search URL Search Domain Scan URL

URL: https://blog.checkpoint.com/2022/04/27/cracks-forming-in-the-ransomware-ecosystem/

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2022/leaks-of-conti-ransomware-group-paint-picture-of-a-surprisingly-normal-tech-start-up-sort-of/

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2022/inside-russias-biggest-ransomware-operation/
Title: LISTEN TO PODCAST

Search URL Search Domain Scan URL

URL: https://www.cybertalk.org/wp-content/uploads/2022/05/CISO-Guide-to-Ransomware-Prevention-Ebook__.pdf
Title: DOWNLOAD THE E-BOOK

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/prevent-cyber-attacks.html
Title: DOWNLOAD WHITEPAPER

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/harmony-endpoint-request-demo.html
Title: REQUEST A DEMO

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=A_gUsrZXhWs

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/cyber-security-report-2022.html
Title: Cyber Security Report 2022

Search URL Search Domain Scan URL

URL: https://youtu.be/If8ERU992Mc
Title: Maze Ransomware Threat Hunting Using MITRE ATT&CK

Search URL Search Domain Scan URL

URL: https://resources.checkpoint.com/cyber-security-resources/can-your-endpoint-protection-do-this-how-a-modern-endpoint-protection-edr-should-look-like
Title: Can YOUR Endpoint Protection Do This?

Search URL Search Domain Scan URL

URL: https://www.zonealarm.com/
Title: Consumer Products

Search URL Search Domain Scan URL

URL: https://virtual-cpx.checkpoint.com/
Title: CPX 360

Search URL Search Domain Scan URL

URL: https://pages.checkpoint.com/security-checkup.html
Title: Security Check Up

Search URL Search Domain Scan URL

URL: https://threatmap.checkpoint.com/
Title: Threat Map

Search URL Search Domain Scan URL

URL: https://threatwiki.checkpoint.com/threatwiki/public.htm
Title: Threat Wiki

Search URL Search Domain Scan URL

URL: https://appwiki.checkpoint.com/appwikisdb/public.htm
Title: App Wiki

Search URL Search Domain Scan URL

URL: https://careers.checkpoint.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://checkpointcompanystore.com/
Title: Merchandise Store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/checkpointsoftware

Search URL Search Domain Scan URL

URL: https://twitter.com/checkpointsw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/check-point-software-technologies

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CPGlobal

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEmtSVtwzlUUZfmUKo8H4EODRo60N2PC_68ZuLkh3TGtG-jjKohL1DJT23qmvpL6kunJ9d6xw= Page URL
https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.checkpoint.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP 302
https://www.checkpoint.com/

Request Chain 47

https://www.checkpoint.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP 302
https://www.checkpoint.com/

Request Chain 84

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1653501761201&url=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D51830%26time%3D1653501761201%26url%3Dhttps%253A%252F%252Fwww.checkpoint.com%252Fransomware-hub%252F%253Fmkt_tok%253DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1653501761201&url=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1653501761201&url=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&liSync=true&e_ipv6=AQLCtoySvHdoNAAAAYD8Ypi_BYm3ZKdaD7qPwYmEaqx27BO9rZcmaa-bcqsnvOj6eWhhTMQr91Kws7eV0izwGwTFsu2hIA

Request Chain 100

https://gum.criteo.com/sid/json?origin=onetag&domain=checkpoint.com&sn=ChromeSyncframe&so=0&topUrl=www.checkpoint.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=qwfY6nxFR3BsMVdpZlpzVmx6RkVSL2Q4b1Z6WDV5b3BlVGdxNHBvT25oRVZ4QVljTGYyWGxGbE1IYTViM1p3VVMyb2R4U05BWjhJcnBId1lubHZJTWNOdGlDNDF0SjByOGtZaThYV0xWUFh0NFZKSTBOQWxHVVpXU3ZSUzAyWGdmYnRobStLN3Z5VWFnVG9QZG9BeGdseVhUV2RmenF1bkJUZTdNeHVqWlB2TWtGR0hodm43enZsRlVCV3lKMUtTQ3F0ZWlDV2lHMmlucE1kaGJVSGh1cm5CckNRb2FHVEV5S2JzbmQ0V1JHNVRzRVhYSks1K3JMeVl5T3pzVmZXMSs4ZlBHMENXTGNma1R4VHJMVENMSFIwYjJTNXJKU2lzdlRnVVdDYWJIR1JGWUl5QT18&cppv=2

Request Chain 105

https://sslwidget.criteo.com/event?a=65583&v=5.10.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.checkpoint.com&p1=e%3Dvp%26p%3DHarmony&p2=e%3Ddis&adce=1&bundle=Df81YV9wNm9FT2Vsd1VJYVg2NkVBYzZ5b1FnMmg1UzR6QnpTN0Q5c25YMjNXZEJ1UGtRUnp6RW9zMFJPTk95aEVKbHVUU1d3Y3Q5VVBLJTJCN1k4VWhFempNZVd3d3JvNzlrQjFYdHRVYk9KWXhDUEIxQUElMkYxZiUyQkFaZTAlMkZXRSUyQm44U0Y4bWlLNThSTFhjU1plJTJGa2hpOTZIYUlWRnclM0QlM0Q&tld=checkpoint.com&dy=1&fu=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&dtycbr=34465 HTTP 302
https://widget.us.criteo.com/event?a=65583&v=5.10.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.checkpoint.com&p1=e%3Dvp%26p%3DHarmony&p2=e%3Ddis&adce=1&bundle=Df81YV9wNm9FT2Vsd1VJYVg2NkVBYzZ5b1FnMmg1UzR6QnpTN0Q5c25YMjNXZEJ1UGtRUnp6RW9zMFJPTk95aEVKbHVUU1d3Y3Q5VVBLJTJCN1k4VWhFempNZVd3d3JvNzlrQjFYdHRVYk9KWXhDUEIxQUElMkYxZiUyQkFaZTAlMkZXRSUyQm44U0Y4bWlLNThSTFhjU1plJTJGa2hpOTZIYUlWRnclM0QlM0Q&tld=checkpoint.com&dy=1&fu=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&dtycbr=34465

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-y4Tk11IM1_qDTR6ZbNc1zMTDOdTOn1gSiN7VOw&google_cm&google_hm=ay15NFRrMTFJTTFfcURUUjZaYk5jMXpNVERPZFRPbjFnU2lON1ZPdw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-y4Tk11IM1_qDTR6ZbNc1zMTDOdTOn1gSiN7VOw&google_cm=&google_hm=ay15NFRrMTFJTTFfcURUUjZaYk5jMXpNVERPZFRPbjFnU2lON1ZPdw&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-y4Tk11IM1_qDTR6ZbNc1zMTDOdTOn1gSiN7VOw&google_gid=CAESEHGR2PkF-PpmsHdi-YTNvmQ&google_cver=1&google_ula=913071,0

Request Chain 112

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=_HWjDGUE7wc2Ix6c3uqqc8WPKsG6Nwx_

Request Chain 118

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-eztFNlIM1_qDTR6ZbNc1zMTDOdSfzvJEdiinuw HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-eztFNlIM1_qDTR6ZbNc1zMTDOdSfzvJEdiinuw&verify=true

Request Chain 122

https://secure.adnxs.com/setuid?entity=52&code=k-Qok9OVIM1_qDTR6ZbNc1zMTDOdRhguvc2aixUg&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Qok9OVIM1_qDTR6ZbNc1zMTDOdRhguvc2aixUg%26seg%3D95287

Request Chain 123

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5326292364535777723

Request Chain 127

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OvcqLlIM1_qDTR6ZbNc1zMTDOdS8y9dLAhXiKg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OvcqLlIM1_qDTR6ZbNc1zMTDOdS8y9dLAhXiKg&C=1

Request Chain 129

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-e_qYAVIM1_qDTR6ZbNc1zMTDOdTEEeiGt3nhkQ&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e_qYAVIM1_qDTR6ZbNc1zMTDOdTEEeiGt3nhkQ&expires=30&user_group=5

Request Chain 135

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-dXIrPVIM1_qDTR6ZbNc1zMTDOdS7rmIZVKsRZw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-dXIrPVIM1_qDTR6ZbNc1zMTDOdS7rmIZVKsRZw

Request Chain 136

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eM1mWFIM1_qDTR6ZbNc1zMTDOdRKpadtB9miFQ HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eM1mWFIM1_qDTR6ZbNc1zMTDOdRKpadtB9miFQ&_li_chk=true&previous_uuid=7619661fd3ac4179a38b23ca8e4ad6f0 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eM1mWFIM1_qDTR6ZbNc1zMTDOdRKpadtB9miFQ

Request Chain 139

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-eGThtFIM1_qDTR6ZbNc1zMTDOdSjLPVO_jmrRg&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 140

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5326292364535777723

215 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 NzUwLURRSC01MjgAAAGEmtSVtwzlUUZfmUKo8H4EODRo60N2PC_68ZuLkh3TGtG-jjKohL1DJT23qmvpL6kunJ9d6xw=
click.checkpoint.com/ 536 B
1 KB 158ms
136ms Document
text/html 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEmtSVtwzlUUZfmUKo8H4EODRo60N2PC_68ZuLkh3TGtG-jjKohL1DJT23qmvpL6kunJ9d6xw=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-vtRcX4f6+UGu4hKnkacQDZtB6lD5mNzjvcYsCiZsoJ8=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 71102eda1bda9c00-FRA
content-encoding: gzip
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-vtRcX4f6+UGu4hKnkacQDZtB6lD5mNzjvcYsCiZsoJ8=';object-src 'none';form-action 'none';frame-src 'none'
content-type: text/html
date: Wed, 25 May 2022 18:02:36 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK Primary Request / Show response
www.checkpoint.com/ransomware-hub/ 125 KB
33 KB 3152ms
2923ms Document
text/html 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEmtSVtwzlUUZfmUKo8H4EODRo60N2PC_68ZuLkh3TGtG-jjKohL1DJT23qmvpL6kunJ9d6xw=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e0969d7897decd41afde0a8e05458d95d1550e88e5d55bc96f80f71a71f74130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://click.checkpoint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Cache-Control: public, max-age=600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 32672
Content-Type: text/html; charset=utf-8
Date: Wed, 25 May 2022 18:02:39 GMT
Link: </?p=240730>; rel=shortlink
Server: Apache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H2 200 marvel.js Show response
marvel-b2-cdn.bc0a.com/ 9 KB
4 KB 29ms
8ms Script
application/javascript 35.201.125.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marvel-b2-cdn.bc0a.com/marvel.js
Requested by: Host: www.checkpoint.com
URL: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.125.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.125.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 965fc05b277596a937ba9d14388799fd5217eb96179f0187b8b937347bdfaf59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 17:15:12 GMT
content-encoding: gzip
age: 2847
x-guploader-uploadid: ADPycdtbDlw1aDi4PCl-9qkYaHmrfOo9zODZvVV7f9czOPBPAolwKCgJUWVvCBii5m-qpERsLc02I9UBJQnr5ek4StNn_A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3217
last-modified: Wed, 01 Sep 2021 18:16:49 GMT
server: UploadServer
etag: "5a385b6f8bc7f4775b2ec7b66c0ec4c2"
vary: Accept-Encoding
x-goog-hash: crc32c=0X9o7A==, md5=Wjhbb4vH9HdbLse2bA7Ewg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1630520209881243
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3217
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 25 May 2022 18:15:12 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 114 KB
42 KB 48ms
21ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-5L6CQT3

Requested by

Host: www.checkpoint.com
URL: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ca794e34a83e8bb73591e69a115a4c79ca95a9b5cb7490fb5cd394d9c785926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42611
x-xss-protection: 0
expires: Wed, 25 May 2022 18:02:39 GMT

GET
H/1.1 200
OK cp-head-banner.css
www.checkpoint.com/wp-content/plugins/cp_functions/head_banner/display/assets/css/ 1 KB
1 KB 15ms
14ms Stylesheet
text/css 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/plugins/cp_functions/head_banner/display/assets/css/cp-head-banner.css?ver=6.66

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2aeb673fe2b9306685d2fd56e31b580f11ea3026b98bf91154e4c4d6b05f1a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 506
Last-Modified: Tue, 10 Aug 2021 20:40:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "4c2-5c93a81694800"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=600000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK panel.css
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/styles/ 21 KB
6 KB 29ms
14ms Stylesheet
text/css 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/styles/panel.css?ver=1.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

70cf8868c462616148c1134976fe8aca3abd1cd0f2a024fcd06383c0942ea970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 5262
Last-Modified: Tue, 24 May 2022 15:42:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "5440-5dfc3ce61cc39"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=600000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK flickity.min.css
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/flickity/ 2 KB
1 KB 42ms
17ms Stylesheet
text/css 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/flickity/flickity.min.css?ver=5.9.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

76bd7f0e3e6d502ee1fbeec5eeb367d10c8a6ec592f394c63d4da34cc6775120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 654
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "703-5dca5addb9db4"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=600000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK cp_new_nav.css
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/tmp_files/css/ 55 KB
10 KB 41ms
16ms Stylesheet
text/css 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/tmp_files/css/cp_new_nav.css?ver=1.97

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2917513984c339c5946ececee6f277a23f473d48f103277125c8ab76d3f32f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 9530
Last-Modified: Wed, 20 Apr 2022 20:26:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "dd57-5dd1bcf403405"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=600000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK bootstrap.min.css
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/ 118 KB
25 KB 43ms
17ms Stylesheet
text/css 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/bootstrap.min.css?ver=3.59

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

159f03a49a3ace39c2c92b2c5f7f167ac25b1eea9cdc8c82663ddd323eab300f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 24756
Last-Modified: Thu, 14 Apr 2022 23:30:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1d6b5-5dca5add8cef4"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=600000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK cp-base.css
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/ 49 KB
13 KB 41ms
14ms Stylesheet
text/css 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/cp-base.css?ver=3.59

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

f0b2c19f3856317ebaac965fe06e444984027e9a99ac1aefe4093db25be4b3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 12813
Last-Modified: Thu, 14 Apr 2022 23:30:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "c348-5dca5add8de94"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=600000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK cp-nav.css
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/ 30 KB
7 KB 44ms
17ms Stylesheet
text/css 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/cp-nav.css?ver=3.59

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

529f79ace9dd01356aaf171a9b9eb6e09e98155ae4a31f1f5d2472027c8a2a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 6536
Last-Modified: Thu, 14 Apr 2022 23:30:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "7814-5dca5add8f21c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=600000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK font-awesome.min.css
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/ 30 KB
8 KB 45ms
16ms Stylesheet
text/css 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/font-awesome.min.css?ver=3.59

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 7327
Last-Modified: Thu, 14 Apr 2022 23:30:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "7918-5dca5add8f604"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=600000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK jquery-3.4.0.min.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/jquery/ 86 KB
36 KB 63ms
20ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/jquery/jquery-3.4.0.min.js?ver=5.9.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 36379
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "15857-5dca5addba584"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK cp_head_banner.js Show response
www.checkpoint.com/wp-content/plugins/cp_functions/head_banner/display/assets/js/ 1 KB
1 KB 57ms
15ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/plugins/cp_functions/head_banner/display/assets/js/cp_head_banner.js?ver=6.66

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

cc003d6679c6fb373fd5f68509b9f2675c0a6fadd4bd18ce3c5d6c002dbdbc5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 473
Last-Modified: Tue, 13 Jul 2021 22:52:13 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "416-5c70916b2c140"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK bootstrap.youtubepopup.min.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/youtube-modal/ 3 KB
2 KB 69ms
26ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/youtube-modal/bootstrap.youtubepopup.min.js?ver=5.9.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

