www.cybereason.com Open in urlscan Pro
45.60.64.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7CgGM-VNjlWh8LnjwpW43M...
Effective URL:
https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p...
Submission: On June 30 via manual (June 30th 2022, 8:11:07 pm UTC) from US — Scanned from DE

Summary HTTP 207 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 61 IPs in 5 countries across 46 domains to perform 207 HTTP transactions. The main IP is 45.60.64.106, located in United States and belongs to INCAPSULA, US. The main domain is www.cybereason.com. The Cisco Umbrella rank of the primary domain is 507703.
TLS certificate: Issued by GeoTrust RSA CA 2018 on April 6th 2022. Valid for: a year.

This is the only time www.cybereason.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:1e69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	45.60.64.106 45.60.64.106	19551 (INCAPSULA) (INCAPSULA)
15	2606:4700::68... 2606:4700::6811:f2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1494	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 6	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	65.9.66.112 65.9.66.112	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2a27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
4	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
62	143.204.215.62 143.204.215.62	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::622	54113 (FASTLY) (FASTLY)
1	34.192.106.225 34.192.106.225	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.215.43 143.204.215.43	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.10 143.204.215.10	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	143.204.215.25 143.204.215.25	16509 (AMAZON-02) (AMAZON-02)
1	206.19.49.24 206.19.49.24	17225 (ATT-CERFN...) (ATT-CERFNET-BLOCK)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:401... 2a00:1450:401b:807::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.215.26 143.204.215.26	16509 (AMAZON-02) (AMAZON-02)
2 2	52.16.40.114 52.16.40.114	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.215.97 143.204.215.97	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	143.204.215.82 143.204.215.82	16509 (AMAZON-02) (AMAZON-02)
2 5	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	99.80.161.153 99.80.161.153	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:27::... 2620:1ec:27::cafe:1806	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
2	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1 2	18.185.197.79 18.185.197.79	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
2	34.193.113.164 34.193.113.164	14618 (AMAZON-AES) (AMAZON-AES)
207	61

2 2606:4700::6812:1e69 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cpjwr04.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 45.60.64.106 (United States)

ASN19551 (INCAPSULA, US)

www.cybereason.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6811:f2cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

3354902.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1494 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.198 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

10272547.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10428681.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-112.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2a27 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 143.204.215.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-62.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.106.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-106-225.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-43.fra53.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-10.fra53.r.cloudfront.net

px.airpr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-25.fra53.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN17225 (ATT-CERFNET-BLOCK, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:401b:807::2002 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-26.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.40.114 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-40-114.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.97 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-97.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-82.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.161.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-161-153.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1806 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.197.79 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-197-79.eu-central-1.compute.amazonaws.com

dpx.airpr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.113.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-113-164.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com — Cisco Umbrella Rank: 5492	723 KB
22	cybereason.com www.cybereason.com — Cisco Umbrella Rank: 507703	7 MB
15	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 6870	57 KB
12	doubleclick.net 5 redirects 10272547.fls.doubleclick.net 10428681.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	10 KB
10	typekit.net use.typekit.net — Cisco Umbrella Rank: 595 p.typekit.net — Cisco Umbrella Rank: 706	142 KB
9	google.de www.google.de — Cisco Umbrella Rank: 5448 adservice.google.de — Cisco Umbrella Rank: 7751	2 KB
9	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 92 region1.analytics.google.com — Cisco Umbrella Rank: 5133	5 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 5864 bootstrap.api.drift.com — Cisco Umbrella Rank: 6095	454 B
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 579 b.clarity.ms — Cisco Umbrella Rank: 5183 c.clarity.ms — Cisco Umbrella Rank: 1113	26 KB
5	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5854 track.hubspot.com — Cisco Umbrella Rank: 2144 forms.hubspot.com — Cisco Umbrella Rank: 3073	3 KB
5	gstatic.com fonts.gstatic.com	125 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	4 KB
4	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 987	4 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627 script.hotjar.com — Cisco Umbrella Rank: 904 vars.hotjar.com — Cisco Umbrella Rank: 917 in.hotjar.com — Cisco Umbrella Rank: 1509	67 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 362 c.bing.com — Cisco Umbrella Rank: 182	13 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 307 fonts.googleapis.com — Cisco Umbrella Rank: 71	35 KB
3	company-target.com 1 redirects segments.company-target.com — Cisco Umbrella Rank: 1198 api.company-target.com — Cisco Umbrella Rank: 2674	2 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2733 www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
3	airpr.com 1 redirects px.airpr.com — Cisco Umbrella Rank: 14403 dpx.airpr.com — Cisco Umbrella Rank: 11715	3 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	18 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 408	2 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3264	267 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 474	1019 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2612
2	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 12693 apt.techtarget.com — Cisco Umbrella Rank: 16054	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	156 KB
2	hubspotlinks.com 1 redirects cpjwr04.na1.hubspotlinks.com	3 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 635	98 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1534	157 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 516	354 B
1	t.co t.co — Cisco Umbrella Rank: 455	338 B
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4449	19 KB
1	lltrck.com lltrck.com — Cisco Umbrella Rank: 27032
1	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4992	110 KB
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 9679	2 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2614	6 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2291	957 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5501	1 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1395	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 632	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4068	88 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2069	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2061	20 KB
1	hubspotusercontent-na1.net 3354902.fs1.hubspotusercontent-na1.net — Cisco Umbrella Rank: 920877	548 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	5 KB
207	46

	Domain	Requested by
62	js.driftt.com	cpjwr04.na1.hubspotlinks.com js.driftt.com
22	www.cybereason.com	cpjwr04.na1.hubspotlinks.com www.cybereason.com cdn2.hubspot.net
15	cdn2.hubspot.net	www.cybereason.com
9	use.typekit.net	www.cybereason.com
6	www.google.de	www.cybereason.com
5	www.google.com	2 redirects www.cybereason.com
5	fonts.gstatic.com	fonts.googleapis.com
4	metrics.api.drift.com	js.driftt.com
4	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
4	pixel.mathtag.com	www.googletagmanager.com pixel.mathtag.com www.cybereason.com
4	10272547.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	track.hubspot.com
3	adservice.google.de	adservice.google.com
3	adservice.google.com	10272547.fls.doubleclick.net 10428681.fls.doubleclick.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.cybereason.com
3	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
3	fonts.googleapis.com	cdn2.hubspot.net
2	bootstrap.api.drift.com	js.driftt.com
2	c.clarity.ms	1 redirects
2	secure.adnxs.com	2 redirects
2	dpx.airpr.com	1 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.cybereason.com www.google-analytics.com
2	b.clarity.ms	www.clarity.ms
2	pixel.sitescout.com	www.cybereason.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	segments.company-target.com	1 redirects www.cybereason.com
2	match.prod.bidr.io	2 redirects
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	px.ads.linkedin.com	2 redirects
2	10428681.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.cybereason.com www.googletagmanager.com
2	cpjwr04.na1.hubspotlinks.com	1 redirects
1	forms.hubspot.com	js.hsleadflows.net
1	c.bing.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	in.hotjar.com	script.hotjar.com
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com	www.cybereason.com
1	vars.hotjar.com	static.hotjar.com
1	apt.techtarget.com	www.cybereason.com
1	script.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	alb.reddit.com	www.cybereason.com
1	analytics.twitter.com	www.cybereason.com
1	t.co	www.cybereason.com
1	px4.ads.linkedin.com	www.cybereason.com
1	www.linkedin.com	1 redirects
1	px.airpr.com	cpjwr04.na1.hubspotlinks.com
1	tag.demandbase.com	cpjwr04.na1.hubspotlinks.com
1	lltrck.com	cpjwr04.na1.hubspotlinks.com
1	fast.wistia.com	www.googletagmanager.com
1	up.pixel.ad	www.googletagmanager.com
1	cdn.pdst.fm	cpjwr04.na1.hubspotlinks.com
1	trk.techtarget.com	cpjwr04.na1.hubspotlinks.com
1	js.hs-scripts.com	www.googletagmanager.com
1	ws.zoominfo.com	cpjwr04.na1.hubspotlinks.com
1	www.redditstatic.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	js.hsleadflows.net	www.cybereason.com
1	js.hs-banner.com	www.cybereason.com
1	js.hs-analytics.net	www.cybereason.com
1	p.typekit.net	www.cybereason.com
1	app.hubspot.com	www.cybereason.com
1	3354902.fs1.hubspotusercontent-na1.net	www.cybereason.com
1	cdnjs.cloudflare.com	cdn2.hubspot.net
1	ajax.googleapis.com	www.cybereason.com
207	69

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
hubspotlinks.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
*.cybereason.com GeoTrust RSA CA 2018	`2022-04-06` - `2023-05-07`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2022-02-24` - `2023-02-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2022-06-12` - `2022-09-10`	3 months	crt.sh
*.pixel.ad GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-26` - `2023-02-02`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2021-07-25` - `2022-08-26`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
*.airpr.com Amazon	`2021-12-10` - `2023-01-07`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-13` - `2022-11-12`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Frame ID: 32ED129421B6CC07804713495B03130E
Requests: 126 HTTP requests in this frame

Frame: https://10272547.fls.doubleclick.net/activityi;dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email
Frame ID: CF5B18A4BE97700A8B9497FF7AFEAD7E
Requests: 1 HTTP requests in this frame

Frame: https://10272547.fls.doubleclick.net/activityi;dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email
Frame ID: 467371002A868FED97824670816EA8AA
Requests: 1 HTTP requests in this frame

Frame: https://10428681.fls.doubleclick.net/activityi;dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email
Frame ID: C30B9649B6EF0AA7989E9FC70113A2B7
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: D2FA4D40E684B20F49C0106B95986DFC
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=507462be-0354-4d00-aa59-5860cfd31aaa&no_iframe=1&mt_adid=241675&source=mathtag
Frame ID: 567C393F575EA0E3F4442747469D0828
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email
Frame ID: 654F5B5810945568C82BC868116791EA
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email
Frame ID: C8C3143A0BC417C58E233BEE732AFB49
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email
Frame ID: A58DC0FA60E674DCB61C992DCBC0B6AB
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email
Frame ID: 72C86BF2C8E539F0BA6E97163FB174DF
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email
Frame ID: A2D867051B71CB5638B29DB99F3C0829
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email
Frame ID: 64D7413713815C55D5EBC1FB89D5F96C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: BCA186E3B03E9BE4FA9A0724AA40B6C7
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: 0CF17BCB9C01845ADABAF189D35F576B
Requests: 32 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
Frame ID: 81FF256CDBE08185522C1E56524A935C
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live Hunter Attack Simulation | June 30th

Page URL History Show full URLs

https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7C... Page URL
https://cpjwr04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7... HTTP 307
https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsm... Page URL

Detected technologies

Bulma (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+bulma(?:\.min)?\.css

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

207
Requests

97 %
HTTPS

52 %
IPv6

46
Domains

69
Subdomains

61
IPs

5
Countries

8915 kB
Transfer

13585 kB
Size

54
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Cybereason/

Search URL Search Domain Scan URL

URL: https://twitter.com/cybereason

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCOm7AaB0HiNH4Phe66sK0Ew

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cybereason

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cybereason

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7CgGM-VNjlWh8LnjwpW43MtyL8k22kxW5Vtrdg4w-DSlW2zVNKC1yNPplW212gZB9blTg1W1KKXzm32czvZW426cv1267jTyW8PDHwx3V3b2ZW1w39jj2ZWkv-W6PsqHh665LH9W2mpJNS5QtvKMW1nx5TW7RQ9rfW1x6vzV1lgMw0VnFCM_1pcKC_W2GBTv_8Q9pfqW84FyqK2-Hp7rW4MLMqL1l32ZvW7tsj_B3-YqyVW3gSwnG1-6s_xV-BLYt4CzL6jW3rXZbH8wjbMhN48SbWJ6J_0gW289_JG5P6WRdW81nRmG4L5v4jVGL27T4pYyGpW41pZlx8cgynv35zw1 Page URL
https://cpjwr04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7CgGM-VNjlWh8LnjwpW43MtyL8k22kxW5Vtrdg4w-DSlW2zVNKC1yNPplW212gZB9blTg1W1KKXzm32czvZW426cv1267jTyW8PDHwx3V3b2ZW1w39jj2ZWkv-W6PsqHh665LH9W2mpJNS5QtvKMW1nx5TW7RQ9rfW1x6vzV1lgMw0VnFCM_1pcKC_W2GBTv_8Q9pfqW84FyqK2-Hp7rW4MLMqL1l32ZvW7tsj_B3-YqyVW3gSwnG1-6s_xV-BLYt4CzL6jW3rXZbH8wjbMhN48SbWJ6J_0gW289_JG5P6WRdW81nRmG4L5v4jVGL27T4pYyGpW41pZlx8cgynv35zw1?_ud=377095cb-d53a-49c0-a8a8-aeebc23e9098&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://10272547.fls.doubleclick.net/activityi;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email HTTP 302
https://10272547.fls.doubleclick.net/activityi;dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Request Chain 68

https://10272547.fls.doubleclick.net/activityi;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email HTTP 302
https://10272547.fls.doubleclick.net/activityi;dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Request Chain 69

https://10428681.fls.doubleclick.net/activityi;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email HTTP 302
https://10428681.fls.doubleclick.net/activityi;dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Request Chain 83

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1656619860586&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3F_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_campaign%3DAttack%2520Sims%26utm_content%3D217950972%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D217950972 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D72596%26time%3D1656619860586%26url%3Dhttps%253A%252F%252Fwww.cybereason.com%252Fattack-sim%252Fhunter%252Fus%252F063022%253F_hsenc%253Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%2526utm_campaign%253DAttack%252520Sims%2526utm_content%253D217950972%2526utm_source%253Dhs_email%2526utm_medium%253Demail%2526_hsmi%253D217950972%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1656619860586&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3F_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_campaign%3DAttack%2520Sims%26utm_content%3D217950972%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D217950972&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1656619860586&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3F_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_campaign%3DAttack%2520Sims%26utm_content%3D217950972%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D217950972&liSync=true&e_ipv6=AQI6jkhUXDWMZwAAAYG2PQTQR5MY136dfQPZJdeYrrVHljbPnHxTOe7tnyTS49hKtcMcYTe1

Request Chain 101

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAGIhE7FfAcAABCmMnvzDw HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGIhE7FfAcAABCmMnvzDw&verifyHash=c230d55b48adc9a27f723b3b9fe60fe93498c514

Request Chain 104

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934771702/?random=87341241&cv=9&fst=1656619860652&num=1&value=0&label=lgc3COmO8-sBEPb33b0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&auid=1298849812.1656619860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=VAO-YueSLLiP9fgPrYab4AM&sscte=1&crd=&eitems=ChEI8JP1lQYQ87KtkcuFzoi6ARIdAHxAN_ihW20QYz7xn9lsOjSR_6BxnifOctKq1UQ HTTP 302
https://www.google.com/pagead/1p-conversion/934771702/?random=87341241&cv=9&fst=1656619860652&num=1&value=0&label=lgc3COmO8-sBEPb33b0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&auid=1298849812.1656619860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=VAO-YueSLLiP9fgPrYab4AM&cid=CAQSKQCNIrLMPJSxnwd85CSTwyHi9hJMQBNXTiJwKIaRDYMYhv1SZCPUuq2M&eitems=ChEI8JP1lQYQ87KtkcuFzoi6ARIdAHxAN_jUsdJRCU4skBECrGc3nBL97e9ofw9tONM&random=2472066897&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/934771702/?random=87341241&cv=9&fst=1656619860652&num=1&value=0&label=lgc3COmO8-sBEPb33b0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&auid=1298849812.1656619860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=VAO-YueSLLiP9fgPrYab4AM&cid=CAQSKQCNIrLMPJSxnwd85CSTwyHi9hJMQBNXTiJwKIaRDYMYhv1SZCPUuq2M&eitems=ChEI8JP1lQYQ87KtkcuFzoi6ARIdAHxAN_jUsdJRCU4skBECrGc3nBL97e9ofw9tONM&random=2472066897&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 105

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401574070/?random=1772891873&cv=9&fst=1656619860655&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&auid=1298849812.1656619860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=VAO-YvCQLP2H9fgPlZ25oA8&sscte=1&crd=&eitems=ChEI8JP1lQYQ87KtkcuFzoi6ARIdAHxAN_hiywFeEtD8bWG_aVhQ_1FUZUvH7JoARCg HTTP 302
https://www.google.com/pagead/1p-conversion/401574070/?random=1772891873&cv=9&fst=1656619860655&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&auid=1298849812.1656619860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=VAO-YvCQLP2H9fgPlZ25oA8&cid=CAQSKQCNIrLMtoHhz-9fuOJh1ksFm0-tdHaBWiNJ0G5RROsh1sysfvrQ7ljL&eitems=ChEI8JP1lQYQ87KtkcuFzoi6ARIdAHxAN_gTOcs2uKBChtMV0F74p-ZpHJwhIA-u9fE&random=298343462&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/401574070/?random=1772891873&cv=9&fst=1656619860655&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&auid=1298849812.1656619860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=VAO-YvCQLP2H9fgPlZ25oA8&cid=CAQSKQCNIrLMtoHhz-9fuOJh1ksFm0-tdHaBWiNJ0G5RROsh1sysfvrQ7ljL&eitems=ChEI8JP1lQYQ87KtkcuFzoi6ARIdAHxAN_gTOcs2uKBChtMV0F74p-ZpHJwhIA-u9fE&random=298343462&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 132

https://dpx.airpr.com/px?hostname=www.cybereason.com&profile=660386&an=true HTTP 302
https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=4738218859 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D4738218859 HTTP 302
https://dpx.airpr.com/anpx?adnxs_uid=2497554874986931511&airpr_id=4738218859

Request Chain 133

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=8AC3D203C77644CCB4125603A5D78475&RedC=c.clarity.ms&MXFR=38E871CCAFDB6B042CB6601FABDB65BA HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=8AC3D203C77644CCB4125603A5D78475&MUID=39005CBDD88E6F31076C4D6ED95C6E8B

207 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7CgGM-VNjlWh8LnjwpW43MtyL8k22kxW5Vtrdg4w-DSlW2zVNKC1yNPplW212gZB9blTg1W1KKXzm32czvZW426cv1267jTyW8PDHwx3V3b2ZW1w39jj2ZWkv-W6PsqHh665LH9W2mpJNS...
cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/ 9 KB
3 KB 431ms
386ms Document
text/html 2606:4700::6812:1e69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7CgGM-VNjlWh8LnjwpW43MtyL8k22kxW5Vtrdg4w-DSlW2zVNKC1yNPplW212gZB9blTg1W1KKXzm32czvZW426cv1267jTyW8PDHwx3V3b2ZW1w39jj2ZWkv-W6PsqHh665LH9W2mpJNS5QtvKMW1nx5TW7RQ9rfW1x6vzV1lgMw0VnFCM_1pcKC_W2GBTv_8Q9pfqW84FyqK2-Hp7rW4MLMqL1l32ZvW7tsj_B3-YqyVW3gSwnG1-6s_xV-BLYt4CzL6jW3rXZbH8wjbMhN48SbWJ6J_0gW289_JG5P6WRdW81nRmG4L5v4jVGL27T4pYyGpW41pZlx8cgynv35zw1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 72398c5f59719052-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Thu, 30 Jun 2022 20:10:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
vary: Accept-Encoding
x-hubspot-correlation-id: 984bd30b-246d-4ebf-9745-ac12e29d538f
x-robots-tag: none

GET
H2

200

Primary Request 063022 Show response
www.cybereason.com/attack-sim/hunter/us/
Redirect Chain

https://cpjwr04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7CgGM-VNjlWh8LnjwpW43MtyL8k22kxW5Vtrdg4w-DSlW2zVNKC1yNPp...
https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95c...

29 KB
10 KB

1444ms
1397ms

Document
text/html

45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email

Requested by

Host: cpjwr04.na1.hubspotlinks.com
URL: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7CgGM-VNjlWh8LnjwpW43MtyL8k22kxW5Vtrdg4w-DSlW2zVNKC1yNPplW212gZB9blTg1W1KKXzm32czvZW426cv1267jTyW8PDHwx3V3b2ZW1w39jj2ZWkv-W6PsqHh665LH9W2mpJNS5QtvKMW1nx5TW7RQ9rfW1x6vzV1lgMw0VnFCM_1pcKC_W2GBTv_8Q9pfqW84FyqK2-Hp7rW4MLMqL1l32ZvW7tsj_B3-YqyVW3gSwnG1-6s_xV-BLYt4CzL6jW3rXZbH8wjbMhN48SbWJ6J_0gW289_JG5P6WRdW81nRmG4L5v4jVGL27T4pYyGpW41pZlx8cgynv35zw1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.64.106 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

01b20f3c9294790a8fe4fbf5b736fb601874ff41085a0a49d8cc2b0562ccade7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7CgGM-VNjlWh8LnjwpW43MtyL8k22kxW5Vtrdg4w-DSlW2zVNKC1yNPplW212gZB9blTg1W1KKXzm32czvZW426cv1267jTyW8PDHwx3V3b2ZW1w39jj2ZWkv-W6PsqHh665LH9W2mpJNS5QtvKMW1nx5TW7RQ9rfW1x6vzV1lgMw0VnFCM_1pcKC_W2GBTv_8Q9pfqW84FyqK2-Hp7rW4MLMqL1l32ZvW7tsj_B3-YqyVW3gSwnG1-6s_xV-BLYt4CzL6jW3rXZbH8wjbMhN48SbWJ6J_0gW289_JG5P6WRdW81nRmG4L5v4jVGL27T4pYyGpW41pZlx8cgynv35zw1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: s-maxage=14400, max-age=0
cf-ray: 72398c634bbdb8c1-AMS
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 20:10:59 GMT
edge-cache-tag: CT-71989216574,P-3354902,L-41280911072,W-1613750937864,W-1634662863054,W-1634916180089,CW-36363951948,CW-41051938787,CW-55919211696,CW-66069991695,E-34470223313,E-34470224480,E-34470477360,E-35275979682,E-35291999472,E-42760289143,PGS-ALL,SW-0
etag: W/"0c0657456eb96b4dce24826610d4797e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Sat, 25 Jun 2022 17:58:02 GMT
link: </hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9u0gi4PGCCKGR0OP31layP%2FtLyjiQ8DbXzFbVJN9mtYsTiBGYIHUY0Y99Hku%2BlsRyLyhNnoM0x8BpO3roGB5VC9QLzHDQIRoI394te6ezKUN0OINhFSV%2BksfV8pN0iQJk09Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cdn: Imperva
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=14400, max-age=0
x-hs-cf-cache-status: MISS
x-hs-combine-css: Disabled
x-hs-content-campaign-id: b761532f-2d31-4338-b42d-efec3fb2fa8f
x-hs-content-id: 71989216574
x-hs-hub-id: 3354902
x-hs-prerendered: Sat, 25 Jun 2022 17:58:02 GMT
x-iinfo: 13-63287387-63287390 NNNN CT(6 11 0) RT(1656619858018 10) q(0 0 0 0) r(14 14) U12
x-powered-by: HubSpot

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 72398c61ed2b9052-FRA
date: Thu, 30 Jun 2022 20:10:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email>; rel="canonical"
location: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
referrer-policy: no-referrer
server: cloudflare
x-hubspot-correlation-id: 8ef52fe2-802d-4db0-aad9-58eace9428bb
x-robots-tag: none

GET
H2 200 index.js Show response
www.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.128/js/ 11 KB
4 KB 32ms
29ms Script
application/javascript 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7b007525d142bbc02dda59ccd34237bfa93685d7e75fe089b44ac1e8bcdef02f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: gzip
last-modified: Fri, 25 Mar 2022 12:04:14 GMT
x-cdn: Imperva
etag: W/"fabb1243bed29fd93cc5e0ce02ce9114"
content-type: application/javascript
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1444) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=27115974, public
content-length: 3750
expires: Wed, 10 May 2023 16:23:53 GMT

GET
H2 200 project.js Show response
www.cybereason.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
736 B 36ms
33ms Script
application/javascript 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
x-cdn: Imperva
etag: W/"61ca66de658cab9587e4636894680d5d"
content-type: application/javascript
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1450) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=27115975, public
content-length: 556
expires: Wed, 10 May 2023 16:23:54 GMT

GET
H2 200 v2.js Show response
www.cybereason.com/_hcms/forms/ 585 KB
148 KB 45ms
43ms Script
application/javascript 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/_hcms/forms/v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 1211a9a77e9e16594929055d1e99009c3e85f4ffbbfd5b0646319087812eea30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: gzip
x-cdn: Imperva
etag: W/"6e63031a8c528e5eccaa863d635b3ed8"
content-type: application/javascript; charset=utf-8
x-iinfo: 13-63287387-63287342 2CNN RT(1656619858018 1456) q(0 0 0 -1) r(0 0)
cache-control: max-age=387, public
content-length: 151412
expires: Thu, 30 Jun 2022 20:17:26 GMT

GET
H2 200 module_55919211696_CR_-_LP_-_Hero_--_Full_Flex_--_Attack_Sim_--_All_Centered.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/55919211696/1655227113338/ 8 KB
3 KB 80ms
50ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/55919211696/1655227113338/module_55919211696_CR_-_LP_-_Hero_--_Full_Flex_--_Attack_Sim_--_All_Centered.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c576593d506da9fdd926b356f37bf25e7dc3938d2fc776fc85aaefd0b58777b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1655227113339
date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10163
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYWy9cTB%2BIP8%2FguBfwCiShCIm1FRPMxTLfeCLOyl2CZHtcB75dLuuSZNAz5jFAa6ke5W%2BWZkZrpcXwiqVFmmHBPEHuxA%2FOu%2BJ37%2Fc04ZiXqLcFQ6QMQAYxFOK9vvorCbEqg9RE6O7rTjhndZ4ps%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 14 Jun 2022 17:18:34 GMT
server: cloudflare
etag: W/"5941679f75fc820fe50de6f1c766dd1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6c6a045c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_36363951948_CR_-_Rich_Text.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/36363951948/1639760045546/ 2 KB
849 B 89ms
59ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/36363951948/1639760045546/module_36363951948_CR_-_Rich_Text.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c3f75f81857e502a5a33690ac077add9f4fdcdbab44dd0e8df9a378f278de88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1639760045546
date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1162863
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsispG8jmnPskSZnkZoAQRvzi3oklYZG0V6K%2BmOZ5A8Rf7asQeIWN%2FhpABNFQ4JtMVGJhyzI6NoknIG66%2BDEjFrWExhCBa0YQmBM%2Bk8qkKom3WDz%2FPqdKGGKE9A69BCQYqQ3KoAElrVc8pgTXJ4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Fri, 17 Dec 2021 16:54:06 GMT
server: cloudflare
etag: W/"e83b6f17e60275117da77061add0194d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6c7a185c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_41051938787_CR_-_LP_-_Speaker_Listing.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/41051938787/1649964410984/ 1 KB
1 KB 72ms
42ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/41051938787/1649964410984/module_41051938787_CR_-_LP_-_Speaker_Listing.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7c6bfc2a6ecc9c6518511625c865287b5f126b4b2ec14c85962cdbdc8a19a40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1649964410984
date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 137245
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7CkDWRpwgc6R2xQwBqZ6Xsn9EaNccd266jvVsKNVhdbOGUky0buuRXcyucznEpjqwi2s6Ss3ZHRWY6czhKiQKdQ3jBjE2cH8fxMScUpdOIHjv%2B5Z6r7Dbs5W1PvdL6yK8IZ5YU7NG9QpHWlbSY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Thu, 14 Apr 2022 19:26:51 GMT
server: cloudflare
etag: W/"8f3d9c6075d11fe647ea820bdff9bef1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6c6a075c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_66069991695_CR_-_Footer_Min_Dark__en_US.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/66069991695/1648087956847/ 3 KB
1 KB 76ms
47ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/66069991695/1648087956847/module_66069991695_CR_-_Footer_Min_Dark__en_US.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7438dceeb2b7d1c7dba9f8ed551fb156574b8a20b911bdce9a615eb1cd811e54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1648087956847
date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 580289
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cxUk8sXJy3A6eV8%2Boo%2FUqC%2BHuy4QU3vsCUHvyxSd6IM9iN%2FOxa4RESZvDb%2BzJHYNUbwQ%2BQeJNN1OJX4HFZSaiA4fQ6tcp5QWdnkobWiKtVlNveGXBjSwqILrDcjpTlhrHa61uNlnWpnmT8zBIs%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 14
last-modified: Thu, 24 Mar 2022 02:12:37 GMT
server: cloudflare
etag: W/"04e1e4bd252d9222407acb85630698b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6c7a1a5c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 14