3538a17fba55759f561d59c1b65f09aec92be1c62cb0bbbc3181be67b25035a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 1456
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "bc5-5dca5addba96c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK js.cookie.min.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/js-cookie/ 2 KB
1 KB 57ms
13ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/js-cookie/js.cookie.min.js?ver=5.9.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

7acd4f195f32c0ae9a8ce20c6e2f80e1175ee3df9e93b26dcdd068b7b51a0ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 866
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "699-5dca5addba584"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK bootstrap.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/ 39 KB
14 KB 59ms
15ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/bootstrap.js?ver=3.59

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 13508
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "9b00-5dca5addb631c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK header.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/ 6 KB
2 KB 67ms
13ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/header.js?ver=3.59

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

0180b3a38826096676a67f9d0b80d42e56aed9812132be9a82ae399fe81c9a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 1739
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "188a-5dca5addb6704"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/ 75 KB
76 KB 75ms
18ms Font
application/octet-stream 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
Origin: https://www.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "12d68-5dca5adda70ec"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.checkpoint.com
Cache-Control: public, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 77160

GET
H/1.1 200
OK 34CA47_4_0.woff2
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/ 55 KB
56 KB 74ms
17ms Font
application/octet-stream 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/34CA47_4_0.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

a68195b8cc14956be9352ca6f989f4e617912533b10ad404c36ce05a7b66c2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
Origin: https://www.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "dd84-5dca5add9fbbc"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.checkpoint.com
Cache-Control: public, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 56708

GET
H/1.1 200
OK 34CA47_6_0.woff2
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/ 58 KB
59 KB 75ms
16ms Font
application/octet-stream 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/fonts/34CA47_6_0.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

0fc686423c26cb1030032fd7e4f2dd664c4b08517a8990c0b46269dd4e01910b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
Origin: https://www.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "e890-5dca5adda0b5c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.checkpoint.com
Cache-Control: public, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 59536

GET
H/1.1 200
OK under-attack.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 3 KB
4 KB 15ms
14ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/under-attack.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

7003b61166e5a477a9b5880cafe0a0420fef0af9e35562f81488c3b4c76cb156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "c0c-5dca5addaf5bc"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 3084

GET
H/1.1 200
OK search-btn.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
2 KB 14ms
13ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/search-btn.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

a7d7aa09becb2494f61a590c32dd433a7b0daf2bddf29c5f622ac84a4c197007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "729-5dca5addaea04"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1833

GET
H/1.1 200
OK cp-logo-2022-peace.gif
www.checkpoint.com/wp-content/uploads/ 9 KB
10 KB 16ms
16ms Image
image/gif 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/cp-logo-2022-peace.gif?v=1.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e1c835fc1b9ca93c23a6b79c3cf39f0dcf308018e4da4025ed40b0ae70b589ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Wed, 02 Mar 2022 22:51:58 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2573-5d94421061430"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/gif
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 9587

GET
H/1.1 200
OK checkpoint-logo.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 6 KB
7 KB 34ms
34ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/checkpoint-logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

bab4d95c3b1a677e3bc5c976e207d9a7189a14db8944c126474373f4cb9d91bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Tue, 18 Jan 2022 19:48:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "17d7-5d5e08e0a8d00"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 6103

GET
H/1.1 200
OK ransomware-trends-timeline-graph.jpg.webp
www.checkpoint.com/wp-content/uploads/ 64 KB
65 KB 38ms
15ms Image
image/webp 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/ransomware-trends-timeline-graph.jpg.webp

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

dffec3dc6c396a048f1a0a2f2da900772e5e2f0d7b7a27b35f7e3f68a5480bf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Thu, 12 May 2022 17:08:32 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "10054-5ded39b8fb835"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/webp
Cache-Control: public, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 65620

GET
H/1.1 200
OK behind-the-curtains-of-the-ransomware-economy-350x177px.jpg.webp
www.checkpoint.com/wp-content/uploads/ 12 KB
13 KB 17ms
17ms Image
image/webp 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/behind-the-curtains-of-the-ransomware-economy-350x177px.jpg.webp

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e85c04591f51241a28edb37fbf58810b899d373572712830c70a0acdca77af48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Wed, 11 May 2022 18:33:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "31e2-5dec0af1f9520"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/webp
Cache-Control: public, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 12770

GET
H/1.1 200
OK ransomware-evolution-research-350x177px.jpg.webp
www.checkpoint.com/wp-content/uploads/ 12 KB
12 KB 29ms
29ms Image
image/webp 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/ransomware-evolution-research-350x177px.jpg.webp

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

dbe21e52a3bece482d1926be6552a78708b61638973993dcd87132e97d9bec38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Wed, 11 May 2022 18:33:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2f80-5dec0adca9815"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/webp
Cache-Control: public, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 12160

GET
H/1.1 200
OK cracks-forming-in-the-ransomware-ecosystem-350x177px.jpg.webp
www.checkpoint.com/wp-content/uploads/ 11 KB
11 KB 48ms
48ms Image
image/webp 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/cracks-forming-in-the-ransomware-ecosystem-350x177px.jpg.webp

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

afe80b202ed02211f0433bf62aa03d06591bc8c53d23e9035eba75d0ef007195

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Last-Modified: Wed, 11 May 2022 18:34:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2b60-5dec0b07472e9"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/webp
Cache-Control: public, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 11104

GET
H/1.1 200
OK ransomware-group-tile.jpg.webp
www.checkpoint.com/wp-content/uploads/ 16 KB
17 KB 29ms
18ms Image
image/webp 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/ransomware-group-tile.jpg.webp

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

4bd00fd1cb5818aae2eed90a41d1a5d964f72f4efea6706bddabd81172308fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Last-Modified: Mon, 21 Mar 2022 16:52:45 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "4072-5dabd53534d0c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/webp
Cache-Control: public, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 16498

GET
H/1.1 200
OK ciso-guide-to-ransomware-prevention-ebook-image.png.webp
www.checkpoint.com/wp-content/uploads/ 60 KB
60 KB 18ms
17ms Image
image/webp 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/ciso-guide-to-ransomware-prevention-ebook-image.png.webp

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

f1b26bb78ff53f12f333d950da9298866e0026bbffbb46adac843cabc26b90ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Last-Modified: Fri, 20 May 2022 00:01:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "eec2-5df66306fe17c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/webp
Cache-Control: public, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 61122

GET
H/1.1 200
OK prevent-attacks-before-they-happen-whitepaper-image-1024x605px.png.webp
www.checkpoint.com/wp-content/uploads/ 70 KB
70 KB 19ms
19ms Image
image/webp 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/prevent-attacks-before-they-happen-whitepaper-image-1024x605px.png.webp

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

61a2c41ce976dc3f6ee3dea1efac5041aed2ce99c702bf1d0ef05afef41348ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Last-Modified: Wed, 11 May 2022 22:20:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "11746-5dec3d9296cc7"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/webp
Cache-Control: public, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 71494

GET
H/1.1 200
OK video-product-can-your-endpoint-security-do-this.png
www.checkpoint.com/wp-content/uploads/ 210 KB
211 KB 39ms
39ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/video-product-can-your-endpoint-security-do-this.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ba3ee5f14a9e7a6db70705c4f637491f8e8ed314e424c5e4d8c259279109778b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Last-Modified: Sun, 19 Sep 2021 11:37:51 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "349a2-5cc57982f21c0"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 215458

GET
H/1.1 200
OK tri-alert.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
2 KB 22ms
13ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/tri-alert.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ee632663fb7376a2b1979fa0edf11dacacefbb1a118d0b651afb6e1107b611f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "602-5dca5addaf5bc"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1538

GET
H/1.1 200
OK chat-close-button.png
www.checkpoint.com/wp-content/uploads/ 2 KB
2 KB 22ms
21ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/chat-close-button.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ccfd32a1781e0709a7195f5e8ee573fec6964f3bab44a2a3e1fddd937efe64f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Apr 2018 20:59:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "626-56b1722557900"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1574

GET
H/1.1 200
OK chat.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 1 KB
2 KB 23ms
22ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/chat.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e0223849b23778efe4bbcfd91745b8116ded9f452974b16de2ad94e34e4be9c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "540-5dca5addac2f4"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1344

GET
H/1.1 200
OK chat-person.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 12 KB
13 KB 14ms
14ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/chat-person.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

110a1679d0432414df7092de396478b464cdc9a9b9a63b5d99e5f714c396494d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "3187-5dca5addabf0c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 12679

GET
H/1.1 200
OK contact-us.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 1 KB
2 KB 37ms
13ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/contact-us.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

db88325fa6929dcaa0710abf0da2dd7ed76fead6e51686fa549aa491b7af9db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "5a4-5dca5addac2f4"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1444

GET
H/1.1 200
OK feedback-icon.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 296 B
886 B 45ms
45ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/feedback-icon.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

6b5e10908ab2815bb73aacc782ad91dae2c9bb32a1570706cb4832340c138210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "128-5dca5addac6dc"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 296

GET
H/1.1 200
OK icon-phone.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 1 KB
2 KB 13ms
13ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/icon-phone.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

945c48407720ae91103b34e610ba4c784e24aa13229ebd27ef90297c201da869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "515-5dca5addacac4"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1301

GET
H/1.1 200
OK styles.css
www.checkpoint.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
2 KB 15ms
14ms Stylesheet
text/css 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 971
Last-Modified: Wed, 18 May 2022 17:43:46 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "aab-5df4ccc8f4111"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=600000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK parallax.min.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/parallax/ 7 KB
3 KB 18ms
16ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/parallax/parallax.min.js?ver=5.9.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

261aaa72df6476ca604b9142d56d5ffdc04e91d0e858c577796854d7872ace86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 2322
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1ad0-5dca5addba96c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK flickity.pkgd.min.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/flickity/ 53 KB
18 KB 19ms
16ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/flickity/flickity.pkgd.min.js?ver=5.9.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

dcc6aaeccd530bcb0e91ef01e2046485f1ad113a865aafb17a740eee4da61e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 17356
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "d32f-5dca5addba19c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK bg-lazyload.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/flickity/ 3 KB
2 KB 16ms
13ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/lib/flickity/bg-lazyload.js?ver=5.9.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

a13d9dd0836589e4dc2fbc969bf660189d53a47399e3fd262d52a150157faa7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 1063
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "ba3-5dca5addb99cc"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK template-panel.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/ 4 KB
2 KB 16ms
15ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/template-panel.js?ver=5.9.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

543e9a3149e881d19f5632d44718fd2f54229a9ea7c6098cf5af5b6f61382f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 1517
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "e42-5dca5addb76a4"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK cp_new_nav.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/tmp_files/js/ 6 KB
2 KB 14ms
14ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/tmp_files/js/cp_new_nav.js?ver=5.9.3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

0c4dd35f3c71a799eabddd264a881c8ba549902169c711cd3933cc3fd284eedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 1630
Last-Modified: Tue, 17 May 2022 21:44:08 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1932-5df3c0a561a00"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK footer.js Show response
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/ 3 KB
2 KB 15ms
15ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/js/footer.js?ver=3.59

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

888792e0dc7bf69a3ba98c2ecea2550bfc7bc45268200c560dfa17d9068c56d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 965
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a46-5dca5addb6704"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1

200
OK

/ Show response
www.checkpoint.com/
Redirect Chain

https://www.checkpoint.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
https://www.checkpoint.com/

137 KB
35 KB

16ms
15ms

Script
text/html

2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/

Requested by

Protocol

HTTP/1.1

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

5b21d4493859c5cee92630577f0f71b4fbed0fe382227db727cca346cd2bfa4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Content-Encoding: gzip
Server: Apache
Link: </>; rel=shortlink
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Cache-Control: public, max-age=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 35523

Redirect headers

Location: https://www.checkpoint.com
Date: Wed, 25 May 2022 18:02:40 GMT
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Expires: Thu, 26 May 2022 18:02:40 GMT

GET
H/1.1

200
OK

/ Show response
www.checkpoint.com/
Redirect Chain

https://www.checkpoint.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
https://www.checkpoint.com/

137 KB
35 KB

15ms
14ms

Script
text/html

2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/

Requested by

Protocol

HTTP/1.1

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

5b21d4493859c5cee92630577f0f71b4fbed0fe382227db727cca346cd2bfa4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Content-Encoding: gzip
Server: Apache
Link: </>; rel=shortlink
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Cache-Control: public, max-age=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 35523

Redirect headers

Location: https://www.checkpoint.com
Date: Wed, 25 May 2022 18:02:41 GMT
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Expires: Thu, 26 May 2022 18:02:41 GMT

GET
H/1.1 200
OK index.js Show response
www.checkpoint.com/wp-content/plugins/contact-form-7/includes/js/ 9 KB
4 KB 14ms
13ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 3457
Last-Modified: Wed, 18 May 2022 17:43:46 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "25f8-5df4ccc8f4cc9"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H/1.1 200
OK lazyload.min.js Show response
www.checkpoint.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
4 KB 15ms
15ms Script
application/javascript 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.checkpoint.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 2992
Last-Modified: Mon, 07 Feb 2022 16:37:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2063-5d770383d658b"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: application/javascript
Cache-Control: public, max-age=200000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 conv_v3.js Show response
cdn.b0e8.com/ 67 KB
22 KB 32ms
7ms Script
application/javascript 35.190.5.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.b0e8.com/conv_v3.js
Requested by: Host: www.checkpoint.com
URL: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.5.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.5.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 960d1f95f71be9bc4c13e06c200762c60cdc944d3289687f9d9faa6cf7b17506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 17:14:26 GMT
content-encoding: gzip
age: 2893
x-guploader-uploadid: ADPycdumRUR-CkOslO55DMPTQ54H_5L8cXpd4yCRxSZH3S7KVioY9N-nS14ZyPehOqOlwA3OmePdn71eq77oYyNDI1a_rA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21573
last-modified: Wed, 23 Mar 2022 23:53:55 GMT
server: UploadServer
etag: "0acedbfc86d9cc291bf807c3fe3ea666"
vary: Accept-Encoding
x-goog-hash: crc32c=lWvUnQ==, md5=Cs7b/IbZzCkb+AfD/j6mZg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1648079635204763
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 21573
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 25 May 2022 18:14:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 261 KB
76 KB 37ms
15ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

934244840bf2571c32d28290e52375b6a65ea5507ff7d2073c9223cebb4500a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77621
x-xss-protection: 0
expires: Wed, 25 May 2022 18:02:39 GMT

GET
H/1.1 200
OK bullet-prod.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 1 KB
2 KB 13ms
13ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/bullet-prod.png

Requested by

Host: www.checkpoint.com
URL: https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/cp-base.css?ver=3.59

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

b9d991f032b0f626a8b215af39aaae7ad4e1e262c9fad049b6f12a4fe7afb9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/css/cp-base.css?ver=3.59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "403-5dca5addabf0c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1027

GET
H/1.1 200
OK search.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
2 KB 23ms
14ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/search.png

Requested by

Host: www.checkpoint.com
URL: https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/tmp_files/css/cp_new_nav.css?ver=1.97

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

fb8acb6ca1149529e5e25600bfaaa2aa77a353369dd5c8f63869f63a42279db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/tmp_files/css/cp_new_nav.css?ver=1.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "67a-5dca5addaea04"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1658

GET
H/1.1 200
OK intl.png
www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/ 2 KB
3 KB 20ms
14ms Image
image/png 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/intl.png

Requested by

Host: www.checkpoint.com
URL: https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/tmp_files/css/cp_new_nav.css?ver=1.97

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

76911468519fda64950773694e032587649fe089cf454e1f4afa005cd191772c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/tmp_files/css/cp_new_nav.css?ver=1.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Thu, 14 Apr 2022 23:30:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "84e-5dca5addae61c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/png
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 2126

GET
H/1.1 200
OK top-banner-vulnerability-research-2000x660-very-dark.jpg
www.checkpoint.com/wp-content/uploads/ 85 KB
85 KB 32ms
29ms Image
image/jpeg 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/top-banner-vulnerability-research-2000x660-very-dark.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

f81f3e3a6ca2e84742c2be859f6c894f5d47b024ef63bb718c645d6b9daafefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Last-Modified: Mon, 18 Oct 2021 06:50:46 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "152cb-5ce9af6e8374c"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/jpeg
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 86731

GET
H/1.1 200
OK /
www.checkpoint.com/ransomware-hub/ 125 KB
125 KB 21ms
15ms Image
text/html 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:39 GMT
Content-Encoding: gzip
Server: Apache
Link: </?p=240730>; rel=shortlink
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Cache-Control: public, max-age=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 32672

GET
H/1.1 200
OK complete-ransomware-banner-2000x480px.jpg
www.checkpoint.com/wp-content/uploads/ 31 KB
32 KB 17ms
17ms Image
image/jpeg 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/complete-ransomware-banner-2000x480px.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

36f1424801454286bc6ac1c050b265153946788347127cc99886e2bbaf96f479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Last-Modified: Wed, 11 May 2022 22:26:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "7c55-5dec3ee9dbd90"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/jpeg
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 31829

GET
H/1.1 200
OK generic-girl-sunray-banner.jpg
www.checkpoint.com/wp-content/uploads/ 53 KB
54 KB 16ms
16ms Image
image/jpeg 2a02:26f0:3500:581::38f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkpoint.com/wp-content/uploads/generic-girl-sunray-banner.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:581::38f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

49ded3dad8a2610502801141b12e3bb5306cbd97ee8c9d03fb136f637329c0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Last-Modified: Wed, 11 May 2022 22:53:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "d5da-5dec4502c294d"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Access-Control-Allow-Methods: PUT, POST, GET, DELETE, OPTIONS
Content-Type: image/jpeg
Cache-Control: public, max-age=2500000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 54746

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 49ms
8ms Script
application/javascript 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEmtSVtwzlUUZfmUKo8H4EODRo60N2PC_68ZuLkh3TGtG-jjKohL1DJT23qmvpL6kunJ9d6xw=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 9715
Pragma: no-cache
Last-Modified: Thu, 05 May 2022 03:45:17 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6273484d-7b02"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 25 May 2022 18:02:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1674
date: Wed, 25 May 2022 17:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 19:34:46 GMT

GET
H2 200 brightedge3.php
a1.b0e8.com/ 35 B
226 B 41ms
17ms Image
image/gif 34.111.78.58
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a1.b0e8.com/brightedge3.php?id=f00000000165823&p_id=R88A4LRANPN4R6J8APPP82N4RAAAAAAAAH&bf=2d44afda590c9017234292a6b232b6fc&url=https%3A//www.checkpoint.com/ransomware-hub/%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&ref=https%3A//click.checkpoint.com/&bn=1&bv=3.44&title=Ransomware%20Hub%20-%20Check%20Point%20Software&metadesc=Get%20all%20the%20information%2C%20research%20and%20resources%20on%20the%20ransomware%20threat%20and%20how%20it%20evolved%20in%20the%20past%205%20years.&metakeywords=&s_id=888A4LRANPN4RNLNPNLP82N4RAAAAAAAAH
Requested by: Host: www.checkpoint.com
URL: https://www.checkpoint.com/ransomware-hub/?mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.78.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.78.111.34.bc.googleusercontent.com
Software: bws/1.0 /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-be-pop: BRU-1-301
date: Wed, 25 May 2022 18:02:35 GMT
via: 1.1 google
last-modified: Wed, 23 Jun 2021 22:46:15 GMT
server: bws/1.0
etag: "60d3b9b7-23"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-194688-3&cid=417218361.1653501760&jid=1540311488&gjid=1612696899&_gid=623492045.1653501760&_u=YGBAgEABAAAAAE~&z=814637590

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.checkpoint.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 18:02:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
6ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=436703824&t=pageview&_s=1&dl=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&dr=https%3A%2F%2Fclick.checkpoint.com%2F&ul=en-us&de=UTF-8&dt=Ransomware%20Hub%20-%20Check%20Point%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1540311488&gjid=1612696899&cid=417218361.1653501760&tid=UA-194688-3&_gid=623492045.1653501760&gtm=2wg5n05JCRGP&z=318485714

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 May 2022 18:24:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85097
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 63ms
43ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-194688-3&cid=417218361.1653501760&jid=1540311488&_u=YGBAgEABAAAAAE~&z=1790878324

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 76ms
46ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-194688-3&cid=417218361.1653501760&jid=1540311488&_u=YGBAgEABAAAAAE~&z=1790878324

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
702 B 57ms
13ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 18:02:41 GMT
X-Proxy-Origin: 217.64.151.6; 217.64.151.6; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 87e7a3cd-56a2-4ccf-8795-721b641ac2ca
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.checkpoint.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
374 B 50ms
7ms XHR
text/plain 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 12f810b36acfd6e72034189c13f6948d7f45a882aaa59d1b4f51a4111ae40c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.checkpoint.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H2 200 / Show response
ipv6.6sc.co/ 36 B
284 B 71ms
13ms XHR
text/html 2a02:26f0:3500:695::1c91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:695::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 492acd3291329d030fc9a8f9a4d167b7492eb1d09546d0cfd0297a5d1f6c5fe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:41 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.checkpoint.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:ac8:20:3b00:1011:63fc:f426:f452
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 36
expires: Wed, 25 May 2022 18:02:41 GMT

GET
H3 200 optimize.js Show response
www.googleoptimize.com/ 114 KB
42 KB 34ms
20ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-5L6CQT3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c06e50be9785b2ecca8f34578f99526923c2b7949f4940c1fa9d9f8e73e86cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42641
x-xss-protection: 0
expires: Wed, 25 May 2022 18:02:41 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 70ms
15ms Script
application/x-javascript 2a02:26f0:f7::5c7b:e019
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e019 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 662
Date: Wed, 25 May 2022 18:02:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
X-EdgeConnect-MidMile-RTT: 0
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=44704
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 48 KB
14 KB 59ms
12ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d217d238f3f2648014fb12906dca5366954ffa6256d160726190d9e0e9c8376a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:41 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2022 16:49:30 GMT
etag: "39dd6daafb219ee61305f13521c2d060+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 14051
x-served-by: cache-iad-kiad7000166-IAD, cache-muc13958-MUC

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 361ms
11ms Script
application/x-javascript 104.92.72.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEmtSVtwzlUUZfmUKo8H4EODRo60N2PC_68ZuLkh3TGtG-jjKohL1DJT23qmvpL6kunJ9d6xw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.72.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-72-193.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H/1.1 200
OK rtp.js Show response
abrtp1-cdn.marketo.com/rtp-api/v1/ 153 KB
42 KB 58ms
8ms Script
application/x-javascript 104.92.90.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEmtSVtwzlUUZfmUKo8H4EODRo60N2PC_68ZuLkh3TGtG-jjKohL1DJT23qmvpL6kunJ9d6xw=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.92.90.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-90-132.deploy.static.akamaitechnologies.com

Software

Jetty(7.3.1.v20110307) /

Resource Hash

54e5ce8f8dc92a2cd7ae4b18a9798583a8c6439ffab509b94a1f685a3293182e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 18:00:27 GMT
Server: Jetty(7.3.1.v20110307)
Date: Wed, 25 May 2022 18:02:41 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=75
Connection: keep-alive
Content-Length: 42695

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEmtSVtwzlUUZfmUKo8H4EODRo60N2PC_68ZuLkh3TGtG-jjKohL1DJT23qmvpL6kunJ9d6xw=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: d8VY5EsRQhqhsCVIBUkh1vsOqyjisNRhXgOcqm1F9lBpcW9kq3lqvvzDKYM35ciF+LPLUdZRUjZ2jl36Sx01yg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Wed, 25 May 2022 18:02:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 523 B
635 B 369ms
21ms Script
application/javascript 178.250.0.147
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=65583

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.147 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d72e8b84525600450e9837b01aec462c22797e4215e93c8b5a3ad74043c2b23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:41 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 423 B
408 B 25ms
11ms XHR
application/json 52.57.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.195.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-195-65.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e99a52151c294c42df9ab0df1048d2403af8d1cf94817c26c706c8d75d002743

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://www.checkpoint.com/
accept-language: de-DE,de;q=0.9
Authorization: Token 87c67a7c5a9e9b4dd1824f6727ed4e43fadadde4
EpsilonCookie: 2d58655f53420000406f8e62da0000000f070c00

Response headers

date: Wed, 25 May 2022 18:02:41 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.checkpoint.com
access-control-allow-credentials: true
content-length: 221

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 49ms
8ms Preflight 52.57.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.195.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-195-65.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,epsiloncookie
Access-Control-Request-Method: GET
Origin: https://www.checkpoint.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,epsiloncookie
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.checkpoint.com
access-control-max-age: 1800
date: Wed, 25 May 2022 18:02:41 GMT
server: nginx

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 231ms
201ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=2d58655f53420000406f8e62da0000000f070c00&session=cd66d8ba-86e6-4f34-876c-0e1298a2b556&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A40%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20all%20the%20information%2C%20research%20and%20resources%20on%20the%20ransomware%20threat%20and%20how%20it%20evolved%20in%20the%20past%205%20years.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Hub%20-%20Check%20Point%20Software%22%7D&cb=&r=https%3A%2F%2Fclick.checkpoint.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&pageViewId=2cb7992f-540d-43ac-83f5-3f19c0f8d9a1&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 1692853834349189 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 19ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1692853834349189?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f8ff336890ffb3e3eafcbe5f3f940b8e4d7c96fa0b7e1848e9585fffb504ce0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88773
x-xss-protection: 0
pragma: public
x-fb-debug: G33Q9iPn9VuufDzY18rtbWr2uniz+lbk1iOa1KZsaT9nRTiDU7WqQDSsIxPKzfh3KqsR4iYzh4OWX+BaIRcU9A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 18:02:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 trends.min.js Show response
assets.trendemon.com/tag/ 216 KB
42 KB 71ms
11ms Script
application/javascript 18.66.248.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/tag/trends.min.js
Requested by: Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEmtSVtwzlUUZfmUKo8H4EODRo60N2PC_68ZuLkh3TGtG-jjKohL1DJT23qmvpL6kunJ9d6xw=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-12.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ae30664ee32c3fa8cf563f0e54db8d4fac1fb5f3b97a1bff75628cc7291c640

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:53:48 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 08:14:34 GMT
server: AmazonS3
age: 79764
etag: "7cf39d12bc5c7984584f44d575ae1b65"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 42819
x-amz-cf-id: 2f10FuugCLc32xfqquUXb9sda5XQmfYiolme-9PdYVYXnhuXsmMJ1A==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 393ms
376ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=2d58655f53420000406f8e62da0000000f070c00&session=cd66d8ba-86e6-4f34-876c-0e1298a2b556&event=ipv6&q=%7B%22address%22%3A%222001%3Aac8%3A20%3A3b00%3A1011%3A63fc%3Af426%3Af452%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20all%20the%20information%2C%20research%20and%20resources%20on%20the%20ransomware%20threat%20and%20how%20it%20evolved%20in%20the%20past%205%20years.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Hub%20-%20Check%20Point%20Software%22%7D&cb=&r=https%3A%2F%2Fclick.checkpoint.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&pageViewId=2cb7992f-540d-43ac-83f5-3f19c0f8d9a1&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 402ms
117ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.12&p_id=Twitter&p_user_id=0&txn_id=nxi3o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=f5ba313d-64a2-414c-a537-cf584b05656d&tw_document_href=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time: 110
date: Wed, 25 May 2022 18:02:40 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 89b9b1ad0ce80ead250201a01347fddc327aeabeb8e25bcc2dbf83bdb7205b15
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
336 B 155ms
120ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.3.12&p_id=Twitter&p_user_id=0&txn_id=nxi3o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=f5ba313d-64a2-414c-a537-cf584b05656d&tw_document_href=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time: 112
date: Wed, 25 May 2022 18:02:40 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 415f4d17f3625612cbde0d7cbaf1d29502534151323ecc02a8bb26450129e81c
content-length: 43

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1653501761201&url=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75d...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D51830%26time%3D1653501761201%26url%3Dhttps%253A%252F%252Fwww.checkpoint.com%252Fr...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1653501761201&url=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75d...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1653501761201&url=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75...

0
265 B

211ms
189ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1653501761201&url=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&liSync=true&e_ipv6=AQLCtoySvHdoNAAAAYD8Ypi_BYm3ZKdaD7qPwYmEaqx27BO9rZcmaa-bcqsnvOj6eWhhTMQr91Kws7eV0izwGwTFsu2hIA
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:41 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0CBBE3058B764DA09827B162F69CDEB4 Ref B: FRAEDGE1421 Ref C: 2022-05-25T18:02:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXf2eEnqNmSpsLoV5XxZw==
x-li-fabric: prod-lor1

Redirect headers

date: Wed, 25 May 2022 18:02:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E4F29DAA893A4362A672BD6F9318C70B Ref B: FRAEDGE1512 Ref C: 2022-05-25T18:02:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1653501761201&url=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&liSync=true&e_ipv6=AQLCtoySvHdoNAAAAYD8Ypi_BYm3ZKdaD7qPwYmEaqx27BO9rZcmaa-bcqsnvOj6eWhhTMQr91Kws7eV0izwGwTFsu2hIA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXf2eEkd31xwtH7GGCPhw==

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/ 91 KB
33 KB 293ms
20ms Script
application/x-javascript 104.92.90.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.90.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-90-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2015 11:20:15 GMT
Server: AkamaiNetStorage
ETag: "3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 33467

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 22 KB
4 KB 282ms
9ms Stylesheet
text/css 104.92.90.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.90.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-90-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: AkamaiNetStorage
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3752

GET
H/1.1 200
OK trw Show response
abrtp1.marketo.com/gw1/ 0
435 B 599ms
96ms Script
application/x-javascript 192.28.144.84
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/trw?aid=checkpoint&ref=https%3A%2F%2Fclick.checkpoint.com%2F&trwv.uid=checkpoint-1653501761210-5c6cb25a&trwv.vc=1&trwsa.sid=checkpoint-1653501761212-57972b4b&trwsb.cpv=1&ctzo=-00:00&uri=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&pm=&viewedTypes=&rts=1653501761214

Requested by

Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.144.84 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Cache-Control: no-cache
Server: Jetty(7.3.1.v20110307)
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Content-Type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK ga-integration-2.0.4.js Show response
rtp-static.marketo.com/rtp/libs/ 17 KB
6 KB 238ms
10ms Script
application/x-javascript 104.92.90.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js
Requested by: Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.90.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-90-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 07:56:23 GMT
Server: AkamaiNetStorage
ETag: "cfd84ea6865e772828527b0485a0eb7e:1622706982.648039"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5540

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 134ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1692853834349189&ev=PageView&dl=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&rl=https%3A%2F%2Fclick.checkpoint.com%2F&if=false&ts=1653501761236&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653501761235.568757655&it=1653501761173&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 25 May 2022 18:02:41 GMT

GET
H2 200 2336 Show response
trackingapi.trendemon.com/api/settings/ 746 B
885 B 321ms
99ms Script
application/x-javascript 54.157.244.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/settings/2336?callback=jsonp921349&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.244.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-244-245.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 5fc263881942c97fd96f13e38c009bfdac9a88fd70c8430c6e649876ad1224fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:41 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 746
content-type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK msg Show response
abrtp1.marketo.com/gw1/ 0
494 B 363ms
96ms Script
text/javascript 192.28.144.84
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/msg?a=2&sid=checkpoint-1653501761212-57972b4b&aid=checkpoint&viewedTypes=&0.15354413509809817&rts=1653501761266