GET
H2 200 vyv2ljd.js Show response
use.typekit.net/ 19 KB
7 KB 51ms
9ms Script
text/javascript 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vyv2ljd.js

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

efaf50dd0be48360746de27c8624174b9689a29834970fe93656ec22cc9b770c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 30 Jun 2022 20:10:59 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6894

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 132ms
46ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 19:17:10 GMT

GET
H2 200 ionicons.eot
www.cybereason.com/hubfs/__dam/fonts/ 118 KB
68 KB 36ms
33ms Font
application/vnd.ms-fontobject 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/__dam/fonts/ionicons.eot
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a4803d7bdeb478a5b9238fe74d8aaa98dafe2e8e68fccbd0e3f4dced823f27f0

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: gzip
last-modified: Fri, 25 Sep 2020 09:38:01 GMT
x-cdn: Imperva
etag: W/"2c2ae068be3b089e0a5b59abb1831550"
content-type: application/vnd.ms-fontobject
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1493) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=841069, public
content-length: 68935
expires: Sun, 10 Jul 2022 13:48:48 GMT

GET
H2 200 Criteria-CF-Regular.woff2
www.cybereason.com/hubfs/dam/fonts/criteria/ 14 KB
14 KB 54ms
51ms Font
application/font-woff2 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/fonts/criteria/Criteria-CF-Regular.woff2
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: fcba0ef5c17fd435aaa6cfac66375e7bfae52f5116b7a6e126c8b0f38b841613

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
last-modified: Thu, 13 Jan 2022 17:33:57 GMT
x-cdn: Imperva
etag: "8c4e317165d35f99602a1c625d63a040"
content-type: application/font-woff2
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1513) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=841067, public
content-length: 14572
expires: Sun, 10 Jul 2022 13:48:46 GMT

GET
H2 200 Criteria-CF-Medium.woff2
www.cybereason.com/hubfs/dam/fonts/criteria/ 14 KB
15 KB 76ms
74ms Font
application/font-woff2 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/fonts/criteria/Criteria-CF-Medium.woff2
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f24560f5b81158a42b8d38ffe5795d9959eb2308ee6780ea912a6594bb999d1e

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
last-modified: Thu, 13 Jan 2022 17:33:57 GMT
x-cdn: Imperva
etag: "32457643e2ecf8bcf7fdba1110db901c"
content-type: application/font-woff2
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1536) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=841067, public
content-length: 14772
expires: Sun, 10 Jul 2022 13:48:46 GMT

GET
H2 200 Peristyle-Black.woff2
www.cybereason.com/hubfs/dam/fonts/peristyle/ 14 KB
14 KB 97ms
95ms Font
application/font-woff2 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/fonts/peristyle/Peristyle-Black.woff2
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9d943fe5fde08d5b742d383b625031f75e3e89035369f2cde2778f4c6cf5c119

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
last-modified: Fri, 15 Oct 2021 16:32:36 GMT
x-cdn: Imperva
etag: "a17b2e1c032fa4a5eea1eeb1416eb385"
content-type: application/font-woff2
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1556) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=841068, public
content-length: 14136
expires: Sun, 10 Jul 2022 13:48:47 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1656143305538/hubspot/hubspot_default/shared/responsive/ 5 KB
2 KB 68ms
43ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1656143305538/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bcc4ca1c87795c43789907a41136e491827f8fcac911ad18d0d17bdb30679b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1656143306231
date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 476530
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jHO4Ew6GJd3cXaBJLVSyaYEoAwfbeaKqHF3uFjEhyhKaR%2FaQlYBoSVNP0iRjofVlSSgTiq4P8HIk0mtFNcOejc4q1ZprO%2Ff8Wu0AMmu1mo1ghFilGwtZRSqQjMkRr4o3P4IhZaWSNbs%2FymbqLc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Sat, 25 Jun 2022 07:48:27 GMT
server: cloudflare
etag: W/"731e65aef56e40241e600540185ed6c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6c6a085c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 cr-master__main.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/ 47 KB
9 KB 75ms
50ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/cr-master__main.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbb5b43bced9867f0de741937e47bd3ae5d11089befb3478816411fab3ef6c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1655232781901
date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1387047
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FOLUgMLdF0LIOwmRUwMvnC3ZTgmWTdILnWi0JLt2QcSixej6VcVvOrg%2FvJDSUCR8c8uhR2HlvwVoeLEagXDGAPzLgWdoD2xhajTiNYTjsd2q%2BXaUExdHX%2FuuFRnjGixz6M4OtstRhaFL3R%2B0i4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 14 Jun 2022 18:53:02 GMT
server: cloudflare
etag: W/"c38df40560bd135a7c40d446b7a02fd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6c6a095c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 cr-master__cta.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470223313/1655232518190/__CR_Web_Platform/CSS/ 3 KB
1 KB 82ms
57ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470223313/1655232518190/__CR_Web_Platform/CSS/cr-master__cta.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c31a94a2a97f5b5fe19d6d4081c9c66400d9483fc65d62d4ef8ca83b5c2fb57a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1655232518974
date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1387292
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACzxJfJXeXG0Vj%2FLU2wNT5h9dj3k1pv1LhXXroG76IdHvw6hj6p05tHWeQX9qjFipL74zhgjZe0NyiiLRNdr1onzQVyM6X336XDGZXAmNvn3S32eh23bWQ9Jc9edg7uGkdUrFkpw9MjqlwhXnbw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 14 Jun 2022 18:48:39 GMT
server: cloudflare
etag: W/"29d616ce2740000b02cc9cacae33a2db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6c6a0b5c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 ionicons.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/35275979682/1642096258129/__CR_Web_Platform/CSS/ 50 KB
9 KB 148ms
123ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/35275979682/1642096258129/__CR_Web_Platform/CSS/ionicons.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72fe18777ebf37b44d58c82be9b67edceefb88c2c6984c614c72991d6e3b8853

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1642096258332
date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17054
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snuHct%2BdVUDJoJlCMs70Zy7SqcdDNrgCQMiAFAXD1bbC3pyrB1b%2BWz%2BNw%2BXXW2U4Gy8trqodbT9Gd6nKXLwNKI4wiVYhhNYyLeWBwhKu6m9It2KZvDfYz2cOYH95r%2Bd5M6t4oRFet0aOdxNWeyY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 14
last-modified: Thu, 13 Jan 2022 17:50:59 GMT
server: cloudflare
etag: W/"71c8c946791f3411c42a4cb1e9cdb5ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6c6a0e5c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 14

GET
H2 200 cr-framework__bulma-columns.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470224480/1635957556830/__CR_Web_Platform/CSS/bulma/ 19 KB
3 KB 95ms
71ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470224480/1635957556830/__CR_Web_Platform/CSS/bulma/cr-framework__bulma-columns.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c836c05ab1f2d37b7aa60d509a656c7a441e2a4fabf035c1b0666a4daa50fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957556893
date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1782679
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFUeuBRMcphdZ1OHFPLAmuCqP9poxxglRUJMmr4rn2j5ldBA0z1CCehYavGNUxOXM5XYltxJvSsDDfHHgNrY8AO3RTfdjv8i6aCx0fHrqE4%2FJc2eFsmiBeLjO2USHZPV%2F6t0TnzcGQ85Gr5Bf90%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Wed, 03 Nov 2021 16:39:17 GMT
server: cloudflare
etag: W/"636c18615b58fca9536b2e1c578c6db7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6c6a0f5c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 cr-framework__bulma.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/35291999472/1654531651565/__CR_Web_Platform/CSS/bulma/ 63 KB
9 KB 71ms
46ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/35291999472/1654531651565/__CR_Web_Platform/CSS/bulma/cr-framework__bulma.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c545256f2217ee841db63336dddc318198118b706001a05985fc1f9efc6551

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654531652721
date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272992
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yv74TBfLDUZdqJUfB1Dth93tE37gGIJXwVWelaNZg3OAIv%2FOu1FrEoRmTRSy0ECU3I4oNKOFhAHuWX0HyQ3SiwDjEcEgR98cVSYHjHGQ5nUVxeHxWxGCCrvKilil%2F6IHQBNTJ6lAXlWz9BRe9CA%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Mon, 06 Jun 2022 16:07:33 GMT
server: cloudflare
etag: W/"84c377016cc8d5f4c82d61754c144d63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6c6a115c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 cr-mln__build.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/42760289143/1654107482327/__CR_Web_Platform/CSS/ 20 KB
4 KB 68ms
44ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/42760289143/1654107482327/__CR_Web_Platform/CSS/cr-mln__build.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1d17f49687e707b10a61608d1a9cc4e01ab1e3e116bb03dffb058671ee7d092

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654107483525
date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 697192
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIll3J6w4n4s%2BZsxQmKb1IXAJMTBu%2BxOWjKx8kTUDN3QLNfsrsgmEgdXDhPWn2gb6%2BSjJGHJXlCanGh3GnN2%2BeNki9mRVw6QobgxVNPftgjjidz5z4IWez4JzSZ1pDeYrkBeon5tCAuyNUbNGSM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Wed, 01 Jun 2022 18:18:04 GMT
server: cloudflare
etag: W/"f63856775f345cf13be72533fa213899"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P2
cf-ray: 72398c6c7a175c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 cr-logo-inline--primary-white.png
www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/ 4 KB
4 KB 10ms
9ms Image
image/webp 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/cr-logo-inline--primary-white.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 88badf53b16ffe06a7c8c98815c8cb08635b4037feef05703226fa5b7c63a1fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
last-modified: Fri, 03 Dec 2021 18:09:12 GMT
x-cdn: Imperva
etag: "9fa007f86be3dd9a921a2d00bf86f36e"
content-type: image/webp
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1642) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=887295, public
content-length: 4000
expires: Mon, 11 Jul 2022 02:39:14 GMT

GET
H2 200 israel-hs-circle.png
www.cybereason.com/hubfs/dam/images/images-web/headshots/ 400 KB
400 KB 10ms
9ms Image
image/png 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/headshots/israel-hs-circle.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2ede6a21b324d76960dbbc7036fcb5d48bd8a5d69b93f4ef0fb8266ae31fc515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
last-modified: Tue, 03 May 2022 20:43:01 GMT
x-cdn: Imperva
etag: "0d5a86c84904f1ecad130991049f53d0"
content-type: image/png
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1787) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=809654, public
content-length: 409304
expires: Sun, 10 Jul 2022 05:05:13 GMT

GET
H2 200 tim-amey-hs-circle.png
www.cybereason.com/hubfs/dam/images/images-web/headshots/ 1022 KB
1022 KB 17ms
14ms Image
image/png 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/headshots/tim-amey-hs-circle.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6a927b3ecf7e92de249172cbcd84627ba74e73bd8db15f3b3952103126ab3237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
last-modified: Tue, 03 May 2022 20:43:01 GMT
x-cdn: Imperva
etag: "416a46e112983c205fca3939154b0a58"
content-type: image/png
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1800) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=864574, public
content-length: 1046143
expires: Sun, 10 Jul 2022 20:20:33 GMT

GET
H2 200 jj-circle-headshot.png
www.cybereason.com/hubfs/dam/images/images-web/headshots/ 71 KB
71 KB 30ms
19ms Image
image/webp 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/headshots/jj-circle-headshot.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 18a569c479194250ed431bbecbeb6b2f91b7bc98c22d214e5cfd3f0aee4971d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
last-modified: Tue, 12 Apr 2022 19:35:01 GMT
x-cdn: Imperva
etag: "8628600554a85d53cab1814bf3f463bc"
content-type: image/webp
x-iinfo: 13-63287387-63287342 2CNN RT(1656619858018 1809) q(0 0 0 -1) r(0 0)
cache-control: max-age=1023029, public
content-length: 72496
expires: Tue, 12 Jul 2022 16:21:28 GMT

GET
H2 200 cr-logo-inline--secondary-white.png
www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/ 4 KB
4 KB 26ms
16ms Image
image/webp 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/cr-logo-inline--secondary-white.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 30be525067a4b3b886855264b9f690bbbe8d45e7aaf1381551ce0471199a316d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
last-modified: Fri, 03 Dec 2021 18:05:31 GMT
x-cdn: Imperva
etag: "f7b01dd89c601e517ec3110da848c0cd"
content-type: image/webp
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1811) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1028220, public
content-length: 3988
expires: Tue, 12 Jul 2022 17:47:59 GMT

GET
H2 200 module_55919211696_CR_-_LP_-_Hero_--_Full_Flex_--_Attack_Sim_--_All_Centered.min.js Show response
cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/55919211696/1655227111759/ 356 B
681 B 39ms
39ms Script
application/javascript 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/55919211696/1655227111759/module_55919211696_CR_-_LP_-_Hero_--_Full_Flex_--_Attack_Sim_--_All_Centered.min.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95e434e341733ff433604b231b188df10130f774c53ed8f706191b6cec580cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1655227111759
date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10164
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZDJZc6Q9kvL7N%2Bjr6i3c4SWXBr7a3wFrUQl3hl1eRhdoaYGTlp6I%2BFlNzUimZyUAtcF9v2Bw2UhGmCEAP5YLDlnocS%2BxSCWiSCPUMm1ew4UDnkJUYOU8m0Xg1AOiie49c0jX9ds5RndL1xwypY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 14 Jun 2022 17:18:32 GMT
server: cloudflare
etag: W/"623a7dc85ba8ff451d8b64bac9aa272b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6d3b7d5c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 3354902.js Show response
www.cybereason.com/hs/scriptloader/ 1 KB
694 B 216ms
207ms Script
application/javascript 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6fbb8b26d99cd60bf31a3c832a71cd7e5ed40d58079adfa48f2fc7732653b705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 20:08:46 GMT
x-cdn: Imperva
etag: "86c51e95"
content-type: application/javascript;charset=utf-8
x-iinfo: 13-63287387-63287675 3CNN RT(1656619858018 1816) q(0 0 0 -1) r(0 2)
cache-control: max-age=48, public
content-length: 506
expires: Thu, 30 Jun 2022 20:11:47 GMT

GET
H2 200 _Incapsula_Resource Show response
www.cybereason.com/ 145 KB
21 KB 35ms
26ms Script
application/javascript 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=447252099
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 59faa5a9c84137ef5dfaccb399ebc9063a50ec9cdeac395d38d42c2f715a9d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 20974
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 395 KB
86 KB 165ms
74ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

468aaf98493ae682d8014dfe5e0ffd4428c49f8a4668a30a5fd18154d40ec738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87936
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 19:50:18 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Jun 2022 20:11:00 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 63ms
32ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/cr-master__main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/cr-master__main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 648426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
timing-allow-origin: *
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1pycL3kuLfLprvLtnu8nMEFBY0wdkffEV5N0U4Si6bSmmMf%2Bsb0vx54%2B6dbWD8gmdtcwLd3oVhRs0JAsRFIvcYqp%2FbsPjhAOxihh%2BCAulTJlb2fJded4aC4f7t6oNfpX3sZtvwo4KpU%2B6vRasC%2BZCKN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72398c6d9fc2bb9d-FRA
expires: Tue, 20 Jun 2023 20:11:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
1 KB 129ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/cr-master__main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbd7f1d813cc432777765f0866d0e138226bee883d39f872182999519463c680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/cr-master__main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 20:09:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Jun 2022 20:11:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Jun 2022 20:11:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
990 B 130ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/cr-master__main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

327bff03815a03aa28f368d2736190b3a501918044016aade71ab4163d2c3350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/cr-master__main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 20:11:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Jun 2022 20:11:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Jun 2022 20:11:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 46 KB
2 KB 140ms
58ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/cr-master__main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdb0cc0715f6956f1d044503fa5793eec23a76b79c2d74fbff3be44315f137a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/cr-master__main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 20:11:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Jun 2022 20:11:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Jun 2022 20:11:00 GMT

GET
H2 200 cr-master__main.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/ 47 KB
9 KB 43ms
36ms Other
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/cr-master__main.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8094f06152627e1ab27a06d18b2b2cd4f01bbfe5c0193d76a59ac68b15f1c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1655232781901
date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1387048
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnnbtMxcyFI2bGavsdW0qEW6w4W%2FQAkm6Ftcq1arlth00JINXcQTTubuhE5XDUG9s8ikVrzSAYFVPoV%2Fo1BpjXIG5O7Ethd6K0jzvDoBn%2FELl%2BnCtHDMvai6z2fsRR5z%2Fd6dJpuOHTI6K2mspeY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 14 Jun 2022 18:53:02 GMT
server: cloudflare
etag: W/"c38df40560bd135a7c40d446b7a02fd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6e6d5d5c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 cr-master__cta.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470223313/1655232518190/__CR_Web_Platform/CSS/ 3 KB
1 KB 40ms
33ms Other
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470223313/1655232518190/__CR_Web_Platform/CSS/cr-master__cta.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c31a94a2a97f5b5fe19d6d4081c9c66400d9483fc65d62d4ef8ca83b5c2fb57a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1655232518974
date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1387293
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KWYwxzqFnOV1eVuQZhJxzKoFBdbKOlt3MJimHMfnV5otvKoKvMGpXq1xkOy%2FscgGIDGGvL53sU4nJSYSyTinnS7SKJAWUCfNtL0WiwOfji6Cfvk3g3uYw2%2BPYAv4s81DP4B294Y%2Fi6LQulaUr0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 14 Jun 2022 18:48:39 GMT
server: cloudflare
etag: W/"29d616ce2740000b02cc9cacae33a2db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6e6d5f5c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 cr-framework__bulma-columns.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470224480/1635957556830/__CR_Web_Platform/CSS/bulma/ 19 KB
3 KB 39ms
32ms Other
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470224480/1635957556830/__CR_Web_Platform/CSS/bulma/cr-framework__bulma-columns.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c836c05ab1f2d37b7aa60d509a656c7a441e2a4fabf035c1b0666a4daa50fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957556893
date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1782680
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6JneRp0znGJUV%2BmsSph7dQ0V2avOwr8eKTMSmYEIhxC9EJq%2Bcz40xsoG3iQnAiy6je%2FixEn%2FgfmeHGqZAZIDlgxh7nEwaIz8K5XZB1AijFlTwUxZ38sdP%2FwkRYvwLVd4NSp%2FwKoKh%2Fgm89b77M%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Wed, 03 Nov 2021 16:39:17 GMT
server: cloudflare
etag: W/"636c18615b58fca9536b2e1c578c6db7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 72398c6e6d625c38-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 cr-bg-abstract-black-yellow-logo-04.jpg
3354902.fs1.hubspotusercontent-na1.net/hubfs/3354902/dam/images/images-web/backgrounds/ 547 KB
548 KB 1863ms
1823ms Image
image/jpeg 2606:4700:4400::ac40:9ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3354902.fs1.hubspotusercontent-na1.net/hubfs/3354902/dam/images/images-web/backgrounds/cr-bg-abstract-black-yellow-logo-04.jpg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bad7e0bac49c5fa8a0c1355bff45f53623820d2f91ab5c036e447a8fd334264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-76329977227,FD-35190309106,P-3354902,FLS-ALL
x-amz-request-id: Y78PQR51WQ09X0E5
x-amz-server-side-encryption: AES256
edge-cache-tag: F-76329977227,FD-35190309106,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "0f22f6e86111c828a8a2c85833cd7137"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1655223878622
date: Thu, 30 Jun 2022 20:11:02 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA2-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
content-length: 559709
x-amz-id-2: AMOUDzeoeltFUvCNkFOSZUaznzvLRiXs7CzM9aoK7sqxfwtaTMpu0yP4+lk/j6V6QCXvlaM/swM=
last-modified: Tue, 14 Jun 2022 17:25:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: jjMVRn78AoX66ViSaqgIMogZ5UBxcbxj
accept-ranges: bytes
cf-ray: 72398c6eca079bd6-FRA
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-id: J4aOK6da1hwhk77KGs0z1jo7KJnmwNgHdY5lJiLtF3urLlhp9RRTgA==

GET
H2 200 Peristyle-Bold.woff2
www.cybereason.com/hubfs/dam/fonts/peristyle/ 15 KB
15 KB 9ms
8ms Font
application/font-woff2 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/fonts/peristyle/Peristyle-Bold.woff2
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/cr-master__main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 42ca97255c160f4b6460ffeaa38a7706685eaebd5145b45191a5c9c2d7c87c1d

Request headers

Referer: https://cdn2.hubspot.net/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
last-modified: Fri, 15 Oct 2021 16:32:36 GMT
x-cdn: Imperva
etag: "cf9e69c1431a9c5b982b1f9092620f10"
content-type: application/font-woff2
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1831) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=904621, public
content-length: 15240
expires: Mon, 11 Jul 2022 07:28:00 GMT

GET
H2 200 FlamCondBook.woff2
www.cybereason.com/hubfs/dam/fonts/flama/ 14 KB
14 KB 11ms
10ms Font
application/font-woff2 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/fonts/flama/FlamCondBook.woff2
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1655232780816/__CR_Web_Platform/CSS/cr-master__main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2ca281bdcd543e2e3559e6505c323c8d64df73f2a594a043780df3007e16d161

Request headers

Referer: https://cdn2.hubspot.net/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
last-modified: Fri, 10 Dec 2021 14:25:11 GMT
x-cdn: Imperva
etag: "9b97cc4b573f2e8b6ead12339a15b141"
content-type: application/font-woff2
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1834) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=841072, public
content-length: 14544
expires: Sun, 10 Jul 2022 13:48:51 GMT

GET
H2 200 Cybereason%20vs.%20%20(1).gif
www.cybereason.com/hs-fs/hubfs/ 5 MB
5 MB 11ms
8ms Image
image/gif 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Cybereason%20vs.%20%20(1).gif?width=900&name=Cybereason%20vs.%20%20(1).gif
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: fae97720cc87bd389d1798495de074a94dcebf3b166fbbdb8fe931b8d220e907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
last-modified: Thu, 21 Jan 2021 11:00:08 GMT
x-cdn: Imperva
etag: "220f6d6721685e83af133814b28c5473"
content-type: image/gif
x-iinfo: 13-63287387-63287342 2CNN RT(1656619858018 1844) q(0 0 0 -1) r(0 0)
cache-control: max-age=1025861, public
content-length: 4837433
expires: Tue, 12 Jul 2022 17:08:40 GMT

GET
H2 200 json Show response
www.cybereason.com/_hcms/forms//embed/v3/form/3354902/c5e8d976-3f28-4cb8-b790-e8ce1474443e/ 10 KB
4 KB 200ms
199ms XHR
application/json 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybereason.com/_hcms/forms//embed/v3/form/3354902/c5e8d976-3f28-4cb8-b790-e8ce1474443e/json?hutk=

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.64.106 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc70b5334393eecc8c7549d4b9bd7d3977fc785afc0b808fa598245e8692f829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-cdn: Imperva
x-hubspot-correlation-id: aaf845a1-31aa-4f20-b157-823757b3f274
cf-ray: 72398c6edc73b8c1-AMS
x-iinfo: 13-63287387-63287390 PNNN RT(1656619858018 1875) q(0 0 0 -1) r(2 2) U2
access-control-allow-methods: OPTIONS, GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
x-trace: 2B1460FA5C2B889510B36CE01638A8AD1495B93B39000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6pPw7a%2Bp1ZcfK0PbicJffCKepsFKTQo4dh8%2FXWJas4rquZN5So0n%2BOPUOZr3grlkW6pm23f4m3zqPkq4tSjLYFNj7e%2BXB%2BMpNaSAHL5yV3nl3lC8YaPnzwfZsfzodnwTwIo7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *

GET
H2 200 ionicons.ttf
www.cybereason.com/hubfs/__dam/fonts/ 184 KB
107 KB 19ms
18ms Font
font/ttf 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/__dam/fonts/ionicons.ttf
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/35275979682/1642096258129/__CR_Web_Platform/CSS/ionicons.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Referer: https://cdn2.hubspot.net/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:10:59 GMT
content-encoding: gzip
last-modified: Fri, 25 Sep 2020 09:38:00 GMT
x-cdn: Imperva
etag: W/"24712f6c47821394fba7942fbb52c3b2"
content-type: font/ttf
x-iinfo: 13-63287387-0 0CNN RT(1656619858018 1881) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=841082, public
content-length: 109801
expires: Sun, 10 Jul 2022 13:49:01 GMT

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B47rxz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 20 KB
20 KB 132ms
51ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B47rxz3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa1895205efb0ef0fa4232b6289c46a12bf07b9493598c2d50d3afe6d9ce9d9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 22:26:37 GMT
x-content-type-options: nosniff
age: 164663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20180
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:34:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 22:26:37 GMT

GET
H2 200 HTxxL3I-JCGChYJ8VI-L6OO_au7B43Lj2FHz.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 19 KB
20 KB 119ms
38ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxxL3I-JCGChYJ8VI-L6OO_au7B43Lj2FHz.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34e9c01aebc2b737a17ac5c0ae80d6391d64a8ef68db7c3dffbe4cef2b7ef7b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 08:52:11 GMT
x-content-type-options: nosniff
age: 127129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19664
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:22:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 08:52:11 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 164ms
83ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 287662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 12:16:38 GMT

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
760 B 196ms
155ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=3354902&callback=jsonpHandler

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: da3af794-935b-4ed7-afd9-e76b0568728e
x-trace: 2B97F8102B86E717D4A9E3B1C7C0DC992333BC97EF000000000000000000
date: Thu, 30 Jun 2022 20:11:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
cf-cache-status: DYNAMIC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=72398c6f3e429b64&resource=unknown"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 72398c6f3e429b64-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 l
use.typekit.net/af/343335/00000000000000003b9b0ad0/27/ 16 KB
16 KB 27ms
6ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/343335/00000000000000003b9b0ad0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 599dd661a1d9e0af96d614fab0ea7396bf06de4265029166a265c2b10cc1a1b0

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
server: nginx
etag: "eedb93b5a9ba82f97df21a2548066c304a8baad8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16112

GET
H2 200 l
use.typekit.net/af/4b34d2/00000000000000003b9b0acf/27/ 16 KB
16 KB 32ms
11ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4b34d2/00000000000000003b9b0acf/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f3f2822ba3d24c1f7f53bff8959801c644b2c1c556eb8c15ca36a86717f1ae7d

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
server: nginx
etag: "2d91046573f0e4458e7737f18f00bb9c13388e11"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16256

GET
H2 200 l
use.typekit.net/af/cb6232/00000000000000003b9b0ad8/27/ 15 KB
15 KB 31ms
10ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cb6232/00000000000000003b9b0ad8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f64368e7be69abe40585911860d83acfa8b14179d3008b2594166ae4c10ec0fd

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
server: nginx
etag: "865da7d2ecc4da3cb6bd5574f01738cfc5c8bb11"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15452

GET
H2 200 l
use.typekit.net/af/abc1c3/00000000000000003b9b0ac9/27/ 16 KB
16 KB 28ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/abc1c3/00000000000000003b9b0ac9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 72493a3f42ed0260f03b6ffd3ea131be38a1070845bfae24927f643a3fcf3255