Requested by

Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.144.84 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 8ms
8ms Script
application/x-javascript 104.92.72.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.72.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-72-193.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Fri, 02 Sep 2022 18:02:41 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 41 KB
14 KB 43ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=65583

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:41 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 06:27:13 GMT
server: nginx
etag: W/"626a33c1-a5a0"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 26 May 2022 18:02:41 GMT

POST
H/1.1 200
OK visitWebPage
750-dqh-528.mktoresp.com/webevents/ 2 B
311 B 601ms
100ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://750-dqh-528.mktoresp.com/webevents/visitWebPage?_mchNc=1653501761509&_mchCn=&_mchId=750-DQH-528&_mchTk=_mch-checkpoint.com-1653501761508-27453&mkt_tok=NzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&_mchHo=www.checkpoint.com&_mchPo=&_mchRu=%2Fransomware-hub%2F&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fclick.checkpoint.com%2F&_mchQp=mkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:42 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: ac29caa9-7889-4ed2-bcb1-1477052d903b

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 126 KB
35 KB 13ms
13ms Script
application/x-javascript 104.92.90.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by: Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.90.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-90-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: AkamaiNetStorage
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 35484

GET
H/1.1 200
OK munchkinId Show response
abrtp1.marketo.com/gw1/put/ 3 B
422 B 356ms
98ms Script
text/json 192.28.144.84
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/put/munchkinId?aid=checkpoint&id=id%3A750-DQH-528%26token%3A_mch-checkpoint.com-1653501761508-27453

Requested by

Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.144.84 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Cache-Control: no-cache
Server: Jetty(7.3.1.v20110307)
Connection: close
Content-Length: 3
Strict-Transport-Security: max-age=63113904
Content-Type: text/json;charset=UTF-8

GET
H/1.1 200
OK visitor Show response
abrtp1.marketo.com/gw1/rtp/api/v1_1/ 634 B
999 B 386ms
98ms XHR
application/json 192.28.144.84
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/rtp/api/v1_1/visitor?sid=checkpoint-1653501761212-57972b4b&aid=checkpoint&1653501761552

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.144.84 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

886e3f30dbb7409564533a2a3b9ce7eec26f2d8c2c847b1c84c2a2159b9c7237

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 18:02:41 GMT
Content-Encoding: gzip
Last-Modified: Wed May 25 13:02:41 CDT 2022
Server: Jetty(7.3.1.v20110307)
Strict-Transport-Security: max-age=63113904
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.checkpoint.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sgm Show response
abrtp1.marketo.com/gw1/ga/ 271 B
724 B 385ms
97ms XHR
text/json 192.28.144.84
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/ga/sgm?sid=checkpoint-1653501761212-57972b4b&1653501761553

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.144.84 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

031aad3db44fe58046297e5951b04c3c0b2623eddec886b8be9742c8042f07e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Server: Jetty(7.3.1.v20110307)
Strict-Transport-Security: max-age=63113904
Content-Type: text/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 271

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9DB7 15 KB
6 KB 63ms
22ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.checkpoint.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.checkpoint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6123
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 18:02:41 GMT
server-processing-duration-in-ticks: 2538
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9DB7
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=checkpoint.com&sn=ChromeSyncframe&so=0&topUrl=www.checkpoint.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=qwfY6nxFR3BsMVdpZlpzVmx6RkVSL2Q4b1Z6WDV5b3BlVGdxNHBvT25oRVZ4QVljTGYyWGxGbE1IYTViM1p3VVMyb2R4U05BWjhJcnBId1lubHZJTWNOdGlDNDF0SjByOGtZaThYV0xWUFh0NFZKSTBOQWxHVVpXU3ZSUz...

430 B
639 B

214ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=qwfY6nxFR3BsMVdpZlpzVmx6RkVSL2Q4b1Z6WDV5b3BlVGdxNHBvT25oRVZ4QVljTGYyWGxGbE1IYTViM1p3VVMyb2R4U05BWjhJcnBId1lubHZJTWNOdGlDNDF0SjByOGtZaThYV0xWUFh0NFZKSTBOQWxHVVpXU3ZSUzAyWGdmYnRobStLN3Z5VWFnVG9QZG9BeGdseVhUV2RmenF1bkJUZTdNeHVqWlB2TWtGR0hodm43enZsRlVCV3lKMUtTQ3F0ZWlDV2lHMmlucE1kaGJVSGh1cm5CckNRb2FHVEV5S2JzbmQ0V1JHNVRzRVhYSks1K3JMeVl5T3pzVmZXMSs4ZlBHMENXTGNma1R4VHJMVENMSFIwYjJTNXJKU2lzdlRnVVdDYWJIR1JGWUl5QT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

df57e91df9c55b9cd4ab753defd0501172b07f2773b9956bf5b7c45905146520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:41 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5155
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:41 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=qwfY6nxFR3BsMVdpZlpzVmx6RkVSL2Q4b1Z6WDV5b3BlVGdxNHBvT25oRVZ4QVljTGYyWGxGbE1IYTViM1p3VVMyb2R4U05BWjhJcnBId1lubHZJTWNOdGlDNDF0SjByOGtZaThYV0xWUFh0NFZKSTBOQWxHVVpXU3ZSUzAyWGdmYnRobStLN3Z5VWFnVG9QZG9BeGdseVhUV2RmenF1bkJUZTdNeHVqWlB2TWtGR0hodm43enZsRlVCV3lKMUtTQ3F0ZWlDV2lHMmlucE1kaGJVSGh1cm5CckNRb2FHVEV5S2JzbmQ0V1JHNVRzRVhYSks1K3JMeVl5T3pzVmZXMSs4ZlBHMENXTGNma1R4VHJMVENMSFIwYjJTNXJKU2lzdlRnVVdDYWJIR1JGWUl5QT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1458
content-length: 567
expires: 0

GET
H2 200 identity.min.js Show response
assets.trendemon.com/global/ 17 KB
6 KB 9ms
9ms Script
application/javascript 18.66.248.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/global/identity.min.js
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-12.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 2a5818fde3ebf72d87983e461992e10484ac717b5ebb07c8735ed34fd13dc37c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 01:28:59 GMT
content-encoding: gzip
age: 60021
x-powered-by: Express
x-cache: Hit from cloudfront
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
trd-ts: 2022-05-19T01:22:08.421Z
last-modified: Tue, 26 Apr 2022 08:12:59 GMT
etag: W/"46f8-18064ee46f8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: cjj-uanEZ3SmSEn78Fkxc5TheFoG-QDLfIxuRAa0QYhc-6MA9pF2dg==

GET
H2 200 me Show response
trackingapi.trendemon.com/api/Identity/ 94 B
508 B 101ms
101ms Script
application/x-javascript 54.157.244.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/Identity/me?accountId=2336&DomainCookie=16535017617232514&fingerPrint=c4c9cdcce5af70317f67f3606a8747c7&callback=jsonp427114&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.244.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-244-245.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 4ec514520a1af2f30402164d9821139e1ccde80d741c91a5eb396a365663ac71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:41 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 94
content-type: application/x-javascript; charset=UTF-8

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1692853834349189&ev=Microdata&dl=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&rl=https%3A%2F%2Fclick.checkpoint.com%2F&if=false&ts=1653501761788&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ransomware%20Hub%20-%20Check%20Point%20Software%22%2C%22meta%3Adescription%22%3A%22Get%20all%20the%20information%2C%20research%20and%20resources%20on%20the%20ransomware%20threat%20and%20how%20it%20evolved%20in%20the%20past%205%20years.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Ransomware%20Hub%20-%20Check%20Point%20Software%22%2C%22og%3Adescription%22%3A%22Get%20all%20the%20information%2C%20research%20and%20resources%20on%20the%20ransomware%20threat%20and%20how%20it%20evolved%20in%20the%20past%205%20years.%22%2C%22og%3Aurl%22%3A%22%2Fransomware-hub%2F%22%2C%22og%3Asite_name%22%3A%22Check%20Point%20Software%22%2C%22article%3Amodified_time%22%3A%222022-05-12T17%3A09%3A06%2B00%3A00%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A1200%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A106%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWPHeader%22%7D%2C%7B%22dimensions%22%3A%7B%22h%22%3A682%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FWPFooter%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWebPage%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1653501761235.568757655&it=1653501761173&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 25 May 2022 18:02:41 GMT

GET
H/1.1 200
OK msg Show response
abrtp1.marketo.com/gw1/ 0
494 B 99ms
98ms Script
text/javascript 192.28.144.84
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/msg?a=2&sid=checkpoint-1653501761212-57972b4b&aid=checkpoint&ma=id%3A750-DQH-528%26token%3A_mch-checkpoint.com-1653501761508-27453&viewedTypes=&0.3799258825820335&rts=1653501761815

Requested by

Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=checkpoint

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.144.84 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:41 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=65583&v=5.10.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.checkpoint.com&p1=e%3Dvp%26p%3DHarmony&p2=e%3Ddis&adce=1&bundle=Df81YV9wNm9FT2Vsd1VJ...
https://widget.us.criteo.com/event?a=65583&v=5.10.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.checkpoint.com&p1=e%3Dvp%26p%3DHarmony&p2=e%3Ddis&adce=1&bundle=Df81YV9wNm9FT2Vsd1VJ...

9 KB
9 KB

382ms
175ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=65583&v=5.10.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.checkpoint.com&p1=e%3Dvp%26p%3DHarmony&p2=e%3Ddis&adce=1&bundle=Df81YV9wNm9FT2Vsd1VJYVg2NkVBYzZ5b1FnMmg1UzR6QnpTN0Q5c25YMjNXZEJ1UGtRUnp6RW9zMFJPTk95aEVKbHVUU1d3Y3Q5VVBLJTJCN1k4VWhFempNZVd3d3JvNzlrQjFYdHRVYk9KWXhDUEIxQUElMkYxZiUyQkFaZTAlMkZXRSUyQm44U0Y4bWlLNThSTFhjU1plJTJGa2hpOTZIYUlWRnclM0QlM0Q&tld=checkpoint.com&dy=1&fu=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&dtycbr=34465

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3036c475db3d283cc40091d6d5c2548f8ff0dfb54ec7ed2604415c25d9fb9aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:41 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 79071341
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:41 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=65583&v=5.10.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.checkpoint.com&p1=e%3Dvp%26p%3DHarmony&p2=e%3Ddis&adce=1&bundle=Df81YV9wNm9FT2Vsd1VJYVg2NkVBYzZ5b1FnMmg1UzR6QnpTN0Q5c25YMjNXZEJ1UGtRUnp6RW9zMFJPTk95aEVKbHVUU1d3Y3Q5VVBLJTJCN1k4VWhFempNZVd3d3JvNzlrQjFYdHRVYk9KWXhDUEIxQUElMkYxZiUyQkFaZTAlMkZXRSUyQm44U0Y4bWlLNThSTFhjU1plJTJGa2hpOTZIYUlWRnclM0QlM0Q&tld=checkpoint.com&dy=1&fu=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&dtycbr=34465
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2709387
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 marketingautomation Show response
trackingapi.trendemon.com/api/ 94 B
231 B 100ms
100ms Script
application/x-javascript 54.157.244.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/marketingautomation?AccountId=2336&ClientUrl=aHR0cHM6Ly93d3cuY2hlY2twb2ludC5jb20vcmFuc29td2FyZS1odWIvP21rdF90b2s9TnpVd0xVUlJTQzAxTWpnQUFBR0VtdFNWdDFac0hTWVVLTk8yQUZpWjRueldNZTg2eDc1ZGEwOTJUUVVZQ2hRckdfRFhPZGFURlFPWTNZWkRBNHotek5JVk9MVHJRQzRTajdPdTVtSG1ERHZWb2toVWR4YXRmUjY5U2xLWlowUkFvTG5B&CookieId=16535017617232514&MaCookie=aWQ6NzUwLURRSC01MjgmdG9rZW46X21jaC1jaGVja3BvaW50LmNvbS0xNjUzNTAxNzYxNTA4LTI3NDUz&MaCookieName=X21rdG9fdHJr&MaName=marketo&callback=jsonp346438&vid=2336:16527711083794484
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.244.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-244-245.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 3580a7e0b1176f1b1e4b56d53c9afa16a6216a9a55a3d7137724fef483ddf57c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:41 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 94
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 personal Show response
trackingapi.trendemon.com/api/experience/ 14 B
113 B 102ms
101ms Script
application/x-javascript 54.157.244.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal?AccountId=2336&ClientUrl=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&MarketingAutomationCookie=id%3A750-DQH-528%26token%3A_mch-checkpoint.com-1653501761508-27453&ExcludeUnitsJson=%5B%5D&callback=jsonp75394&vid=2336:16527711083794484
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.244.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-244-245.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 8f6426256e7864999367d58f29d48b363405351b79870cea9bfbcf72804db30c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:41 GMT
server: Kestrel
content-length: 14
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 pageview
trackingapi.trendemon.com/api/events/ 43 B
234 B 107ms
106ms Image
image/gif 54.157.244.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/pageview?accountId=2336&url=aHR0cHM6Ly93d3cuY2hlY2twb2ludC5jb20vcmFuc29td2FyZS1odWIvP21rdF90b2s9TnpVd0xVUlJTQzAxTWpnQUFBR0VtdFNWdDFac0hTWVVLTk8yQUZpWjRueldNZTg2eDc1ZGEwOTJUUVVZQ2hRckdfRFhPZGFURlFPWTNZWkRBNHotek5JVk9MVHJRQzRTajdPdTVtSG1ERHZWb2toVWR4YXRmUjY5U2xLWlowUkFvTG5B&cookie=16535017617232514&referral=aHR0cHM6Ly9jbGljay5jaGVja3BvaW50LmNvbS8%3D&vid=2336:16527711083794484&r=1653501761894
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.244.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-244-245.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:41 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 multiple
trackingapi.trendemon.com/api/events/client-app/ 43 B
234 B 100ms
99ms Image
image/gif 54.157.244.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/client-app/multiple?accountId=2336&url=aHR0cHM6Ly93d3cuY2hlY2twb2ludC5jb20vcmFuc29td2FyZS1odWIvP21rdF90b2s9TnpVd0xVUlJTQzAxTWpnQUFBR0VtdFNWdDFac0hTWVVLTk8yQUZpWjRueldNZTg2eDc1ZGEwOTJUUVVZQ2hRckdfRFhPZGFURlFPWTNZWkRBNHotek5JVk9MVHJRQzRTajdPdTVtSG1ERHZWb2toVWR4YXRmUjY5U2xLWlowUkFvTG5B&app=sixsense&names=%5B%5D&vid=2336:16527711083794484&r=1653501761924
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.244.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-244-245.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:41 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 215ms
214ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=2d58655f53420000406f8e62da0000000f070c00&session=cd66d8ba-86e6-4f34-876c-0e1298a2b556&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A42%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A40%20GMT%22%2C%22timeSpent%22%3A%221880%22%2C%22totalTimeSpent%22%3A%221880%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20all%20the%20information%2C%20research%20and%20resources%20on%20the%20ransomware%20threat%20and%20how%20it%20evolved%20in%20the%20past%205%20years.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Hub%20-%20Check%20Point%20Software%22%7D&cb=&r=https%3A%2F%2Fclick.checkpoint.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&pageViewId=2cb7992f-540d-43ac-83f5-3f19c0f8d9a1&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:42 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 58A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-y4Tk11IM1_qDTR6ZbNc1zMTDOdTOn1gSiN7VOw&google_cm&google_hm=ay15NFRrMTFJTTFfcURUUjZaYk5jMXpNVERPZFRPbjFnU...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-y4Tk11IM1_qDTR6ZbNc1zMTDOdTOn1gSiN7VOw&google_cm=&google_hm=ay15NFRrMTFJTTFfcURUUjZaYk5jMXpNVERPZFRPbjF...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-y4Tk11IM1_qDTR6ZbNc1zMTDOdTOn1gSiN7VOw&google_gid=CAESEHGR2PkF-PpmsHdi-YTNvmQ&google_cver=1&google_ula=913071,0

43 B
371 B

71ms
15ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-y4Tk11IM1_qDTR6ZbNc1zMTDOdTOn1gSiN7VOw&google_gid=CAESEHGR2PkF-PpmsHdi-YTNvmQ&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:41 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1166662
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-y4Tk11IM1_qDTR6ZbNc1zMTDOdTOn1gSiN7VOw&google_gid=CAESEHGR2PkF-PpmsHdi-YTNvmQ&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame 58A3
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=_HWjDGUE7wc2Ix6c3uqqc8WPKsG6Nwx_

42 B
178 B

19ms
16ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=_HWjDGUE7wc2Ix6c3uqqc8WPKsG6Nwx_
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 18:02:42 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=_HWjDGUE7wc2Ix6c3uqqc8WPKsG6Nwx_
date: Wed, 25 May 2022 18:02:42 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2607
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame 58A3 0
232 B 131ms
30ms Image
text/html 3.251.15.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-y4Tk11IM1_qDTR6ZbNc1zMTDOdTOn1gSiN7VOw&custom=&tag_format=img&tag_action=sync&custom=&cb=9a5fd0ae-8dce-416c-8aee-e282be44d611
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.15.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-15-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 18:02:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame 58A3 42 B
451 B 42ms
16ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-y4Tk11IM1_qDTR6ZbNc1zMTDOdTOn1gSiN7VOw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 18:02:42 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 aacxc.php
c.aaxads.com/ Frame 58A3 234 B
234 B 59ms
14ms Image
text/html 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/aacxc.php?fv=3&wbsh=crx&ryvlg=k-y4Tk11IM1_qDTR6ZbNc1zMTDOdTOn1gSiN7VOw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=604800
cache-control: max-age=1891144
server: Apache
date: Wed, 25 May 2022 18:02:42 GMT
content-length: 234
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 58A3 0
194 B 51ms
13ms Image
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:42 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 58A3 43 B
633 B 123ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:42 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 25 May 2022 18:02:42 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 58A3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-eztFNlIM1_qDTR6ZbNc1zMTDOdSfzvJEdiinuw
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-eztFNlIM1_qDTR6ZbNc1zMTDOdSfzvJEdiinuw&verify=true

0
121 B

11ms
11ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-eztFNlIM1_qDTR6ZbNc1zMTDOdSfzvJEdiinuw&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:42 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-eztFNlIM1_qDTR6ZbNc1zMTDOdSfzvJEdiinuw&verify=true
date: Wed, 25 May 2022 18:02:42 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 58A3 0
476 B 375ms
87ms Image
text/plain 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-WhKIslIM1_qDTR6ZbNc1zMTDOdSqsGPkWOHWEg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:42 GMT
Cache-Control: no-cache
X-TraceId: adebd3e500483331828b059dd428378b
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame 58A3 0
427 B 240ms
141ms Image
text/plain 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-MZt0X1IM1_qDTR6ZbNc1zMTDOdSkj1sAllFo3g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:42 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 25 May 2022 18:02:42 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 58A3 0
239 B 81ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-MZt0X1IM1_qDTR6ZbNc1zMTDOdSkj1sAllFo3g&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 58A3
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-Qok9OVIM1_qDTR6ZbNc1zMTDOdRhguvc2aixUg&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Qok9OVIM1_qDTR6ZbNc1zMTDOdRhguvc2aixUg%26seg%3D95287

43 B
1 KB

60ms
60ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Qok9OVIM1_qDTR6ZbNc1zMTDOdRhguvc2aixUg%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 18:02:42 GMT
X-Proxy-Origin: 217.64.151.6; 217.64.151.6; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d944b9d5-44ae-466e-bcd5-08bc25381db3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 18:02:42 GMT
X-Proxy-Origin: 217.64.151.6; 217.64.151.6; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4b254336-b2de-4338-a437-9792d0ee9b01
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Qok9OVIM1_qDTR6ZbNc1zMTDOdRhguvc2aixUg%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 58A3
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5326292364535777723

43 B
370 B

15ms
15ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5326292364535777723

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:41 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1991209
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 18:02:42 GMT
X-Proxy-Origin: 217.64.151.6; 217.64.151.6; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 202aacbc-6ff4-470e-99b2-839b967533c2
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5326292364535777723
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 58A3 42 B
585 B 905ms
19ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Jz99XFIM1_qDTR6ZbNc1zMTDOdRYzMYuakI_RA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 xuid
eb2.3lift.com/ Frame 58A3 37 B
140 B 58ms
10ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-t8_COlIM1_qDTR6ZbNc1zMTDOdSKRhXns-Rtmw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cksync.php
contextual.media.net/ Frame 58A3 45 B
785 B 202ms
134ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-QafU_lIM1_qDTR6ZbNc1zMTDOdQJ3h4JDruzlQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Wed, 25 May 2022 18:02:42 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 25 May 2022 18:02:42 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 58A3
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OvcqLlIM1_qDTR6ZbNc1zMTDOdS8y9dLAhXiKg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OvcqLlIM1_qDTR6ZbNc1zMTDOdS8y9dLAhXiKg&C=1

43 B
1 KB

26ms
23ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OvcqLlIM1_qDTR6ZbNc1zMTDOdS8y9dLAhXiKg&C=1
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 18:02:42 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 18:02:42 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 18:02:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OvcqLlIM1_qDTR6ZbNc1zMTDOdS8y9dLAhXiKg&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Wed, 25 May 2022 18:02:42 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 58A3 0
238 B 42ms
10ms Image
text/plain 2600:9000:224a:8a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-lHg9Y1IM1_qDTR6ZbNc1zMTDOdQAMvYyo7sR0w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:8a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:42 GMT
via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 6cJtL9yFTMflke2oSZtl9hrygq0oVfsMt0An0T_HoGgfE268Gv0kIA==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 58A3
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-e_qYAVIM1_qDTR6ZbNc1zMTDOdTEEeiGt3nhkQ&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e_qYAVIM1_qDTR6ZbNc1zMTDOdTEEeiGt3nhkQ&expires=30&user_group=5

43 B
510 B

112ms
112ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e_qYAVIM1_qDTR6ZbNc1zMTDOdTEEeiGt3nhkQ&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e_qYAVIM1_qDTR6ZbNc1zMTDOdTEEeiGt3nhkQ&expires=30&user_group=5
Date: Wed, 25 May 2022 18:02:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 58A3 35 B
336 B 121ms
35ms Image
image/gif 54.77.142.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-32q3ClIM1_qDTR6ZbNc1zMTDOdT1DEtgThKIww
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.142.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-142-93.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:42 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame 58A3 23 B
172 B 95ms
33ms Image
image/gif 104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-scmHUlIM1_qDTR6ZbNc1zMTDOdT5MVQJmx5uBQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:42 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 25 May 2022 18:02:42 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 58A3 0
99 B 230ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-RUuL01IM1_qDTR6ZbNc1zMTDOdQgOBxpvq6mfA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13109

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 58A3 43 B
163 B 117ms
24ms Image
image/gif 185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-ielR6VIM1_qDTR6ZbNc1zMTDOdQSTe-XGesDmw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:42 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 58A3 68 B
262 B 58ms
7ms Image
image/png 18.198.74.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-YbcMxlIM1_qDTR6ZbNc1zMTDOdT8CMHSnSn7CQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.74.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-74-136.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:42 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 58A3
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-dXIrPVIM1_qDTR6ZbNc1zMTDOdS7rmIZVKsRZw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-dXIrPVIM1_qDTR6ZbNc1zMTDOdS7rmIZVKsRZw

43 B
446 B

33ms
32ms

Image
image/gif

54.155.185.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-dXIrPVIM1_qDTR6ZbNc1zMTDOdS7rmIZVKsRZw
Protocol: H2
Server: 54.155.185.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-185-156.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 18:02:43 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-dXIrPVIM1_qDTR6ZbNc1zMTDOdS7rmIZVKsRZw
date: Wed, 25 May 2022 18:02:43 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 58A3
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eM1mWFIM1_qDTR6ZbNc1zMTDOdRKpadtB9miFQ
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eM1mWFIM1_qDTR6ZbNc1zMTDOdRKpadtB9miFQ&_li_chk=true&previous_uuid=7619661fd3ac4179a38b23ca8e4ad6f0
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eM1mWFIM1_qDTR6ZbNc1zMTDOdRKpadtB9miFQ

43 B
419 B

287ms
93ms

Image
image/gif

2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eM1mWFIM1_qDTR6ZbNc1zMTDOdRKpadtB9miFQ

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:43 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eM1mWFIM1_qDTR6ZbNc1zMTDOdRKpadtB9miFQ
Date: Wed, 25 May 2022 18:02:42 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 58A3 43 B
428 B 310ms
98ms Image
image/gif 35.169.111.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-nsmgJVIM1_qDTR6ZbNc1zMTDOdTcyBE9-cPq8g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.111.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-111-138.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:43 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 58A3 43 B
183 B 317ms
93ms Image
image/gif 2600:1f18:612b:4200:ada2:2974:cd33:9395
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-OWyefVIM1_qDTR6ZbNc1zMTDOdRhKnXxY5t1PQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:ada2:2974:cd33:9395 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:02:43 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame 58A3
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-eGThtFIM1_qDTR6ZbNc1zMTDOdSjLPVO_jmrRg&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

165ms
7ms

Image
image/gif

2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:43 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1653501763.dop150.fr8.t,1653501763.cds242.fr8.shn,1653501763.cds242.fr8.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 18:02:42 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1653501762923012-540
Expires: Wed, 25 May 2022 18:02:42 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 58A3
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5326292364535777723

43 B
370 B

15ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5326292364535777723

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 18:02:42 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1339294
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 18:02:42 GMT
X-Proxy-Origin: 217.64.151.6; 217.64.151.6; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 561385d4-4a47-438d-8c9e-7170d34ccfa5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5326292364535777723
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 197ms
197ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=2d58655f53420000406f8e62da0000000f070c00&session=cd66d8ba-86e6-4f34-876c-0e1298a2b556&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A43%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A42%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222882%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20all%20the%20information%2C%20research%20and%20resources%20on%20the%20ransomware%20threat%20and%20how%20it%20evolved%20in%20the%20past%205%20years.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Hub%20-%20Check%20Point%20Software%22%7D&cb=&r=https%3A%2F%2Fclick.checkpoint.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&pageViewId=2cb7992f-540d-43ac-83f5-3f19c0f8d9a1&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:43 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 185ms
185ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=2d58655f53420000406f8e62da0000000f070c00&session=cd66d8ba-86e6-4f34-876c-0e1298a2b556&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A44%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A43%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223884%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20all%20the%20information%2C%20research%20and%20resources%20on%20the%20ransomware%20threat%20and%20how%20it%20evolved%20in%20the%20past%205%20years.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Hub%20-%20Check%20Point%20Software%22%7D&cb=&r=https%3A%2F%2Fclick.checkpoint.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&pageViewId=2cb7992f-540d-43ac-83f5-3f19c0f8d9a1&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:44 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 417ms
417ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=2d58655f53420000406f8e62da0000000f070c00&session=cd66d8ba-86e6-4f34-876c-0e1298a2b556&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A45%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A44%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224885%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20all%20the%20information%2C%20research%20and%20resources%20on%20the%20ransomware%20threat%20and%20how%20it%20evolved%20in%20the%20past%205%20years.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Hub%20-%20Check%20Point%20Software%22%7D&cb=&r=https%3A%2F%2Fclick.checkpoint.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&pageViewId=2cb7992f-540d-43ac-83f5-3f19c0f8d9a1&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:45 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 319ms
319ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=2d58655f53420000406f8e62da0000000f070c00&session=cd66d8ba-86e6-4f34-876c-0e1298a2b556&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A46%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A45%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225886%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20all%20the%20information%2C%20research%20and%20resources%20on%20the%20ransomware%20threat%20and%20how%20it%20evolved%20in%20the%20past%205%20years.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Hub%20-%20Check%20Point%20Software%22%7D&cb=&r=https%3A%2F%2Fclick.checkpoint.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&pageViewId=2cb7992f-540d-43ac-83f5-3f19c0f8d9a1&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:46 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 wxbvs5zxy7iy.js Show response
js.driftt.com/include/1653501900000/ 230 KB
66 KB 196ms
127ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1653501900000/wxbvs5zxy7iy.js

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEmtSVtwzlUUZfmUKo8H4EODRo60N2PC_68ZuLkh3TGtG-jjKohL1DJT23qmvpL6kunJ9d6xw=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1c50edaeddd7ab7edd65f1afa7a6a50344444ba2dc30a3acaf4108dba45f9a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: moGcpK1.o51Pjwm_aZwe4n1P.xlCYfuH
content-encoding: gzip
etag: W/"8c1f4472b937a197ff43ca59aaa6ef40"
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 18:37:57 GMT
server: nginx
date: Wed, 25 May 2022 18:02:46 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0ElZOkpX1TPZC-eUjkPN9b5B3BxWhtSV9r4NTS_6NUiIl7WD4wNiVg==

GET
H2 200 core Show response
js.driftt.com/ Frame B705 2 KB
1 KB 119ms
119ms Document
text/html 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1653501900000/wxbvs5zxy7iy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

bf942312193ba098f5fc8278e57109d4f338d400c3dbb202d93f8ebef2815ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.checkpoint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 18:02:46 GMT
etag: W/"c5cc57446c6edb7be259f5a4ab764fe9"
last-modified: Tue, 24 May 2022 18:37:40 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-id: a5dDhzRBWs5uM6g2u_FSVu8u_AUA59mjZt6eL5ckt2YKGHsXpMv6tg==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: S6c.gJrO9DnuwacTy8e5ygVGr5qL0FQc
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 3A42 2 KB
1 KB 110ms
110ms Document
text/html 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1653501900000/wxbvs5zxy7iy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

bf942312193ba098f5fc8278e57109d4f338d400c3dbb202d93f8ebef2815ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.checkpoint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 18:02:46 GMT
etag: W/"c5cc57446c6edb7be259f5a4ab764fe9"
last-modified: Tue, 24 May 2022 18:37:40 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-id: rq2ajbRlcL15SnCc9EI8SRnK8P1SwumFx7DnnQn-4tFnn2463Pt8EA==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: S6c.gJrO9DnuwacTy8e5ygVGr5qL0FQc
x-cache: RefreshHit from cloudfront

GET
H2 200 runtime~main.56de3028.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 6 KB
3 KB 7ms
7ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fa13488c9b73ba13025d70340a5b217bf283b0287fe26ec639e199aa5354a034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:37:39 GMT
content-encoding: gzip
age: 84308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 18:26:20 GMT
server: nginx
etag: W/"c9f879fed0dfb2c4aa2179531702d502"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oP.rHtSPpLjoOFTGdvIM9rDFSYBUJPCT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: B3iD4jhb3x2858IWPH9gDF7oeoo0Tz9FLWdSZU3bXo5G8BXhx_SRqw==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 58 KB
20 KB 8ms
7ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:23:24 GMT
content-encoding: gzip
age: 2828363
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: maOqxpaNnzt0tyNj0PV8pU.OmUMXI5V_
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _CrSfqk5NxxmsdMNcXWE6ZAT2SImkOoGJ0Ed9hOww4BeC_wQmncEGA==

GET
H2 200 main~493df0b3.e4b52ccf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 6 KB
3 KB 9ms
8ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e4b52ccf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:08 GMT
server: nginx
etag: W/"69362f73a04491df20548a6acabbd746"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2zxmXJCeUVcrAdxDs6oDiJa7iJ7fH8N.
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hc4DVFzcEbPoT0sWQsIxS-yjS-2i7awQLldxJ56TYLEbh1FoPW3hiA==