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
server: nginx
etag: "8c3ee2b4e977df4e0f73e1b985c24fba9611fc49"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16660

GET
H2 200 l
use.typekit.net/af/62203f/00000000000000003b9b0ac8/27/ 17 KB
17 KB 34ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/62203f/00000000000000003b9b0ac8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5c8d63abd4075c4ebd692fbd02e35fb72950f214a6486607c1819d4279ad526f

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
server: nginx
etag: "7b5be73a29b093f7ae3c099f5a521c9274f6db28"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17152

GET
H2 200 l
use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/ 16 KB
16 KB 37ms
16ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: dd8ce52adc4b0ab60f82c29ba12f25e2f6446245fc8c0b5f4bd6dab3146f9ef7

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
server: nginx
etag: "b9e1ecdf0fe601a7e9dfc362b400290203e7b31c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16464

GET
H2 200 l
use.typekit.net/af/cfbead/0000000000000000000146b3/27/ 23 KB
23 KB 37ms
17ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cfbead/0000000000000000000146b3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 875f8e591b4fbc6567e2b33553bea9ca2d0e18593bd857783a569fe7bf4ba097

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
server: nginx
etag: "122498e3424e674610da39fb441d661549879239"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23244

GET
H2 200 l
use.typekit.net/af/f50d41/00000000000000003b9b2c84/27/ 15 KB
15 KB 33ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f50d41/00000000000000003b9b2c84/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0b454edb897d49bf8a73b07627b670a55f0972988094770495a308e5a5e39d1b

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
server: nginx
etag: "13c2813ff67959226aaa4eccfcdd1399bd756b8d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15336

GET
H2 200 _Incapsula_Resource
www.cybereason.com/ 1 B
35 B 9ms
8ms Image
text/plain 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5799323251327722
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 44ms
6ms Image
image/gif 2a02:26f0:3500:16::215:1494
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=vyv2ljd&ht=tk&h=www.cybereason.com&f=32224.32226.32227.32228.32230.32231.10875.32265&a=657783&js=1.21.0&app=typekit&e=js&_=1656619860370
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1494 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 3354902.js Show response
js.hs-analytics.net/analytics/1656619800000/ 63 KB
20 KB 194ms
154ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1656619800000/3354902.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdd92f4f344ad8f45df20000fe365c776b45b5fe29bad3dabfd16c0f8266bf05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: ZGF44NSG31X46GY7
x-amz-server-side-encryption: AES256
cf-ray: 72398c702de9bbf7-FRA
x-amz-id-2: kfntFWuavd4cAvtSao6ThFwdx0WH2jZ5PnmxHhne76FT48XUla3L9JsNJxZOZ2IdyYtlYh0kYLM=
last-modified: Wed, 15 Jun 2022 01:04:00 GMT
server: cloudflare
etag: W/"e3ca3f67c3312e1b3d5a5fa70831ef46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Thu, 30 Jun 2022 20:16:00 GMT

GET
H2 200 3354902.js Show response
js.hs-banner.com/ 60 KB
16 KB 51ms
18ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3354902.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 433e587206c31e00a841c939942db662bb0bfb58a1611a3f558e921afcfe75a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 76
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: 9JGVXH0CBVSRAGJP
x-amz-id-2: CxsnMc78YVRK+YXhax0oNFi42xaarjuvVsRN7iJdNzruYYbKsu2d+pX72SPWSlZbk+UVBUD5jfM=
timing-allow-origin: *
last-modified: Wed, 15 Jun 2022 01:05:23 GMT
server: cloudflare
etag: W/"f97ec854ca1bfd2ab3f728e707317875"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: boHGmUJFyPUw2tOZZORNaKr6WjCelvE3
access-control-allow-origin: https://www.cybereason.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 72398c702cde5bf9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Thu, 30 Jun 2022 20:14:44 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 547 KB
88 KB 53ms
35ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd03eda5317d9d62243195e41b4b52d55640561480d2682fcf6daf9b90987434

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
via: 1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 29796
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1092/bundle/main/lead-flows-release.js&cfRay=7236b4fddbf49a30-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 72398c7008299a2f-FRA
last-modified: Tue, 14 Jun 2022 09:22:35 UTC
server: cloudflare
etag: W/"4d9060d46ded886725fdadd2918d8827"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: Ln2dBnu66WcBGVnZb6Z.xnR7vFzaf.57
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 0TB-end1CkYtfsLbsCTc5Z1xYV77wv4unaBu8ot4ROUEA8RMl6e1bw==
x-hs-target-asset: lead-flows-js/static-1.1092/bundle/main/lead-flows-release.js

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
69 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SSF38JVRVJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65795809a3f9ae73c33a0130a04991c0882b94f74a1ed8fc1dca3fff21e8928d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71040
x-xss-protection: 0
expires: Thu, 30 Jun 2022 20:11:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 140ms
56ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 20:11:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 32ms
9ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 20:11:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=70824
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 41ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kjyo7100130-IAD, cache-hhn11578-HHN

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 63ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 96328C2911804CC7BB7FEF6ED3E3201F Ref B: FRAEDGE1208 Ref C: 2022-06-30T20:11:00Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 30 Jun 2022 20:10:59 GMT
accept-ranges: bytes
content-length: 11360

GET
H3

200

activityi;dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhun... Show response
10272547.fls.doubleclick.net/ Frame CF5B
Redirect Chain

https://10272547.fls.doubleclick.net/activityi;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2F...
https://10272547.fls.doubleclick.net/activityi;dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2F...

776 B
612 B

105ms
45ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10272547.fls.doubleclick.net/activityi;dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

ac892f3c59d3f46c5ae0e739a1c31b684fbdca0cf1cba3a8394cf26f68bb1456

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 587
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 20:11:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 20:11:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10272547.fls.doubleclick.net/activityi;dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-704918.js Show response
static.hotjar.com/c/ 4 KB
2 KB 68ms
39ms Script
application/javascript 65.9.66.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-704918.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-112.fra56.r.cloudfront.net

Software

Resource Hash

4f8410f013058de27b95c5e8131036c9adaaeaabc63a5ecb90a1f9e8f181be5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=900; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-C1
etag: W/ee80d5f10e0fb945d2c0784b6cd0698a
strict-transport-security: max-age=900; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: Srkvg4eymA8TT3CKr9y5ikpo9ZU2g_nTc2axbGqqjwnVKJdlplGKkw==
via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 24 KB
8 KB 41ms
7ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 18 Apr 2022 22:30:59 GMT
server: snooserv
etag: "5dcf2f59e7a6e0d30193fedad78db790"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
accept-ranges: bytes
content-encoding: gzip
content-length: 7461

GET
H3

200

activityi;dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunt... Show response
10272547.fls.doubleclick.net/ Frame 4673
Redirect Chain

https://10272547.fls.doubleclick.net/activityi;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fh...
https://10272547.fls.doubleclick.net/activityi;dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fw...

775 B
613 B

102ms
43ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10272547.fls.doubleclick.net/activityi;dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

f930a09aad371b7ffc7432476473928d6a44d9eb7cc71630bfa55faf92a3dc49

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 588
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 20:11:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 20:11:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10272547.fls.doubleclick.net/activityi;dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter... Show response
10428681.fls.doubleclick.net/ Frame C30B
Redirect Chain

https://10428681.fls.doubleclick.net/activityi;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhun...
https://10428681.fls.doubleclick.net/activityi;dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww...

773 B
603 B

102ms
43ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10428681.fls.doubleclick.net/activityi;dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

ce881dc95896693e0f88ea5a960fe574f4e2ad7a8a05d4ff6846b29ca8143257

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 578
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 20:11:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 20:11:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10428681.fls.doubleclick.net/activityi;dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1cwYCUDAYD26hHzYzki9 Show response
ws.zoominfo.com/pixel/ 2 KB
1 KB 219ms
179ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/1cwYCUDAYD26hHzYzki9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3d6f7f4b5314d01b6466d5b95e62fa7387d6391273b094b6e485fee9090be427

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 72398c70981d9279-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
via: 1.1 google

GET
H2 200 3354902.js Show response
js.hs-scripts.com/ 1 KB
957 B 165ms
132ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3354902.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a9b26feeb019b0f4d31de16b470f4aefdb42ea158105601341521e0e6eb6141

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: f7aeeddd-bedd-4395-bf89-099c642acc8e
last-modified: Thu, 30 Jun 2022 20:02:15 GMT
server: cloudflare
x-trace: 2B4A9C8B567785DF79928906CCD772FB10EBE2D36D000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cybereason.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 72398c709fe8bc01-FRA
expires: Thu, 30 Jun 2022 20:12:00 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 2 KB
1 KB 60ms
31ms Script
text/javascript 2606:4700:4400::6812:2a27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: cpjwr04.na1.hubspotlinks.com
URL: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7CgGM-VNjlWh8LnjwpW43MtyL8k22kxW5Vtrdg4w-DSlW2zVNKC1yNPplW212gZB9blTg1W1KKXzm32czvZW426cv1267jTyW8PDHwx3V3b2ZW1w39jj2ZWkv-W6PsqHh665LH9W2mpJNS5QtvKMW1nx5TW7RQ9rfW1x6vzV1lgMw0VnFCM_1pcKC_W2GBTv_8Q9pfqW84FyqK2-Hp7rW4MLMqL1l32ZvW7tsj_B3-YqyVW3gSwnG1-6s_xV-BLYt4CzL6jW3rXZbH8wjbMhN48SbWJ6J_0gW289_JG5P6WRdW81nRmG4L5v4jVGL27T4pYyGpW41pZlx8cgynv35zw1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Oct 2021 14:31:37 GMT
server: cloudflare
age: 452
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Thu, 30 Jun 2022 20:13:28 GMT
cache-control: max-age=1200
cf-ray: 72398c708b47693f-FRA
cf-bgj: minify

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 98ms
31ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: cpjwr04.na1.hubspotlinks.com
URL: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7CgGM-VNjlWh8LnjwpW43MtyL8k22kxW5Vtrdg4w-DSlW2zVNKC1yNPplW212gZB9blTg1W1KKXzm32czvZW426cv1267jTyW8PDHwx3V3b2ZW1w39jj2ZWkv-W6PsqHh665LH9W2mpJNS5QtvKMW1nx5TW7RQ9rfW1x6vzV1lgMw0VnFCM_1pcKC_W2GBTv_8Q9pfqW84FyqK2-Hp7rW4MLMqL1l32ZvW7tsj_B3-YqyVW3gSwnG1-6s_xV-BLYt4CzL6jW3rXZbH8wjbMhN48SbWJ6J_0gW289_JG5P6WRdW81nRmG4L5v4jVGL27T4pYyGpW41pZlx8cgynv35zw1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:00:31 GMT
content-encoding: gzip
age: 629
x-guploader-uploadid: ADPycdvpi4txzRUdaGzdBvOdZ33TmbT4C2C68P26dyBYVTFzpanN0B6B4535wLThuP4TNqSiZK6-C-teELyNSou82MKXuw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Thu, 30 Jun 2022 21:00:31 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 127ms
16ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 302051
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: c3308d537e285be30c762386c2660281

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 65ms
25ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506452&mt_adid=241675&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x4 config:1.0.0 /
Resource Hash: 8276d60cb14dcb7bf262b67edf850713d61a995f881b9fefe86118a7c9e837af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 20:11:00 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x4 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1485
Expires: Thu, 30 Jun 2022 20:10:59 GMT

GET
H2 200 zdcd6x8yhg85.js Show response
js.driftt.com/include/1656620100000/ 210 KB
60 KB 186ms
134ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1656620100000/zdcd6x8yhg85.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

aa69fadd2520bef455327ee2faafd79a6f8761fc485940b1c579ef1fe9bc6539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 19:02:58 GMT
server: nginx
etag: W/"7c6cfeeb49e61c081eaf48d32e1ae0fb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EH2o7wNBjUvQS1KcF7qGW4x9Bysywsq5
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mucyHrSGvLtv4OSPEnaYW1co2ELk9FajKYc4XgZe6RhnSmu1XFh6wA==

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 595 KB
110 KB 39ms
7ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

43540081ae33f1c3921efeb0d7c6388cd5206ee7185188a3f331559222ef341e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
vary: Accept-Encoding
age: 2072
x-cache: HIT, HIT
content-length: 112096
x-served-by: cache-iad-kiad7000177-IAD, cache-hhn4052-HHN
access-control-allow-origin: *
x-browser-version: 103
last-modified: Thu, 30 Jun 2022 18:05:09 GMT
x-timer: S1656619861.619750,VS0,VE0
etag: "62bde5d5-1b5e0"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 372

GET
H2 403 lt-v2.min.js
lltrck.com/ 0
0 308ms
99ms Script
text/html 34.192.106.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/lt-v2.min.js
Requested by: Host: cpjwr04.na1.hubspotlinks.com
URL: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7CgGM-VNjlWh8LnjwpW43MtyL8k22kxW5Vtrdg4w-DSlW2zVNKC1yNPplW212gZB9blTg1W1KKXzm32czvZW426cv1267jTyW8PDHwx3V3b2ZW1w39jj2ZWkv-W6PsqHh665LH9W2mpJNS5QtvKMW1nx5TW7RQ9rfW1x6vzV1lgMw0VnFCM_1pcKC_W2GBTv_8Q9pfqW84FyqK2-Hp7rW4MLMqL1l32ZvW7tsj_B3-YqyVW3gSwnG1-6s_xV-BLYt4CzL6jW3rXZbH8wjbMhN48SbWJ6J_0gW289_JG5P6WRdW81nRmG4L5v4jVGL27T4pYyGpW41pZlx8cgynv35zw1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.106.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-106-225.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 6e1424cff90e9cd4.min.js Show response
tag.demandbase.com/ 67 KB
19 KB 77ms
13ms Script
application/javascript 143.204.215.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/6e1424cff90e9cd4.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-43.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d279982ef90edd594effd108c4e40326550e04992973d3b529504b70ce163219