GET
H2 200 runtime~main.56de3028.js Show response
js.driftt.com/core/assets/js/ Frame B705 6 KB
3 KB 7ms
7ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fa13488c9b73ba13025d70340a5b217bf283b0287fe26ec639e199aa5354a034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:37:39 GMT
content-encoding: gzip
age: 84308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 18:26:20 GMT
server: nginx
etag: W/"c9f879fed0dfb2c4aa2179531702d502"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oP.rHtSPpLjoOFTGdvIM9rDFSYBUJPCT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pDBRBzcFan3r_DA7TZd-sERJJHv8CbDMLk_PtnwVQQq1dd-IykIwgw==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 58 KB
20 KB 8ms
7ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:23:24 GMT
content-encoding: gzip
age: 2828363
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: maOqxpaNnzt0tyNj0PV8pU.OmUMXI5V_
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XptfqQmdaPBtS38olpN1MMFmZjuXEsYtTsHEh0EP4X02dr0KPrp0sA==

GET
H2 200 main~493df0b3.e4b52ccf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 6 KB
3 KB 8ms
8ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e4b52ccf.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:08 GMT
server: nginx
etag: W/"69362f73a04491df20548a6acabbd746"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2zxmXJCeUVcrAdxDs6oDiJa7iJ7fH8N.
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gU_0NJLMFRaHGfIrLlcDBJiDyjdaCegRRsUVcqnjQKPaZdfO7w3gLw==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 47 KB
14 KB 7ms
7ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 3870793
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B5nQx62kfGixFNs6i7158XuE6Q0q4UA8
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V9nxNYbM54ApNOJ3SZamG8_wqLRahXGuxeLjRBsb8iEorTOJHx7e6Q==

GET
H2 200 19.c2c4ec2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 44 KB
13 KB 8ms
7ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c2c4ec2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:26 GMT
content-encoding: gzip
age: 2575641
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"ca27a219f5babe50f6eb7c982fa61d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GP6AWJ95Oeeek71gysVMlYSExP067DB1
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8Hw4_CZJzeGssjv6yDIuOMfH4BE1Pc7EzaPja_D8F2wl7ej8KCe0Ug==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 25 KB
8 KB 8ms
8ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 4377353
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:20 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vKbfuupFATroRl3aNDGfs3ThogQLzb9z
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b2biqz-4Regahn_vOx5XJAAe7OnHt7P8eOFAKWGYkmtU5DdqsqUeKw==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 16 KB
5 KB 9ms
8ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 12190145
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GqWPuZpDzbZ9Y5PuBulRkdgftgYA9KuQQKxMtAzYfc_k647eEPI36w==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 72 KB
22 KB 9ms
9ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 4377353
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ilpiiyhlyh6s3iuNf.37uZlW5ugPpx91
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sVTz5SsmWrC3oMkRnYzXebmOCU6XeTpfLJwpm_6EHlu3nfbYHtw2uA==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 16 KB
6 KB 10ms
9ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5047121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:36 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: lKdT83hFk6oc4yzwjkCPtmRufEzn_1y9
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q0AEq3r8OAh_7L5Lx-y8EaqeCIUYu1e1xtSk_4uLQRlKXEZptzo7AA==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 59 KB
19 KB 10ms
10ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 3472657
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6QFFV552d_qyZ9pcsgZNY8fkBisjodK4
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SLOWPxYz23pAKnBI5or4Mzu4w5aeLjx7Df67_LloIBaoD7vYj78otw==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 91 KB
28 KB 12ms
12ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5047121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:35 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IO06C9jhzvCi9VImuydD04sGtIPTZ6T.
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 379tutQ6rjsOEsOx1qJIbbFgFSpxF-PC0V0IWxRMecYFwZ0Bvsmqiw==

GET
H2 200 10.b73b895d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 23 KB
7 KB 13ms
12ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.b73b895d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 17:56:16 GMT
content-encoding: gzip
age: 1123591
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 17:28:59 GMT
server: nginx
etag: W/"5c6cb58ced9f55b696578307366a68ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 42s0ZS8AeOMe_PH.Rce3w4xkhbhmKcpn
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NPDhqf42wJmObVaDoNNxSZdAMFXbSvLnRD5k29c1R6OgAvQM7LUvtA==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 62 KB
20 KB 16ms
16ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 12190146
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Wq-jlKIdmbmMoGcngt4WGRaARw13SqaiSg_xL16WPMKwMrA35itPdg==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 105 KB
34 KB 17ms
16ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 3870793
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mxBFWZx1wZ1xN.1nj_wZKtLvuDeu4lk_
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZQpFwm-6rVpPfgAzKqom9eAH6ag4pi9YzZpqVAWDu5EuRyhyL5AesA==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 12 KB
4 KB 18ms
18ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 4391421
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:20 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0Zui0kJ5MSbHpImulx8UM9hDRN0gPHQk
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7IH4XD6BVglgcCM2n0TcIowZu6S06PnY6J8-hCp8_22Gh8HpyjUZRg==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 12 KB
5 KB 19ms
19ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 3472657
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Kb9jiolYAspdT0T2FEuoVylYgxdOCuEs
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5VRWdfjprpliNlZ8JycqcHHUvAZQ5vND-N0Y0sKee7qWtuUE9J3lwA==

GET
H2 200 18.3ca2a055.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 17 KB
7 KB 19ms
19ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.3ca2a055.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"4cfccba39f0ab35f70bc772f1d0eb4c2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AOsH7T1Yo.NhD3RTtLUBAEdTLdlQFzkv
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _1Psk68ZbZ_yiQdqxBipP9dAlkcxJHa1I2p5mIVcLHnpDAOQkQ4WIg==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 3A42 11 KB
3 KB 19ms
19ms Stylesheet
text/css 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5047121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8ZsEKgx7NBbOWsOo7y482B7LIK3_mShC
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MfNMFrIjxcFX9w-nkYwBPoJmlncSRC2XrsQwZ4wmxuXGQiFIqaniiQ==

GET
H2 200 8.8e3b3a7f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 71 KB
22 KB 19ms
19ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.8e3b3a7f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ca7362fcc0e9111db58886105f1f991c5090eeed7b08e2892612704f3be1c4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:07 GMT
server: nginx
etag: W/"45dc590878796b9b88476ebcc9b9d3b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OmX6mBr67Bd69RMnY4ee.6RCkJcoZI8v
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CUgjz2ZKZvdHOJsOzhSF4OLU2dlmKGLwTYvCwKGM12-jzezZyb9DqA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 3A42 24 B
666 B 21ms
21ms Stylesheet
text/css 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
age: 12190146
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3uJ1VG5-HXlV7otpBmmH5DmzBAizMqNe9Sdxz3x0QexvrWujYJI3pQ==

GET
H2 200 15.b05dc660.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 78 KB
20 KB 21ms
21ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.b05dc660.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

6da17efdd329929b537064639b37368da51734209944097eaebd4ab6e2acd3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:05 GMT
server: nginx
etag: W/"a58ddbf68856497e42c8020066e03bae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LENnMtbvszMAu5pFIofHC0pAI3btFnLS
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QRdP3AqVNcGGb3InbGO6RnK_iNPoJIkeh7uSaoFpJYpMAKhcWzorKg==

GET
H2 200 22.60abd8a0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 47 KB
13 KB 23ms
23ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.60abd8a0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

3bb9514ceb027af58b76354d0fcf9f53eb457263d0a3fe4b4a4bd0a316f6eefe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"285512dbd5a26d7c7928dbb0c2be7b44"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5LiOvAGy9icMMpwC4P8ASiCnJMXQGSFn
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lLHnE04oL-CvHyoK8oXQ8B6BtK0xZUo0efNy2rGf2vjbkl-q85hikA==

GET
H2 200 13.243fc5bc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 40 KB
13 KB 24ms
24ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.243fc5bc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

55fb68243c9520bf2bffd5ea09e103c9ed3627f2ccf4a097518e2227d00ed453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:37:40 GMT
content-encoding: gzip
age: 84307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 18:26:17 GMT
server: nginx
etag: W/"9b71f6ea4adab29da59549f4ecfc67ba"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: arck4mGVURGvcibtQLCrC4zg7336hS_N
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: esPkYFI5WCL0rQchE3hF1Rdts-bYD-Pwx3habCWgERQY7GaLQyC_Xg==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 47 KB
14 KB 17ms
4ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 3870793
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B5nQx62kfGixFNs6i7158XuE6Q0q4UA8
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lpJHJf43RpsK8jTGFZI5qQ1r9-XXDniBpLdcdIsjb7EZDY4EK63Lhw==

GET
H2 200 19.c2c4ec2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 44 KB
13 KB 20ms
7ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c2c4ec2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:26 GMT
content-encoding: gzip
age: 2575641
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"ca27a219f5babe50f6eb7c982fa61d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GP6AWJ95Oeeek71gysVMlYSExP067DB1
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XDfin_kGIRdk29m6BEBvk_zMMUd_M2en9XaB6NZDmKHZ1eJ6ZxDyIA==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 25 KB
8 KB 21ms
8ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 4377353
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:20 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vKbfuupFATroRl3aNDGfs3ThogQLzb9z
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oe0JsSuJexbVMKCz2-En2hCn-ZTfbGqovLV3zGsN76Mkhto4W-kD-w==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 16 KB
5 KB 21ms
9ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 12190145
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5aRzb0axu5PLsJ6wDMa7-x92ROzq3uysH5kkjPaki83kYKBaH_RE4g==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 72 KB
22 KB 21ms
9ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 4377353
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ilpiiyhlyh6s3iuNf.37uZlW5ugPpx91
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Mr1hSIMcNPi1-4MzHFAvS7TYuGTG1x5BkmGVGbTzLSK7qhS7QN9yiA==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 16 KB
6 KB 22ms
10ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5047121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:36 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: lKdT83hFk6oc4yzwjkCPtmRufEzn_1y9
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 32jcxfwfMO6EkJmJxHmhkAtbNz63UqN8jL4MU-21StLDZ7qKlUqBtQ==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 59 KB
19 KB 23ms
11ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 3472657
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6QFFV552d_qyZ9pcsgZNY8fkBisjodK4
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uYnDx7tBbClzTZm3WK0soLrTeu3G6N9-zx91UU5sajlyH_6ejLzK3w==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 91 KB
28 KB 24ms
12ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5047121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:35 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IO06C9jhzvCi9VImuydD04sGtIPTZ6T.
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iu3jieRtGpoaXuwvgoUQzCeiWSmWyI0IzwyxDVC9Z4Hij_71sf9_sA==

GET
H2 200 10.b73b895d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 23 KB
7 KB 25ms
13ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.b73b895d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 17:56:16 GMT
content-encoding: gzip
age: 1123591
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 17:28:59 GMT
server: nginx
etag: W/"5c6cb58ced9f55b696578307366a68ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 42s0ZS8AeOMe_PH.Rce3w4xkhbhmKcpn
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bbZ4zkpQK800O19AskocakO1Fkzc4WpCPWnXFPOylC7-KeEgr3UzuA==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 62 KB
20 KB 25ms
13ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 12190146
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mg5rRtStVT4cX4Usjz6-o9UKE2e98pElsHBDynpL8qNo-46VG2lm4g==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 105 KB
34 KB 26ms
15ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 3870793
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mxBFWZx1wZ1xN.1nj_wZKtLvuDeu4lk_
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yvNeCzlLl1OEre4IaEOhWPIahzaIjpPIW8G3FNNzxpoKUScW37WBWQ==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 12 KB
4 KB 27ms
16ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 4391421
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:20 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0Zui0kJ5MSbHpImulx8UM9hDRN0gPHQk
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HngT38nJfpX6jit0jqZeoZhBeDaXMd8F1J_J7gP55eqV2MUAEGNmOw==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 12 KB
5 KB 28ms
16ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 3472657
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Kb9jiolYAspdT0T2FEuoVylYgxdOCuEs
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AxWk4jZDj8po7NYJWUEGDt5jwtlt8nEaua_v6HRymb_5Lv-6QD4WQA==

GET
H2 200 18.3ca2a055.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 17 KB
7 KB 28ms
17ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.3ca2a055.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"4cfccba39f0ab35f70bc772f1d0eb4c2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AOsH7T1Yo.NhD3RTtLUBAEdTLdlQFzkv
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a3gknoGqFd8nILoxcuJZD2Uxg0UX0e0auGmDVj7ke_5Vkm9FZZGdrg==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame B705 11 KB
3 KB 18ms
6ms Stylesheet
text/css 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5047121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8ZsEKgx7NBbOWsOo7y482B7LIK3_mShC
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BJju9SJPSNU805EQd7WB7NlDxIo8lZb4o-UHmVC7sOtpkVB6ztMhYw==

GET
H2 200 8.8e3b3a7f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 71 KB
22 KB 28ms
17ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.8e3b3a7f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ca7362fcc0e9111db58886105f1f991c5090eeed7b08e2892612704f3be1c4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:07 GMT
server: nginx
etag: W/"45dc590878796b9b88476ebcc9b9d3b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OmX6mBr67Bd69RMnY4ee.6RCkJcoZI8v
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UDeWzTGTIInBazXhaoB_xHOvEymXAgDrzlU63xB3pwGOTD4-0g07gg==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame B705 24 B
666 B 18ms
7ms Stylesheet
text/css 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
age: 12190146
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SVDd4ObdQrm544KGevMNqxcMKPgVP-uCgmg9ZcoVS-nQ-0J51a3_zw==

GET
H2 200 15.b05dc660.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 78 KB
20 KB 30ms
19ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.b05dc660.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

6da17efdd329929b537064639b37368da51734209944097eaebd4ab6e2acd3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:05 GMT
server: nginx
etag: W/"a58ddbf68856497e42c8020066e03bae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LENnMtbvszMAu5pFIofHC0pAI3btFnLS
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ROlic2d3gp-UT3cEM4MI1YRA-aeFWSb5c8ypSJqbeHkikRhrGt-pRw==

GET
H2 200 22.60abd8a0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 47 KB
13 KB 28ms
19ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.60abd8a0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

3bb9514ceb027af58b76354d0fcf9f53eb457263d0a3fe4b4a4bd0a316f6eefe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"285512dbd5a26d7c7928dbb0c2be7b44"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5LiOvAGy9icMMpwC4P8ASiCnJMXQGSFn
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fctnlhVBvBa3G7SNVRRLO4uB5MmwgZKynRdsC7QjBcS5YQzfAqy2DQ==

GET
H2 200 13.243fc5bc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 40 KB
13 KB 30ms
21ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.243fc5bc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

55fb68243c9520bf2bffd5ea09e103c9ed3627f2ccf4a097518e2227d00ed453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:37:40 GMT
content-encoding: gzip
age: 84307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 18:26:17 GMT
server: nginx
etag: W/"9b71f6ea4adab29da59549f4ecfc67ba"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: arck4mGVURGvcibtQLCrC4zg7336hS_N
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 24TaGTPKsL9EPhwXUjFM9hUXFigHMfQZpRR76tlyqkVrthnPBa2a8g==