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 2PXYmVCDou2wZ_QlW8Kfmtc8oBtjc4ln
content-encoding: gzip
etag: W/"d54f5faec95283d00dc24a7086ee2dc3"
age: 3367
x-cache: Hit from cloudfront
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 17:06:13 GMT
server: AmazonS3
date: Thu, 30 Jun 2022 20:11:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: dTafhEv8eN39Xw99G3nDMyHBiYhCa1ksiZ4X77tP7jvscEqu4Clx7w==

GET
H2 200 airpr.js Show response
px.airpr.com/ 7 KB
2 KB 36ms
7ms Script
application/javascript 143.204.215.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.airpr.com/airpr.js
Requested by: Host: cpjwr04.na1.hubspotlinks.com
URL: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VX6TdY5TB1hkW2pfjTg8vXSV8V7Wb0N4LXPv6N824DzJ3q90pV1-WJV7CgGM-VNjlWh8LnjwpW43MtyL8k22kxW5Vtrdg4w-DSlW2zVNKC1yNPplW212gZB9blTg1W1KKXzm32czvZW426cv1267jTyW8PDHwx3V3b2ZW1w39jj2ZWkv-W6PsqHh665LH9W2mpJNS5QtvKMW1nx5TW7RQ9rfW1x6vzV1lgMw0VnFCM_1pcKC_W2GBTv_8Q9pfqW84FyqK2-Hp7rW4MLMqL1l32ZvW7tsj_B3-YqyVW3gSwnG1-6s_xV-BLYt4CzL6jW3rXZbH8wjbMhN48SbWJ6J_0gW289_JG5P6WRdW81nRmG4L5v4jVGL27T4pYyGpW41pZlx8cgynv35zw1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-10.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:00:59 GMT
content-encoding: gzip
last-modified: Sat, 21 Apr 2018 18:03:55 GMT
server: nginx
age: 4201
etag: "5adb7d0b-853"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA53-C1
content-length: 2131
x-amz-cf-id: W0gJ3K4QFhSkkK1aigtM5hT5c8XRSQZWGDr9a3Dpijx8zlFE_k4YoA==
expires: Fri, 01 Jul 2022 07:18:39 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 23:04:45 GMT
x-content-type-options: nosniff
age: 162375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 23:04:45 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 22:25:46 GMT
x-content-type-options: nosniff
age: 164714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 22:25:46 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1656619860586&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3F_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D72596%26time%3D1656619860586%26url%3Dhttps%253A%252F%252Fwww.cybereason.com%252Fa...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1656619860586&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3F_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1656619860586&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3F_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfh...

0
264 B

265ms
210ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1656619860586&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3F_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_campaign%3DAttack%2520Sims%26utm_content%3D217950972%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D217950972&liSync=true&e_ipv6=AQI6jkhUXDWMZwAAAYG2PQTQR5MY136dfQPZJdeYrrVHljbPnHxTOe7tnyTS49hKtcMcYTe1
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A94629E351CD4D909D6A659B78AFD546 Ref B: VIEEDGE2015 Ref C: 2022-06-30T20:11:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXir95emsFawqAyghYdWA==
x-li-fabric: prod-lor1

Redirect headers

date: Thu, 30 Jun 2022 20:11:01 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E5E42E55DF614FA695AE862705130D90 Ref B: VIEEDGE2319 Ref C: 2022-06-30T20:11:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1656619860586&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3F_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_campaign%3DAttack%2520Sims%26utm_content%3D217950972%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D217950972&liSync=true&e_ipv6=AQI6jkhUXDWMZwAAAYG2PQTQR5MY136dfQPZJdeYrrVHljbPnHxTOe7tnyTS49hKtcMcYTe1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXir95alTDbZd8uUkY0aQ==

GET
H2 200 adsct
t.co/i/ 43 B
338 B 137ms
117ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=cf4168b4-4a65-4755-9260-e6f389a29c4f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=19bdc0bd-499c-481c-ac5a-ddd078557ae1&tw_document_href=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny0ol&type=javascript&version=2.4.12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 110
date: Thu, 30 Jun 2022 20:11:00 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 356421eefb3fdd32930d7a49f81de9dda5268476789579e6f3abe51f498ff865
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
354 B 144ms
124ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=cf4168b4-4a65-4755-9260-e6f389a29c4f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=19bdc0bd-499c-481c-ac5a-ddd078557ae1&tw_document_href=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny0ol&type=javascript&version=2.4.12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 117
date: Thu, 30 Jun 2022 20:11:00 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: a433d01497e3c21b0c6b9fbef18ca37ad2605c8220e8d55bae93a72f3e87a987
content-length: 43

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 133ms
111ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1656619860594&id=t2_32cbm2fl&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=fde01c9e-16dc-4eff-babc-a76b9aa30831&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_90e98f9f
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
340 B 106ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SSF38JVRVJ&gtm=2oe6t0&_p=722171177&_z=ccd.v9B&gcs=G100&cid=2084144712.1656619861&ul=en-us&sr=1600x1200&_s=1&sid=1656619860&sct=1&seg=0&dl=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&dt=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSF38JVRVJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 56273944.js Show response
bat.bing.com/p/action/ 219 B
493 B 357ms
356ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56273944.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

163eb6275eba2b44f68cb1cdf0ef5b0f417ed24aebd866c3cfef1ebf8c6ce683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 227F9DBC26464935953FD5BFD9FAFABC Ref B: FRAEDGE1208 Ref C: 2022-06-30T20:11:00Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Thu, 30 Jun 2022 20:11:00 GMT
content-length: 300

GET
H2 204 0
bat.bing.com/action/ 0
176 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56273944&tm=gtm002&Ver=2&mid=de633f29-9096-49bb-9a8c-fa2e9e6df4d3&sid=c2b47a30f8b011ec8957ab67191c73b0&vid=c2b49870f8b011ec9d9ad9b6e36bff56&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&p=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&r=&lt=2090&evt=pageLoad&msclkid=N&sv=1&rn=47582

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CFECE72F13DD49E68702E5C15BEE3FDC Ref B: FRAEDGE1208 Ref C: 2022-06-30T20:11:00Z
date: Thu, 30 Jun 2022 20:11:00 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.808591b6f22469c04dca.js Show response
script.hotjar.com/ 243 KB
63 KB 38ms
8ms Script
application/javascript 143.204.215.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.808591b6f22469c04dca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-704918.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-25.fra53.r.cloudfront.net

Software

Resource Hash

5f1e63391856d3352aed3ba6ed5906f1bf38a37330e26da15bd74844a241e80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=900; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 14:49:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19313
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=900; includeSubDomains
content-length: 64129
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 14:48:22 GMT
etag: "bad13d85a356bdf283d8d6c9dac34800"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Q2IcUNgz_8r8AT3mmIZkHSGOl9pHYZESx-1Q9pkQXRXEEJppmA9xsg==

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
324 B 485ms
120ms Image
image/gif 206.19.49.24
ATT-CERFNET-BLOCK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=16570449&version=2.1.1&ref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&r=1656619860624
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN17225 (ATT-CERFNET-BLOCK, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 20:11:01 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
Server: Apache/2.4.6 (CentOS)
ETag: "2b-5850384029cff"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 43

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 223ms
162ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Jun 2022 20:11:01 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 06639d29c177262e26e6bf4c9108058d
function-execution-id: 0m2ztvrnqji9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 213ms
146ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cybereason.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 20:11:00 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: zroit7xznyyl
server: Google Frontend
x-cloud-trace-context: 9373000759e8ca9a4880a9077bcb718e
x-powered-by: Express

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/934771702/ 3 KB
1 KB 177ms
70ms Script
text/javascript 2a00:1450:401b:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934771702/?random=1656619860650&cv=9&fst=1656619860650&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:401b:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c944a902ee2dca0b6d5bf30c2507e76b6588426ffbe9b04a6bd9c70f0727abb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/561371164/ 3 KB
2 KB 159ms
69ms Script
text/javascript 2a00:1450:401b:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/561371164/?random=1656619860652&cv=9&fst=1656619860652&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:401b:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2092c7d96ad467b4da482317b4406ad6a635567da3968480c7988548358481e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/934771702/ 2 KB
1 KB 125ms
63ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/934771702/?random=1656619860652&cv=9&fst=1656619860652&num=1&value=0&label=lgc3COmO8-sBEPb33b0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&auid=1298849812.1656619860&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

48c20972edce24f03376563f318442b689a607ec9e22591be1524220725d94fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1429
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/401574070/ 2 KB
1 KB 124ms
64ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/401574070/?random=1656619860655&cv=9&fst=1656619860655&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&auid=1298849812.1656619860&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0eb72f7db8ece3000ed103a80ad77700b4ae7abd5f9f361ab6888f93e2d216ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1430
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame D2FA 2 KB
1 KB 36ms
8ms Document
text/html 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-704918.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-26.fra53.r.cloudfront.net

Software

Resource Hash

f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=900; includeSubDomains

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20473
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 14:29:47 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Thu, 30 Jun 2022 11:47:19 GMT
strict-transport-security: max-age=900; includeSubDomains
vary: Accept-Encoding
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-id: wVnW71VZqVRzz3Hp_HaUaEQIqv1ACqDk4Bq6KW8R0H3ZNm61DsFvYg==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 567C 705 B
1 KB 22ms
22ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=507462be-0354-4d00-aa59-5860cfd31aaa&no_iframe=1&mt_adid=241675&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1506452&mt_adid=241675&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x29 config:1.0.0 /
Resource Hash: 0a02cb2d7190c4675ee2cb667418b06615b563bc0b541fa4964518f48e98dfd2

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 705
Content-Type: text/html
Date: Thu, 30 Jun 2022 20:11:00 GMT
Expires: Thu, 30 Jun 2022 20:10:59 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master zrh-pixel-x29 config:1.0.0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
524 B 26ms
26ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x3 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 20:11:00 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x3 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 30 Jun 2022 20:10:59 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAGIhE7FfAcAABCmMnvzDw
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGIhE7FfAcAABCmMnvzDw&verifyHash=c230d55b48adc9a27f723b3b9fe60fe93498c514

26 B
409 B

192ms
192ms

Image
image/gif

143.204.215.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGIhE7FfAcAABCmMnvzDw&verifyHash=c230d55b48adc9a27f723b3b9fe60fe93498c514
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-97.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 20:11:01 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: e6def0dc58b74237
X-Amz-Cf-Id: WpwBcf1I3hT8FXByL_y6L9nnGZRFdiRp6OqchEs2tjmXYEXLQxGUbg==

Redirect headers

Date: Thu, 30 Jun 2022 20:11:01 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAGIhE7FfAcAABCmMnvzDw&verifyHash=c230d55b48adc9a27f723b3b9fe60fe93498c514
Connection: keep-alive
trace-id: 62d401ace02b28f4
Content-Length: 0
X-Amz-Cf-Id: ZWbBI8Oc-ySmU-xiSunuyPm__0uZRxbrTbDMxPxM9hO7iVMVJaeeoA==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 110ms
41ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 461 B
956 B 86ms
56ms XHR
application/json 143.204.215.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&page_title=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&src=tag&auth=MOftAmbp2Aha4tkNEmeyvcipKYfCUyVJMXpCWBMS
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/6e1424cff90e9cd4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-82.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 06294245f12818c2d04b2a9f1e1d9d5cadd44667f565cdc6f51c83aaf4dfef28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
request-id: e2bfc688-89f6-4865-aec4-fc71e9dcfbe6
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.cybereason.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: z3-5csW08rE7QawoLPc_ELKzQXeWPd4YTyfhOSBYQW88QI5OFxPHwg==
expires: Wed, 29 Jun 2022 20:11:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/934771702/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934771702/?random=87341241&cv=9&fst=1656619860652&num=1&value=0&label=lgc3COmO8-sBEPb33b0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u...
https://www.google.com/pagead/1p-conversion/934771702/?random=87341241&cv=9&fst=1656619860652&num=1&value=0&label=lgc3COmO8-sBEPb33b0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...
https://www.google.de/pagead/1p-conversion/934771702/?random=87341241&cv=9&fst=1656619860652&num=1&value=0&label=lgc3COmO8-sBEPb33b0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=...

42 B
64 B

129ms
52ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/934771702/?random=87341241&cv=9&fst=1656619860652&num=1&value=0&label=lgc3COmO8-sBEPb33b0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&auid=1298849812.1656619860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=VAO-YueSLLiP9fgPrYab4AM&cid=CAQSKQCNIrLMPJSxnwd85CSTwyHi9hJMQBNXTiJwKIaRDYMYhv1SZCPUuq2M&eitems=ChEI8JP1lQYQ87KtkcuFzoi6ARIdAHxAN_jUsdJRCU4skBECrGc3nBL97e9ofw9tONM&random=2472066897&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/934771702/?random=87341241&cv=9&fst=1656619860652&num=1&value=0&label=lgc3COmO8-sBEPb33b0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&auid=1298849812.1656619860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=VAO-YueSLLiP9fgPrYab4AM&cid=CAQSKQCNIrLMPJSxnwd85CSTwyHi9hJMQBNXTiJwKIaRDYMYhv1SZCPUuq2M&eitems=ChEI8JP1lQYQ87KtkcuFzoi6ARIdAHxAN_jUsdJRCU4skBECrGc3nBL97e9ofw9tONM&random=2472066897&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/401574070/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401574070/?random=1772891873&cv=9&fst=1656619860655&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/401574070/?random=1772891873&cv=9&fst=1656619860655&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/401574070/?random=1772891873&cv=9&fst=1656619860655&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
64 B

130ms
53ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/401574070/?random=1772891873&cv=9&fst=1656619860655&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&auid=1298849812.1656619860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=VAO-YvCQLP2H9fgPlZ25oA8&cid=CAQSKQCNIrLMtoHhz-9fuOJh1ksFm0-tdHaBWiNJ0G5RROsh1sysfvrQ7ljL&eitems=ChEI8JP1lQYQ87KtkcuFzoi6ARIdAHxAN_gTOcs2uKBChtMV0F74p-ZpHJwhIA-u9fE&random=298343462&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/401574070/?random=1772891873&cv=9&fst=1656619860655&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&auid=1298849812.1656619860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=VAO-YvCQLP2H9fgPlZ25oA8&cid=CAQSKQCNIrLMtoHhz-9fuOJh1ksFm0-tdHaBWiNJ0G5RROsh1sysfvrQ7ljL&eitems=ChEI8JP1lQYQ87KtkcuFzoi6ARIdAHxAN_gTOcs2uKBChtMV0F74p-ZpHJwhIA-u9fE&random=298343462&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F... Show response
adservice.google.com/ddm/fls/i/ Frame 654F 774 B
1 KB 164ms
75ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Requested by

Host: 10272547.fls.doubleclick.net
URL: https://10272547.fls.doubleclick.net/activityi;dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68fdb57f77373689d189e5f4769f1cb4a5c43c8659f6770278bf689b2301c581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10272547.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 587
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 20:11:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F06... Show response
adservice.google.com/ddm/fls/i/ Frame C8C3 772 B
648 B 165ms
76ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Requested by

Host: 10428681.fls.doubleclick.net
URL: https://10428681.fls.doubleclick.net/activityi;dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8181ebe15c6c3e9bc86cb4d209e035d3d3498dd6ef2ce3a19cd28faf744f49ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10428681.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 578
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 20:11:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2... Show response
adservice.google.com/ddm/fls/i/ Frame A58D 775 B
653 B 163ms
76ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Requested by

Host: 10272547.fls.doubleclick.net
URL: https://10272547.fls.doubleclick.net/activityi;dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9389f24a0631d1ed558cd2a6f03ce70d1dc279674fad09c6bc88a3dd79139c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10272547.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 587
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 20:11:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 567C 43 B
525 B 24ms
23ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=507462be-0354-4d00-aa59-5860cfd31aaa&no_iframe=1&mt_adid=241675&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x24 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=507462be-0354-4d00-aa59-5860cfd31aaa&no_iframe=1&mt_adid=241675&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 20:11:00 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 30 Jun 2022 20:10:59 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/704918/ 147 B
323 B 94ms
31ms XHR
application/json 99.80.161.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/704918/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.808591b6f22469c04dca.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.161.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-161-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 /
www.google.com/pagead/1p-user-list/561371164/ 42 B
548 B 135ms
53ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/561371164/?random=1656619860652&cv=9&fst=1656619200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&async=1&fmt=3&is_vtc=1&random=3788595280&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/561371164/ 42 B
108 B 129ms
49ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/561371164/?random=1656619860652&cv=9&fst=1656619200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&async=1&fmt=3&is_vtc=1&random=3788595280&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/934771702/ 42 B
108 B 136ms
54ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/934771702/?random=1656619860650&cv=9&fst=1656619200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&async=1&fmt=3&is_vtc=1&random=3834830315&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/934771702/ 42 B
548 B 127ms
48ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/934771702/?random=1656619860650&cv=9&fst=1656619200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&tiba=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&async=1&fmt=3&is_vtc=1&random=3834830315&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 56273944 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 525ms
288ms Script
application/x-javascript 2620:1ec:27::cafe:1806
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56273944
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56273944.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1806 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 57ee028f35cf7f6b2187f84dcef596d4404b03beccbef562477b6233bd61cc76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:00 GMT
x-powered-by: ASP.NET
x-azure-ref: 0VQO+YgAAAACwWW6PVwOKSKkUR2e7Vtd7TE9TMzBFREdFMDIxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
content-length: 1587
expires: -1

GET
H2 200 dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F... Show response
adservice.google.de/ddm/fls/i/ Frame 72C8 194 B
242 B 192ms
80ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMSSyfL91fgCFS5CHQkd4PIGAA;src=10272547;type=landing;cat=events;ord=6511390341801;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 20:11:01 GMT
expires: Thu, 30 Jun 2022 20:11:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2... Show response
adservice.google.de/ddm/fls/i/ Frame A2D8 194 B
242 B 192ms
81ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COySyfL91fgCFfpDHQkdOPUMOg;src=10272547;type=landing;cat=allsite;ord=2625774467772;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 20:11:01 GMT
expires: Thu, 30 Jun 2022 20:11:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F06... Show response
adservice.google.de/ddm/fls/i/ Frame 64D7 194 B
870 B 189ms
79ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLavyfL91fgCFcpFHQkdW3kARQ;src=10428681;type=cyber0;cat=cyber0;ord=925144661041;gtm=2wg6t0;auiddc=1298849812.1656619860;~oref=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 20:11:01 GMT
expires: Thu, 30 Jun 2022 20:11:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame BCA1 0
0 81ms
20ms Document
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Thu, 30 Jun 2022 20:11:01 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 200 6f002ab8596ff067
pixel.sitescout.com/up/ 43 B
267 B 468ms
409ms Image
image/gif 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/6f002ab8596ff067?cntr_url=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:01 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.34/ 53 KB
23 KB 287ms
287ms Script
application/javascript 2620:1ec:27::cafe:1806
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56273944
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1806 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:01 GMT
content-encoding: br
etag: "1d88bc3d8d26054"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0VQO+YgAAAAAvKnAYbn1eSbQUYaN+j/CvTE9TMzBFREdFMDIxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 204 collect Show response
b.clarity.ms/ 0
177 B 387ms
190ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.cybereason.com
date: Thu, 30 Jun 2022 20:11:01 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 core Show response
js.driftt.com/ Frame 0CF1 2 KB
1 KB 115ms
114ms Document
text/html 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1656620100000/zdcd6x8yhg85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b31a46ddf5c126c1de06b9052e26831661cd9b904cd255bbb84375bcd8b688ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 20:11:02 GMT
etag: W/"54e6216273ec2dbf97d31dbcfe3225a3"
last-modified: Thu, 30 Jun 2022 19:02:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-id: gcjbJFJFqLvVG3WGaNEeCFrLUwXxGQP550pEwwcuHTUfZ8ybV6na7g==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 2x9jrR_kHPfsa4dq99JAFJtbw2xznMzP
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 81FF 2 KB
1 KB 111ms
111ms Document
text/html 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1656620100000/zdcd6x8yhg85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b31a46ddf5c126c1de06b9052e26831661cd9b904cd255bbb84375bcd8b688ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 20:11:02 GMT
etag: W/"54e6216273ec2dbf97d31dbcfe3225a3"
last-modified: Thu, 30 Jun 2022 19:02:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-id: Cg2FoG0bSYZwPZ0eanbgOWGgMpOwZ2aykQ5ZH2Bv09-UXbvUJIGCsA==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 2x9jrR_kHPfsa4dq99JAFJtbw2xznMzP
x-cache: RefreshHit from cloudfront

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 101ms
29ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4494
date: Thu, 30 Jun 2022 18:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Jun 2022 20:56:08 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 36ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SSF38JVRVJ&gtm=2oe6t0&_p=722171177&_z=ccd.v9B&_gaz=1&gcs=G111&gdid=dZTQ1Zm&cid=2084144712.1656619861&ul=en-us&sr=1600x1200&_s=2&sid=1656619860&sct=1&seg=0&dl=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&dt=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&en=user_engagement&ep.ga_temp_client_id=2084144712.1656619861&_et=1553
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSF38JVRVJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 70ms
18ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SSF38JVRVJ&cid=2084144712.1656619861&gtm=2oe6t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSF38JVRVJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 60ms
60ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SSF38JVRVJ&cid=2084144712.1656619861&gtm=2oe6t0&aip=1&z=1175684418

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
522 B 143ms
133ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=c5e8d976-3f28-4cb8-b790-e8ce1474443e&fci=a6695cd4-ffb2-4bbe-9023-a8aa90208bbd&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=3354902&pi=71989216574&ct=landing-page&ccu=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022&cpi=71989216574&lpi=71989216574&lvi=71989216574&lvc=en&pu=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&t=Live+Hunter+Attack+Simulation+%7C+June+30th&cts=1656619862176&vi=6236313abf3d5fcbd745cd51469f336a&nc=true&u=85683782.6236313abf3d5fcbd745cd51469f336a.1656619862173.1656619862173.1656619862173.1&b=85683782.1.1656619862173&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a2ddede9-5ae0-453a-9d62-cc3be6fdd172
cf-ray: 72398c7abb379b64-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8KOI7qs3PLUD6ZvqDqbMzWu0RZaqiIrQds6%2FeTyzgFANXs6Y5Y2X9lVj8A4Z0sK7bU9JNdbZ7DhKq0gJZRgjlaN%2Bs2hbSS9pDn2T1DXjhCDSBBkihazEnmFuUYKsFm8ispr00Ckgl6fNwVIlUvj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
354 B 152ms
142ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=c5e8d976-3f28-4cb8-b790-e8ce1474443e&fci=a6695cd4-ffb2-4bbe-9023-a8aa90208bbd&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=3354902&pi=71989216574&ct=landing-page&ccu=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022&cpi=71989216574&lpi=71989216574&lvi=71989216574&lvc=en&pu=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&t=Live+Hunter+Attack+Simulation+%7C+June+30th&cts=1656619862179&vi=6236313abf3d5fcbd745cd51469f336a&nc=true&u=85683782.6236313abf3d5fcbd745cd51469f336a.1656619862173.1656619862173.1656619862173.1&b=85683782.1.1656619862173&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 93430c94-052c-4b68-a762-d6d8cb4a0247
cf-ray: 72398c7abb3a9b64-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZiXqmmdZnp79N20BrUUTawnhCwGWu505JDA9qciVhjnXnf23XOkEUTH4Ff7bn%2FrfGz2aBBDfdbq3tucg%2FsoGzRo7SRrPVb1HZl4ljYNwik0sjwheAEb3N7kcPlxybC7gn9DsFUW2UJ5iGmUO541"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
360 B 151ms
142ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=3354902&pi=71989216574&ct=landing-page&ccu=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022&cpi=71989216574&lpi=71989216574&lvi=71989216574&lvc=en&pu=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&t=Live+Hunter+Attack+Simulation+%7C+June+30th&cts=1656619862180&vi=6236313abf3d5fcbd745cd51469f336a&nc=true&u=85683782.6236313abf3d5fcbd745cd51469f336a.1656619862173.1656619862173.1656619862173.1&b=85683782.1.1656619862173&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 0bf5ad2a-9f77-4a9e-9892-65e3ce25beb6
cf-ray: 72398c7abb3e9b64-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4aKIm1IPXlVXcYc7UDkuoCC%2B8gyA5U3SHHGVzLt0ePtT72%2BkDZWcacw%2BMuT83e1pZTpDnH4uH%2FRmWin0ojkbLXwkKwqDGLNS3xdlfkYy7Q6rOrpljEy9eL2ppwj%2Fx4ZUn2aWpCHRR2DcgVZXLZF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2

204

anpx
dpx.airpr.com/
Redirect Chain

https://dpx.airpr.com/px?hostname=www.cybereason.com&profile=660386&an=true
https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=4738218859
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D4738218859
https://dpx.airpr.com/anpx?adnxs_uid=2497554874986931511&airpr_id=4738218859

0
63 B

8ms
8ms

Image
text/plain

18.185.197.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpx.airpr.com/anpx?adnxs_uid=2497554874986931511&airpr_id=4738218859
Protocol: H2
Server: 18.185.197.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-197-79.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:02 GMT
cache-control: private
server: nginx

Redirect headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 20:11:02 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3fcc34fd-536d-4d63-bf7b-8467f570de16
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpx.airpr.com/anpx?adnxs_uid=2497554874986931511&airpr_id=4738218859
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=8AC3D203C77644CCB4125603A5D78475&RedC=c.clarity.ms&MXFR=38E871CCAFDB6B042CB6601FABDB65BA
https://c.clarity.ms/c.gif?CtsSyncId=8AC3D203C77644CCB4125603A5D78475&MUID=39005CBDD88E6F31076C4D6ED95C6E8B

42 B
368 B

32ms
24ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=8AC3D203C77644CCB4125603A5D78475&MUID=39005CBDD88E6F31076C4D6ED95C6E8B
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:02 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2149B9A1649440408E52AE038F4F894F Ref B: FRAEDGE1208 Ref C: 2022-06-30T20:11:02Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=8AC3D203C77644CCB4125603A5D78475&MUID=39005CBDD88E6F31076C4D6ED95C6E8B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 201ms
161ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3354902&utk=6236313abf3d5fcbd745cd51469f336a&__hstc=85683782.6236313abf3d5fcbd745cd51469f336a.1656619862173.1656619862173.1656619862173.1&__hssc=85683782.1.1656619862173&contentId=71989216574&currentUrl=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad1929c116d6ba14a998e3de8cfc3e142fa091a75ee7c3574bdbfad0258f3d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 20:11:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 450ae437-beaa-4fd5-98a3-5a3c8d3bfe3d
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRzGpBFYUiJlHiAZn9XdqsLs97cPDKc1ffer95iNXoQFJ12b0ifljkrCE4LHcA6DAhaFUAVhhZWNkP%2BP6KCCnecZvGam0xICfvOWK16dSzXWYNioQ3%2F5lJzJRtZBCHwKfS8z5LbHpnzfhupZVT2K"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cybereason.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 72398c7b086f5c9e-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 runtime~main.711aac64.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 6 KB
3 KB 9ms
8ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

2cd758eab046eecb663aa71adfb547646f07ef9809ed1fb163a322c32b30ecda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:25 GMT
server: nginx
etag: W/"f309ae0dcd5421dcd697e99794967989"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: b9r_MdeFPYD0FZRXpvYABzF1hSfoRvwM
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ERbhXWt7ecHNQ3BXXNWb2Prq13UyjvUsJ94CSU0GihoTxWX_2UJQ6w==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 35 KB
13 KB 9ms
9ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lBRIUDJ59SmfieNaSm0TkpIA4GzBrtHOVCcqkAPTDTd0R00zllwWfA==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 7 KB
3 KB 10ms
9ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:15 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9qbak4s_fS3U3ItMkJp51dxjDAaDzA89
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LQgv9KBMB-HqKQMJcPU_neibG4F-GD0bz4Y0McCN_kDY5KFqsfZ5oA==