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 3A42 3 KB
1 KB 7ms
7ms Stylesheet
text/css 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 4391421
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:17 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: o4YHS2mkjmPJ8FYb.psnWR.Z9AgjdeMR
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: i_K8w7gNnkRzTfKlAR_JNLh9ZLjcKALu0ZZBkWDKT-xxDgMyXthnxg==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 3 KB
2 KB 8ms
8ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 01:21:23 GMT
content-encoding: gzip
age: 6280883
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 09 Mar 2022 19:39:00 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nKLZ1eCZgJyATnvQHZL81PT0kMSSnbMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TkAx2nPfwZ4oWbBRmn0lmAi4zpHJRbJeL2qJQ4VbZ43VCbRjAkKtIw==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 192ms
192ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=2d58655f53420000406f8e62da0000000f070c00&session=cd66d8ba-86e6-4f34-876c-0e1298a2b556&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A47%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2025%20May%202022%2018%3A02%3A46%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%226889%22%7D&isIframe=false&m=%7B%22description%22%3A%22Get%20all%20the%20information%2C%20research%20and%20resources%20on%20the%20ransomware%20threat%20and%20how%20it%20evolved%20in%20the%20past%205%20years.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Hub%20-%20Check%20Point%20Software%22%7D&cb=&r=https%3A%2F%2Fclick.checkpoint.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.checkpoint.com%2Fransomware-hub%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEmtSVt1ZsHSYUKNO2AFiZ4nzWMe86x75da092TQUYChQrG_DXOdaTFQOY3YZDA4z-zNIVOLTrQC4Sj7Ou5mHmDDvVokhUdxatfR69SlKZZ0RAoLnA&pageViewId=2cb7992f-540d-43ac-83f5-3f19c0f8d9a1&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 18:02:47 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 9 KB
3 KB 8ms
7ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5047121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:34 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f0vFdvUsVaxkS7BUVekCPez6OhG1f.hd
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3bdRUulv4xfP0jB1krSIEapbFvtuaGBlWKW23d9DTy5JvJ8WD8Dtxw==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 33 KB
10 KB 8ms
8ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 4391421
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dJ6wMYR.EkVgKolqllYLjIlhrPfZzaVa
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a3BQle67ksky2OdWiFGwNtrrOkMNKiofx1GFpHxtXyFGVn02x7H5lw==

GET
H2 200 25.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame B705 8 KB
2 KB 9ms
8ms Stylesheet
text/css 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5047121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Yw4dEFczUjGKvjvS8RVZki_SV8inukYJ
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eG2VLwczHCTl63EF30ZaHTKkQXeMj0QDqNnk55H7TQeAnVRjllQZSg==

GET
H2 200 25.17da01e8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 12 KB
5 KB 9ms
9ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.17da01e8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f12e00e6750c744bb34c0b007ef96948e24c6dcf77a34c78c0c4f1263c81ebdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:13:20 GMT
content-encoding: gzip
age: 1810167
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 May 2022 18:28:30 GMT
server: nginx
etag: W/"d395884071f100b30a64f9bd39a2f10f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 04iRp8gDacN_nR2237idSokHftX5jSZO
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9_78o1951A9CTur7N160qkuI4JaO69cb7ro_fNKNQR5btT0qfMqx8Q==

GET
H2 200 17.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame B705 365 B
1006 B 9ms
9ms Stylesheet
text/css 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Wed, 18 May 2022 17:52:03 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8PhpnUwCKVw_tmw5w1.GT3kRVBeTcpzl
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tRjk6cN__en9zQ17pHacKWxyrLtw-Tprxuq1pgjV4w7fp25HyUEdiQ==

GET
H2 200 17.0057716c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B705 86 KB
24 KB 9ms
9ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.0057716c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

466e779f85a3564bff7af2474f05fb2b70e2535805e3f707c7d521c24fbad241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=wxbvs5zxy7iy&region=US&forceShow=false&skipCampaigns=false&sessionId=72702725-10c7-42a4-aabf-c7b3cc7c5e9c&sessionStarted=1653501766.354&campaignRefreshToken=3b3eec2c-4434-4b56-a71d-7bf696cbf9c0&hideController=false&pageLoadStartTime=1653501759796&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 15:58:21 GMT
content-encoding: gzip
age: 439466
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 20 May 2022 15:32:34 GMT
server: nginx
etag: W/"7f01e823ee3c09f0ede254bc3383b747"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ag_VnHQVWHWsdFwJ39hYWanc.pHSCCnB
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CWAvPG-kBqA15Ss7z7yVOGfwdtk7LGB6IJMGG_rdwzDf3rk8CS4s3g==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 9 KB
3 KB 9ms
8ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5047121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:34 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f0vFdvUsVaxkS7BUVekCPez6OhG1f.hd
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jtkEOWDMkFbfztzWGiM-eTwgC2xRHvEeA9vPAAlXwP0-XLg_hssP-g==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 3A42 7 KB
2 KB 9ms
8ms Stylesheet
text/css 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5047120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eJJ8iIcGQeeOyHqQZhPH9NjVmZe46DWE
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AoZbDmNUHGCpirDu7kEcDe1uyBGy5g1WyMUSf_jYeI9XCvHiZ2uFJA==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 54 KB
16 KB 9ms
9ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 23:30:53 GMT
content-encoding: gzip
age: 4645914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 18:31:22 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kk3GS24HgDEmPXUslSsjyTbGLAUWg7zo
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JW0BIdqCwzm0IAfeZMFprKqCNFqwveArlUr8etC6CrV6o7-x7zMseA==

GET
H2 200 1.e5dfd51a.chunk.css
js.driftt.com/core/assets/css/ Frame 3A42 43 KB
7 KB 10ms
9ms Stylesheet
text/css 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e5dfd51a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 02 May 2022 15:02:23 GMT
content-encoding: gzip
age: 1998024
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:46 GMT
server: nginx
etag: W/"2c40725f3e291f40133c5dd42e2d2809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NDVBsNLgITAyanG2chz6_hhZC25SbNrt
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4-XmuBaYhyNAjYAwafe2GFN9INNoQvjZKDS6FGn6feLDKn14b-9aOg==

GET
H2 200 1.af2c0498.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 73 KB
25 KB 10ms
10ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.af2c0498.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e1e4797eacb227503cef66a6fbd3d16197aacdcfb52b915c9dd5de35d20973ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:05 GMT
server: nginx
etag: W/"06c00cd10988050423566fb804ecaca2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bkKzkpW1r..rd9z2pPD3kv.guYN7Upim
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l2DBsugTYyY31YjWjRu0PfqBfJyR0D9F9I6LGyjmfeLoPk0hHWo8rQ==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame 3A42 12 KB
3 KB 12ms
12ms Stylesheet
text/css 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5047120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pHw9X_j3lnHYAPELEWozrhov_rOIKMZh
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2zvmDN7xw6ZZXZ3moVWOLemMf8zZ3jCPleD3AU8OFIp2fTCE93EyYQ==

GET
H2 200 30.c3864c88.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3A42 11 KB
5 KB 12ms
12ms Script
application/javascript 143.204.215.12

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.c3864c88.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

79c254652bb96247b5470d8d7d30bdef4ae96a7e61743ac4ef6b423502cd8c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653501759796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 605137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"38d96c6ccd18212a914f55851e7dea75"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: C5YkLjESeiAIo2wT8c7vzTOlJV8QbN5A
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o9XiOZoR8WLuqzV-1eJ6_CM4bcrtAgMGH6Zg-J3Ha9XF7FuMEykSBQ==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 320ms
101ms Preflight
text/plain 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 25 May 2022 18:02:47 GMT
requestid: driftfa1552d41cab712a19bb952e10a
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame B705 25 B
122 B 110ms
110ms XHR
application/json 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 18:02:47 GMT
server: istio-envoy
requestid: 89a9e0b0671ad04
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame B705 147 B
245 B 101ms
101ms XHR
application/json 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

da1cd6a04e9f679e21485036ad9e2ad2732661b465998b75ff9a18339281c65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 18:02:47 GMT
server: istio-envoy
requestid: 967e8e465e5a0ff0
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 343ms
104ms Preflight
text/plain 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 25 May 2022 18:02:47 GMT
requestid: drift4447c1c43b1bcdbf706366b3657
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 04:01:33	Name: _li_ss Value: MgkI_____wcQrxI
.click.checkpoint.com/	1970-01-20 03:18:23	Name: __cf_bm Value: lzuxgcb5R0KN99OKWR7UapWBTquTlpl1itJWqYZTEMQ-1653501756-0-ATzbi9LPM4kSD4xYvatFeQE1x7enZLkrP4JXTZ4A5lNaKX8IRKYiGBkztpgBZ3Jzo1xeWCwHRoz5ygu7jbsY1jE=
www.checkpoint.com/	1969-12-31 23:59:59	Name: ROUTEID Value: .4
.6sc.co/	1970-01-20 20:49:33	Name: 6suuid Value: 2d58655f53420000406f8e62da0000000f070c00
.checkpoint.com/	1970-02-26 08:06:21	Name: BE_CLA3 Value: p_id%3DR88A4LRANPN4R6J8APPP82N4RAAAAAAAAH%26bf%3D2d44afda590c9017234292a6b232b6fc%26bn%3D1%26bv%3D3.44%26s_expire%3D1653588160222%26s_id%3D888A4LRANPN4RNLNPNLP82N4RAAAAAAAAH
.checkpoint.com/	1970-01-20 20:49:33	Name: _ga Value: GA1.2.417218361.1653501760
.checkpoint.com/	1970-01-20 03:19:48	Name: _gid Value: GA1.2.623492045.1653501760
.checkpoint.com/	1970-01-20 03:18:21	Name: _dc_gtm_UA-194688-3 Value: 1
www.checkpoint.com/	1970-01-20 20:49:33	Name: _gd_svisitor Value: 2d58655f53420000406f8e62da0000000f070c00
www.checkpoint.com/	1970-01-20 03:28:26	Name: _an_uid Value: 0
www.checkpoint.com/	1970-01-20 20:49:33	Name: _gd_visitor Value: e168bcf1-d426-408f-88cf-a0c97a122200
www.checkpoint.com/	1970-01-20 03:18:36	Name: _gd_session Value: cd66d8ba-86e6-4f34-876c-0e1298a2b556
.checkpoint.com/	1970-01-20 20:49:33	Name: trwv.uid Value: checkpoint-1653501761210-5c6cb25a%3A1
.checkpoint.com/	1970-01-20 03:18:23	Name: trwsa.sid Value: checkpoint-1653501761212-57972b4b%3A1
.checkpoint.com/	1970-01-20 05:27:57	Name: _fbp Value: fb.1.1653501761235.568757655
.t.co/	1970-01-20 20:49:33	Name: muc_ads Value: 3ef2aea6-326e-4bf4-80e0-28a706a1591f
.linkedin.com/	1970-01-20 04:01:33	Name: UserMatchHistory Value: AQKh47WkisQgnwAAAYD8YpcxYauT_gTL9RYMuzTOZU4CMpxhSUwZZ8alRGRUAn9VTadoMUFcijIFLg
.linkedin.com/	1970-01-20 04:01:33	Name: AnalyticsSyncHistory Value: AQJN78j2W0IYTQAAAYD8YpcxuRWFvhHV5jbTLthlqcEOciBdxadzjeAV8IrD7PbkoRUcv1G1REfABlwHeVc3_A
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 20:50:15	Name: bcookie Value: "v=2&4e0a14c9-4c8f-447d-8132-f7564c3e5ba3"
.linkedin.com/	1970-01-20 03:19:48	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2679:u=1:x=1:i=1653501761:t=1653588161:v=2:sig=AQHLfmKaEfb5fuMFOwpnu3EZlArtz93b"
.facebook.com/	1970-01-20 05:27:57	Name: fr Value: 0xXuisCbc4XWNp3vb..Bijm9B...1.0.Bijm9B.
.checkpoint.com/	1970-01-20 20:49:33	Name: _mkto_trk Value: id:750-DQH-528&token:_mch-checkpoint.com-1653501761508-27453
.twitter.com/	1970-01-20 20:49:33	Name: personalization_id Value: "v1_vTMOipRDCgXWKJUmjbFOOg=="
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 20:50:15	Name: bscookie Value: "v=1&2022052518024107dfc9e5-f808-4ca2-8cba-1acac707dc4dAQHWhLmsKjAwgpayKRBwFwh56wD2rB3_"
.linkedin.com/	1970-01-20 20:47:04	Name: li_gc Value: MTswOzE2NTM1MDE3NjE7MjswMjEVxdEGj5o83V8bkOwhuSPHsybGYiwKYc7AqGzUb6KN4w==
.criteo.com/	1970-01-20 12:39:57	Name: uid Value: ab633967-d85a-483e-9cab-b175bf05936c
.checkpoint.com/	1970-01-20 12:03:57	Name: trd_cid Value: 16535017617232514
trackingapi.trendemon.com/	1978-01-11 21:31:40	Name: trd_gavid_2336 Value: 16527711083794484
trackingapi.trendemon.com/	1978-01-11 21:31:40	Name: trd_gvid Value: 16527711083794484
trackingapi.trendemon.com/	1978-01-11 21:31:40	Name: trd_vid_2336 Value: 2336%3A16527711083794484
.checkpoint.com/	1970-01-20 12:47:45	Name: cto_bundle Value: Df81YV9wNm9FT2Vsd1VJYVg2NkVBYzZ5b1FnMmg1UzR6QnpTN0Q5c25YMjNXZEJ1UGtRUnp6RW9zMFJPTk95aEVKbHVUU1d3Y3Q5VVBLJTJCN1k4VWhFempNZVd3d3JvNzlrQjFYdHRVYk9KWXhDUEIxQUElMkYxZiUyQkFaZTAlMkZXRSUyQm44U0Y4bWlLNThSTFhjU1plJTJGa2hpOTZIYUlWRnclM0QlM0Q
.checkpoint.com/	1970-01-20 12:03:57	Name: trd_vid_l Value: 2336%3A16527711083794484
.checkpoint.com/	1970-01-20 12:03:57	Name: trd_vuid_l Value: -967594124317174607
.checkpoint.com/	1970-01-20 12:03:57	Name: trd_first_visit Value: 1653501762
.checkpoint.com/	1970-01-20 12:03:57	Name: trd_pw Value: 1
.checkpoint.com/	1970-01-20 03:18:23	Name: trd_pws Value: 1
.checkpoint.com/	1970-01-20 03:18:23	Name: trd_sid Value: 16535017618920320
.checkpoint.com/	1970-01-20 03:19:04	Name: trd_ma_cookie Value: aWQ6NzUwLURRSC01MjgmdG9rZW46X21jaC1jaGVja3BvaW50LmNvbS0xNjUzNTAxNzYxNTA4LTI3NDUz
.rlcdn.com/	1970-01-20 12:03:57	Name: rlas3 Value: 9O5+hXisbLerVLymMZxZSLOTic3x9o+ViPxBJBE+McA=
.rlcdn.com/	1970-01-20 04:44:45	Name: pxrc Value: CAA=
.doubleclick.net/	1970-01-20 12:39:57	Name: IDE Value: AHWqTUnUU44e_7N-iCil9HnRsPffDPgQX0jlscv3smNvEpopvGx1Q0aFpn2sPKMfLAs
.adnxs.com/	1970-01-20 05:27:57	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Hb8u`ad8!@wnf-Te9(>wL5L!!'GV$d5rX
.adnxs.com/	1970-01-20 05:27:57	Name: uuid2 Value: 5326292364535777723
.yahoo.com/	1970-01-20 12:04:19	Name: A3 Value: d=AQABBEJvjmICEH2EofB_TwHP4CfEiji0hXwFEgEBAQHAj2KYYgAAAAAA_eMAAA&S=AQAAAs5V4bYk3mwlJ-j4YTNkBig
.analytics.yahoo.com/	1970-01-20 12:03:57	Name: IDSYNC Value: 18zh~2536
.casalemedia.com/	1970-01-20 12:03:57	Name: CMID Value: Yo5vQrNOOAuS0vqad.3JcgAA
.casalemedia.com/	1970-01-20 05:27:57	Name: CMPS Value: 5200
.addthis.com/	1970-01-20 12:39:57	Name: ouid Value: 628e6f420001174774589b6f7913fd7f48e3dabd4755b92ae201
.addthis.com/	1970-01-20 12:39:57	Name: uid Value: 628e6f42b6055c66
.addthis.com/	1970-01-20 12:39:57	Name: na_id Value: 2022052518024274800758272646
.casalemedia.com/	1970-01-20 05:27:57	Name: CMPRO Value: 1132
.casalemedia.com/	1970-01-20 12:03:57	Name: CMRUM3 Value: 14628e6f422760k-OvcqLlIM1_qDTR6ZbNc1zMTDOdS8y9dLAhXiKg
.casalemedia.com/	1970-01-20 03:19:48	Name: CMST Value: Yo5vQmKOb0IA
.revcontent.com/	1970-02-07 09:18:21	Name: __ID Value: f7fb1be8b8384b21955c98af8000c84c
.revcontent.com/	1970-01-20 04:01:33	Name: v1_151 Value: 1
.sharethrough.com/	1970-01-20 04:01:33	Name: stx_user_id Value: 89cb88b2-ab52-4dac-b870-70c995684589
.media.net/	1970-01-20 12:03:57	Name: visitor-id Value: 2965033628883848000V10
.media.net/	1970-01-20 04:01:33	Name: data-c-ts Value: 1653501762
.media.net/	1970-01-20 04:01:33	Name: data-c Value: k-QafU_lIM1_qDTR6ZbNc1zMTDOdQJ3h4JDruzlQ~~3
ads.stickyadstv.com/	1970-01-20 04:01:33	Name: UID Value: 5d9e7943fe564892b1305cf776db71
ads.stickyadstv.com/	1970-01-20 04:01:33	Name: uid-bp-11554 Value: k-eGThtFIM1_qDTR6ZbNc1zMTDOdSjLPVO_jmrRg
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: f8b3209cc83b7513773f2df5d2adff5
.outbrain.com/	1970-01-20 05:27:57	Name: obuid Value: 974685d3-d120-42be-b4d7-2f8abd7db2e8
.outbrain.com/	1970-01-20 03:47:09	Name: criteo Value: k-WhKIslIM1_qDTR6ZbNc1zMTDOdSqsGPkWOHWEg
.360yield.com/	1970-01-20 05:27:57	Name: tuuid Value: aeb253a7-d491-436f-ad87-c237e86b01b7
.360yield.com/	1970-01-20 05:27:57	Name: tuuid_lu Value: 1653501763
.360yield.com/	1970-01-20 05:27:57	Name: um Value: !38,U.-hg0Nsswtsk7hPc5.oAIYM3.blE9tRplLyvUyR8Ff1-YxWQjJbhLnFVCG50MxyejsdqQVR,1661277763
.360yield.com/	1970-01-20 05:27:57	Name: umeh Value: !38,0,1715709763,-1
.bidswitch.net/	1970-01-20 12:03:57	Name: tuuid Value: c134e427-8d00-4726-bb68-9837e6e1f980
.bidswitch.net/	1970-01-20 12:03:57	Name: c Value: 1653501763
.bidswitch.net/	1970-01-20 12:03:57	Name: tuuid_lu Value: 1653501763
.postrelease.com/	1970-01-20 12:03:57	Name: opt_out Value: 1
.liadm.com/	1970-01-20 20:49:33	Name: lidid Value: 7619661f-d3ac-4179-a38b-23ca8e4ad6f0
.pubmatic.com/	1970-01-20 04:01:33	Name: KRTBCOOKIE_97 Value: 3385-uid:k-Jz99XFIM1_qDTR6ZbNc1zMTDOdRYzMYuakI_RA&KRTB&23144-uid:k-Jz99XFIM1_qDTR6ZbNc1zMTDOdRYzMYuakI_RA&KRTB&23286-uid:k-Jz99XFIM1_qDTR6ZbNc1zMTDOdRYzMYuakI_RA&KRTB&23287-uid:k-Jz99XFIM1_qDTR6ZbNc1zMTDOdRYzMYuakI_RA
.pubmatic.com/	1970-01-20 04:01:33	Name: PugT Value: 1653501763

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://static.criteo.net/js/ld/ld.js Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-vtRcX4f6+UGu4hKnkacQDZtB6lD5mNzjvcYsCiZsoJ8=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

750-dqh-528.mktoresp.com
a1.b0e8.com
abrtp1-cdn.marketo.com
abrtp1.marketo.com
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
analytics.twitter.com
assets.trendemon.com
b.6sc.co
bootstrap.api.drift.com
c.6sc.co
c.aaxads.com
cdn.b0e8.com
cdn.stickyadstv.com
click.checkpoint.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
dis.criteo.com
dynamic.criteo.com
eb2.3lift.com
epsilon.6sense.com
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
ipv6.6sc.co
j.6sc.co
jadserve.postrelease.com
js.driftt.com
marvel-b2-cdn.bc0a.com
match.sharethrough.com
metrics.api.drift.com
mug.criteo.com
munchkin.marketo.net
partner.mediawallahscript.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
rtp-static.marketo.com
s.ad.smaato.net
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.ads-twitter.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
t.co
trackingapi.trendemon.com
trends.revcontent.com
ups.analytics.yahoo.com
widget.us.criteo.com
www.checkpoint.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
104.17.72.206
104.244.42.67
104.244.42.69
104.92.106.130
104.92.72.193
104.92.74.202
104.92.90.132
13.107.42.14
141.226.228.48
143.204.215.12
172.217.23.98
178.250.0.147
178.250.0.163
178.250.2.146
178.250.2.151
18.156.0.31
18.198.74.136
18.66.248.12
184.30.21.112
185.33.221.13
185.33.221.90
185.64.190.80
185.86.139.115
192.28.144.124
192.28.144.84
199.232.188.157
2.18.232.170
2001:4de0:ac19::1:b:2b
212.82.100.181
23.205.241.117
23.35.228.23
23.35.236.247
2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5
2600:1f18:612b:4200:ada2:2974:cd33:9395
2600:9000:224a:8a00:1b:5138:8a40:93a1
2620:1ec:21::14
2a00:1288:80:807::1
2a00:1450:4001:809::2004
2a00:1450:4001:812::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82f::200e
2a00:1450:400c:c07::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:3500:581::38f0
2a02:26f0:3500:695::1c91
2a02:26f0:f7::5c7b:e019
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.251.15.4
34.111.78.58
35.169.111.138
35.190.5.192
35.201.125.192
35.211.178.172
35.244.174.68
52.2.34.196
52.57.195.65
54.147.21.139
54.155.185.156
54.157.244.245
54.77.142.93
64.202.112.191
69.173.144.138
74.119.119.150
76.223.111.18
0180b3a38826096676a67f9d0b80d42e56aed9812132be9a82ae399fe81c9a3b
02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5
031aad3db44fe58046297e5951b04c3c0b2623eddec886b8be9742c8042f07e7
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
0c4dd35f3c71a799eabddd264a881c8ba549902169c711cd3933cc3fd284eedd
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0fc686423c26cb1030032fd7e4f2dd664c4b08517a8990c0b46269dd4e01910b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
110a1679d0432414df7092de396478b464cdc9a9b9a63b5d99e5f714c396494d
12f810b36acfd6e72034189c13f6948d7f45a882aaa59d1b4f51a4111ae40c3e
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
159f03a49a3ace39c2c92b2c5f7f167ac25b1eea9cdc8c82663ddd323eab300f
1c50edaeddd7ab7edd65f1afa7a6a50344444ba2dc30a3acaf4108dba45f9a9d
1ca794e34a83e8bb73591e69a115a4c79ca95a9b5cb7490fb5cd394d9c785926
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f
261aaa72df6476ca604b9142d56d5ffdc04e91d0e858c577796854d7872ace86
278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
2917513984c339c5946ececee6f277a23f473d48f103277125c8ab76d3f32f44
2a5818fde3ebf72d87983e461992e10484ac717b5ebb07c8735ed34fd13dc37c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2aeb673fe2b9306685d2fd56e31b580f11ea3026b98bf91154e4c4d6b05f1a04
3036c475db3d283cc40091d6d5c2548f8ff0dfb54ec7ed2604415c25d9fb9aa6
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
3538a17fba55759f561d59c1b65f09aec92be1c62cb0bbbc3181be67b25035a5
3580a7e0b1176f1b1e4b56d53c9afa16a6216a9a55a3d7137724fef483ddf57c
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
36f1424801454286bc6ac1c050b265153946788347127cc99886e2bbaf96f479
3bb9514ceb027af58b76354d0fcf9f53eb457263d0a3fe4b4a4bd0a316f6eefe
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
466e779f85a3564bff7af2474f05fb2b70e2535805e3f707c7d521c24fbad241
492acd3291329d030fc9a8f9a4d167b7492eb1d09546d0cfd0297a5d1f6c5fe1
494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01
49ded3dad8a2610502801141b12e3bb5306cbd97ee8c9d03fb136f637329c0c5
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4ae30664ee32c3fa8cf563f0e54db8d4fac1fb5f3b97a1bff75628cc7291c640
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd00fd1cb5818aae2eed90a41d1a5d964f72f4efea6706bddabd81172308fc4
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec514520a1af2f30402164d9821139e1ccde80d741c91a5eb396a365663ac71
4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc
529f79ace9dd01356aaf171a9b9eb6e09e98155ae4a31f1f5d2472027c8a2a88
543e9a3149e881d19f5632d44718fd2f54229a9ea7c6098cf5af5b6f61382f72
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e5ce8f8dc92a2cd7ae4b18a9798583a8c6439ffab509b94a1f685a3293182e
55fb68243c9520bf2bffd5ea09e103c9ed3627f2ccf4a097518e2227d00ed453
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
5b21d4493859c5cee92630577f0f71b4fbed0fe382227db727cca346cd2bfa4d
5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5fc263881942c97fd96f13e38c009bfdac9a88fd70c8430c6e649876ad1224fa
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61a2c41ce976dc3f6ee3dea1efac5041aed2ce99c702bf1d0ef05afef41348ab
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5e10908ab2815bb73aacc782ad91dae2c9bb32a1570706cb4832340c138210
6da17efdd329929b537064639b37368da51734209944097eaebd4ab6e2acd3ce
7003b61166e5a477a9b5880cafe0a0420fef0af9e35562f81488c3b4c76cb156
70cf8868c462616148c1134976fe8aca3abd1cd0f2a024fcd06383c0942ea970
731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1
73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb
76911468519fda64950773694e032587649fe089cf454e1f4afa005cd191772c
76bd7f0e3e6d502ee1fbeec5eeb367d10c8a6ec592f394c63d4da34cc6775120
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c254652bb96247b5470d8d7d30bdef4ae96a7e61743ac4ef6b423502cd8c51
7acd4f195f32c0ae9a8ce20c6e2f80e1175ee3df9e93b26dcdd068b7b51a0ee0
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c
886e3f30dbb7409564533a2a3b9ce7eec26f2d8c2c847b1c84c2a2159b9c7237
888792e0dc7bf69a3ba98c2ecea2550bfc7bc45268200c560dfa17d9068c56d1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278
8f6426256e7864999367d58f29d48b363405351b79870cea9bfbcf72804db30c
8f8ff336890ffb3e3eafcbe5f3f940b8e4d7c96fa0b7e1848e9585fffb504ce0
934244840bf2571c32d28290e52375b6a65ea5507ff7d2073c9223cebb4500a7
945c48407720ae91103b34e610ba4c784e24aa13229ebd27ef90297c201da869
960d1f95f71be9bc4c13e06c200762c60cdc944d3289687f9d9faa6cf7b17506
965fc05b277596a937ba9d14388799fd5217eb96179f0187b8b937347bdfaf59
9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13d9dd0836589e4dc2fbc969bf660189d53a47399e3fd262d52a150157faa7e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a68195b8cc14956be9352ca6f989f4e617912533b10ad404c36ce05a7b66c2a8
a7d7aa09becb2494f61a590c32dd433a7b0daf2bddf29c5f622ac84a4c197007
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afe80b202ed02211f0433bf62aa03d06591bc8c53d23e9035eba75d0ef007195
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0
b9d991f032b0f626a8b215af39aaae7ad4e1e262c9fad049b6f12a4fe7afb9bc
ba3ee5f14a9e7a6db70705c4f637491f8e8ed314e424c5e4d8c259279109778b
bab4d95c3b1a677e3bc5c976e207d9a7189a14db8944c126474373f4cb9d91bd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf942312193ba098f5fc8278e57109d4f338d400c3dbb202d93f8ebef2815ea4
c06e50be9785b2ecca8f34578f99526923c2b7949f4940c1fa9d9f8e73e86cd8
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
ca7362fcc0e9111db58886105f1f991c5090eeed7b08e2892612704f3be1c4c1
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc003d6679c6fb373fd5f68509b9f2675c0a6fadd4bd18ce3c5d6c002dbdbc5c
ccfd32a1781e0709a7195f5e8ee573fec6964f3bab44a2a3e1fddd937efe64f6
d217d238f3f2648014fb12906dca5366954ffa6256d160726190d9e0e9c8376a
d72e8b84525600450e9837b01aec462c22797e4215e93c8b5a3ad74043c2b23a
d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9
da1cd6a04e9f679e21485036ad9e2ad2732661b465998b75ff9a18339281c65e
db88325fa6929dcaa0710abf0da2dd7ed76fead6e51686fa549aa491b7af9db3
dbe21e52a3bece482d1926be6552a78708b61638973993dcd87132e97d9bec38
dcc6aaeccd530bcb0e91ef01e2046485f1ad113a865aafb17a740eee4da61e32
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
df57e91df9c55b9cd4ab753defd0501172b07f2773b9956bf5b7c45905146520
dffec3dc6c396a048f1a0a2f2da900772e5e2f0d7b7a27b35f7e3f68a5480bf1
e0223849b23778efe4bbcfd91745b8116ded9f452974b16de2ad94e34e4be9c7
e0969d7897decd41afde0a8e05458d95d1550e88e5d55bc96f80f71a71f74130
e1c835fc1b9ca93c23a6b79c3cf39f0dcf308018e4da4025ed40b0ae70b589ca
e1e4797eacb227503cef66a6fbd3d16197aacdcfb52b915c9dd5de35d20973ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e85c04591f51241a28edb37fbf58810b899d373572712830c70a0acdca77af48
e99a52151c294c42df9ab0df1048d2403af8d1cf94817c26c706c8d75d002743
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ee632663fb7376a2b1979fa0edf11dacacefbb1a118d0b651afb6e1107b611f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f0b2c19f3856317ebaac965fe06e444984027e9a99ac1aefe4093db25be4b3e3
f12e00e6750c744bb34c0b007ef96948e24c6dcf77a34c78c0c4f1263c81ebdd
f1b26bb78ff53f12f333d950da9298866e0026bbffbb46adac843cabc26b90ce
f81f3e3a6ca2e84742c2be859f6c894f5d47b024ef63bb718c645d6b9daafefd
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fa13488c9b73ba13025d70340a5b217bf283b0287fe26ec639e199aa5354a034
fb8acb6ca1149529e5e25600bfaaa2aa77a353369dd5c8f63869f63a42279db4

www.checkpoint.com Open in urlscan Pro 2a02:26f0:3500:581::38f0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

215 Requests

93 %HTTPS

28 %IPv6

50 Domains

72 Subdomains

61 IPs

8 Countries

2602 kBTransfer

6180 kBSize

77 Cookies

44 Outgoing links

Page URL History

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.checkpoint.com Open in urlscan Pro
2a02:26f0:3500:581::38f0 Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

93 %
HTTPS

28 %
IPv6

50
Domains

72
Subdomains

61
IPs

8
Countries

2602 kB
Transfer

6180 kB
Size

77
Cookies

215 HTTP transactions
0 data transactions