GET
H2 200 runtime~main.711aac64.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 6 KB
3 KB 9ms
8ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

2cd758eab046eecb663aa71adfb547646f07ef9809ed1fb163a322c32b30ecda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:25 GMT
server: nginx
etag: W/"f309ae0dcd5421dcd697e99794967989"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: b9r_MdeFPYD0FZRXpvYABzF1hSfoRvwM
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Wuy0ksQA-Yk58c-5b05ef82Ak5EOIJ4KKcYFrwdz1Q8UObAwcXheSw==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 35 KB
13 KB 9ms
9ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n8t7N-d8gv4dwN0xk10HszTdwyynog5383Ih5O_MZt37V6-8wGIb4A==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 7 KB
3 KB 10ms
9ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:15 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9qbak4s_fS3U3ItMkJp51dxjDAaDzA89
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 344d1DtDtRVPesCmKLYWnr5NCr-d9EQV6XsWP9XLgIMOmlkm91Zqzg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 111ms
40ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=722171177&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cybereason.com%2Fattack-sim%2Fhunter%2Fus%2F063022%3Futm_campaign%3DAttack%2520Sims%26utm_medium%3Demail%26_hsmi%3D217950972%26_hsenc%3Dp2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA%26utm_content%3D217950972%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Live%20Hunter%20Attack%20Simulation%20%7C%20June%2030th&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KBDAAEABAAAAAC~&jid=912214909&gjid=2142162445&cid=2084144712.1656619861&tid=UA-56367941-1&_gid=1287339195.1656619862&_r=1&_slc=1&z=220460276

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 47 KB
14 KB 9ms
7ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ghx9KuLEsU65toAWp7tNXfQomgxjyrbm
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W12haYZ09WQLYqLK3LALFp9_dZ02V_Psb2nzhCaIAgux-EcYeXgwTQ==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 44 KB
13 KB 12ms
9ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9rIJ_he3NnZfaZwCr7GvLzRmtehknn.
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: suR7niFerzk6IEIKcL3SKJukx4x8iLSPi6wJnOQHGRy9MpT8fruDnw==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 25 KB
8 KB 13ms
9ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1815072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3g.L2n28pTj8AcDJTW_JUnx4I1CqyPA9
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BKaPHi2pbI88Rz9dg7wtWNZs2hgMbue8ctxTaulUcIwg7V5u1GbBkA==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 16 KB
5 KB 13ms
10ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6bdaEoVaogjxYdNJvlFfyTO_1fTxsp6o
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mA8pvRGG4P7X5FKUn8pXIXuqNLhExtoPEffmwdwinXo0wzPYo2BBCQ==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 74 KB
23 KB 13ms
10ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JZm8k3kB95-ZWP1Gj-HNUckgIu5L6DOBxiTmXeusgzY5ZsIuKKXeKg==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 59 KB
19 KB 14ms
11ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyXTxSuCBvZx654ePqR2xs6GalDG76.D
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KtGOe0N9WpPsAOugZkKOlrTCQuIQ00AFnCyKCMADdmMe8E4HbyITjQ==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 91 KB
28 KB 16ms
13ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eWIFIo8DxLn4S25aWqEs5lrAyCB0pQZS
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yGZJ2qrQMKwxRbkvFtqjQ7ou9iWc1_H56eqzMFlURb5c6jdqSAb2qg==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 23 KB
7 KB 16ms
14ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g.TAX9Ljd1CKN2hPKg7rBsCyhJ70wktS
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kTEhmjrywHPZr0LJpym5Tmo36k_WgdClgtAHTpI5dA_h6_Eb6knCVA==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 62 KB
20 KB 17ms
14ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1815072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AZatU1G3W6aZgnPi8EiGVtSbHMH8e_3C
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xhHFqs0-zYkZmuOvS8xoiX-ytBu6OrhhOGnIvFleEs_jwaWueI_7Gg==

GET
H2 200 45.772158c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 105 KB
34 KB 18ms
15ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Wo_uRM2rzEKAIONIW1ozWH.Ih3Zgd.66
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JJMWKR8CXPf1EiNTrqTAToHST6jzEZxEzTpGQv3aOuEI56-qw5DLZw==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 12 KB
4 KB 19ms
17ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1815072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bhwKT_c2F1eWJZTUMl3h-pt7IgaIb0piza3UnvMEtigkcf3voaNQAg==

GET
H2 200 28.ed383893.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 12 KB
5 KB 20ms
17ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W4iSCS77kEC.SSNCcLhsvI35ESlRZh_5
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ndStqEUcRcaEH1EY6FusvI3j5XuHgMxUz0km_4Bg1v5sYPDoJXMLVA==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 17 KB
7 KB 20ms
18ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IYcZXStVL2CjeeCB9Www5YnCHKJfMMCs
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3kBklZWK6IFA1eGr0P5jzUPBooLemDwudYlyrC3LM2SIAdwfX-XSYg==

GET
H2 200 9.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 81FF 11 KB
3 KB 20ms
18ms Stylesheet
text/css 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hokYckg1IjTUPfKmbuCy6NNmRFmQH3VZ
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9GjLpDl6WPSW6k2jtgFAuiFHDvis0nKGODby9wSbraOTMc0zNavr7w==

GET
H2 200 9.bd40cfa4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 70 KB
22 KB 21ms
19ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.bd40cfa4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e848ae9917b35cffb61e8be66065a1c90c628d5440a22387b617ae3ec39e33f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:24 GMT
server: nginx
etag: W/"ff68baf8a2dddc0b8d334684d33e160a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a9O73iYwtzvHpSy_KUupgQKkRkRvY37C
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -e6XUSarUV0TWzaxCE_DaGSiPLbIOtBOkEdGBRrN6vKR0PdwgLd1eQ==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 81FF 24 B
666 B 20ms
19ms Stylesheet
text/css 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lGo5K5Fgh-ZAc05SU6z099hh4VMwFWJIxpzdYRghlds12ZwQLJrx5A==

GET
H2 200 17.2a29d8c3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 78 KB
20 KB 22ms
21ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.2a29d8c3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f6c5a07d99c4c7c73b6c3731a9a0bfceb6ab8b192eaf5ac6bae45899d0a1f88f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:22 GMT
server: nginx
etag: W/"7cd3a0b317696b9c03eb2eba57f63bd9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tNovjElmhtR7kbBrVgo8kFP2NKtk0RJy
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Da8c0GpDRE9ndQQzW3VNgfUEYNNB8vXBUk0gXYjvVxIyrLSLQmuPSQ==

GET
H2 200 24.8603213a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 48 KB
13 KB 23ms
22ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.8603213a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

37c18698722c6a2e4940ee3f65d56e08ad88d779ba3be1865396ac38e91d62ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:23 GMT
server: nginx
etag: W/"b8776dcc5c1a3083223a0463a48e260a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MNLYGPrRxdrdE8i61mB8AAl9xMksDWt5
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SPQnSTCvn9p0GGpLFDV-ZhLOGjVA2BMQh9rg7wgwDaecTM01VxDbmQ==

GET
H2 200 15.d2bbc7da.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 40 KB
13 KB 24ms
23ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.d2bbc7da.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d1478fa19a20a462f4c461d7c2aff8a3e86945475f96f331c06e2681740aac32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:22 GMT
server: nginx
etag: W/"ab7260f70c19922f3eb3d36daa2b5c00"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kTYocLjR9n1x3ZcQsQJErG5I9TEz_4or
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YBu-fiSALE_GFDdOa5Rmepy_oTxYPkfNGZfMItOltIzpA98STQiJEQ==

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 47 KB
14 KB 22ms
19ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ghx9KuLEsU65toAWp7tNXfQomgxjyrbm
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hxIhj4SJPm1LnYo8ttM1xvsb16MQmFIR3ROBDCzfesnRWKjUuqzbkA==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 44 KB
13 KB 24ms
19ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9rIJ_he3NnZfaZwCr7GvLzRmtehknn.
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ekgUp0clk1jZG9cZwp1d8Aw9bMYsjVAqJ46kuYQ-rHCthv8kZd7MMg==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 25 KB
8 KB 25ms
20ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1815072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3g.L2n28pTj8AcDJTW_JUnx4I1CqyPA9
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _6farF4eAJXAxhpEnRK-v8F55Vuni47vGnW2mvA5mR318Ng9lueXtg==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 16 KB
5 KB 25ms
21ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6bdaEoVaogjxYdNJvlFfyTO_1fTxsp6o
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hlHyQW-Sg40YELZ20AFFtd7JrsPywoHyYxdC5mqjyEeRzvjQf-N6hA==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 74 KB
23 KB 25ms
21ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WwtXthgJQg2112WR3ZzWVoZk_szLhh2M96ixEFd0jQFqfaAvZK69tg==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 59 KB
19 KB 27ms
23ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyXTxSuCBvZx654ePqR2xs6GalDG76.D
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BwXtqC3YkLc456ibd2WCKqExcfxC59mzU9T_7qk-SuRBBFx2bJpfSA==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 91 KB
28 KB 28ms
24ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eWIFIo8DxLn4S25aWqEs5lrAyCB0pQZS
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ca4EdJsqNSZSy2YE9o3l0_d0xtfzKEJGHUQ-k-_R2XYWM2MkwwJ5lw==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 23 KB
7 KB 29ms
25ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g.TAX9Ljd1CKN2hPKg7rBsCyhJ70wktS
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PfpD4C21Cfz8_awdiMSSLqabwr8ey3_1glt5vU4lJuYw-J2SVC0DVQ==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 62 KB
20 KB 29ms
25ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1815072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AZatU1G3W6aZgnPi8EiGVtSbHMH8e_3C
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -iFKvzUvOVG2oFwmKsB-4mYTv18ibZT7iXx1Hs0fwfDEHqWvAR380w==

GET
H2 200 45.772158c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 105 KB
34 KB 30ms
26ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Wo_uRM2rzEKAIONIW1ozWH.Ih3Zgd.66
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: R-szGJHetU-nVdoP6NDiSitJmU41S5dtZBy3kMjAhDOnExXphR_T_g==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 12 KB
4 KB 31ms
27ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1815072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aKIecYScxobBgI_MyUvBjlBkhMYUZNDGk06ujJIzru0Aak3dFLW3SA==

GET
H2 200 28.ed383893.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 12 KB
5 KB 31ms
28ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W4iSCS77kEC.SSNCcLhsvI35ESlRZh_5
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ck0JiUUyeLGZ90tjXNZ04kr75yDjwZKkgEfGZ6yYWKcncCfDLv4lyg==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 17 KB
7 KB 31ms
28ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IYcZXStVL2CjeeCB9Www5YnCHKJfMMCs
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ai2feCC-ciLh4tTOAn-HSea7JkCupdcRJCZIwlalXyLqE5vdKNWPNg==

GET
H2 200 9.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 0CF1 11 KB
3 KB 21ms
18ms Stylesheet
text/css 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hokYckg1IjTUPfKmbuCy6NNmRFmQH3VZ
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rmroELhoRoaBpByUhzpP5H9f-5cqsTo_gvoyOmJOcajBEZqviHWtrA==

GET
H2 200 9.bd40cfa4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 70 KB
22 KB 32ms
29ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.bd40cfa4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e848ae9917b35cffb61e8be66065a1c90c628d5440a22387b617ae3ec39e33f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:24 GMT
server: nginx
etag: W/"ff68baf8a2dddc0b8d334684d33e160a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a9O73iYwtzvHpSy_KUupgQKkRkRvY37C
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UE2NRgttIVKqSFof31O0KY0Lu1MdGLAcuD7KFqXk5pw9wvUYbgYMaA==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 0CF1 24 B
666 B 21ms
18ms Stylesheet
text/css 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
age: 1815073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u6v9WaOGOFI4af9jjjJ0kvIxtErKt3AAQV5wcLDUEfeTJ-v2-_JIUw==

GET
H2 200 17.2a29d8c3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 78 KB
20 KB 32ms
30ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.2a29d8c3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f6c5a07d99c4c7c73b6c3731a9a0bfceb6ab8b192eaf5ac6bae45899d0a1f88f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:22 GMT
server: nginx
etag: W/"7cd3a0b317696b9c03eb2eba57f63bd9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tNovjElmhtR7kbBrVgo8kFP2NKtk0RJy
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bweiy7I1ycP7rmU9EiofvsPmQ-X-25Uim6SuagnRMXy4SrV2NuhaZw==

GET
H2 200 24.8603213a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 48 KB
13 KB 33ms
31ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.8603213a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

37c18698722c6a2e4940ee3f65d56e08ad88d779ba3be1865396ac38e91d62ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:23 GMT
server: nginx
etag: W/"b8776dcc5c1a3083223a0463a48e260a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MNLYGPrRxdrdE8i61mB8AAl9xMksDWt5
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EF2MVz71u0wr7k4pCwYS7-almjG4u7TfAiMT6NP2DjA84gU2IOM-mA==

GET
H2 200 15.d2bbc7da.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 40 KB
13 KB 33ms
31ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.d2bbc7da.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d1478fa19a20a462f4c461d7c2aff8a3e86945475f96f331c06e2681740aac32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:22 GMT
server: nginx
etag: W/"ab7260f70c19922f3eb3d36daa2b5c00"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kTYocLjR9n1x3ZcQsQJErG5I9TEz_4or
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ToaYX-MNndV3gt-7FZgjVhzyi6TvJtPhciMqyjr52gFFVdsWjiJu6w==

GET
H2 200 34.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 81FF 3 KB
1 KB 9ms
8ms Stylesheet
text/css 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1815072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pDgWOASMN9_NDbkmryYYC4K2HoZ50omL
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QaqqWYhxXUuYjVv_1xe_bMzdpkofGJIbUVr0YSCmFs5hSTIDBFMijQ==

GET
H2 200 34.07340d2f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 3 KB
2 KB 9ms
9ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.07340d2f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 14:14:39 GMT
content-encoding: gzip
age: 1144583
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 13:01:30 GMT
server: nginx
etag: W/"f732dfb3db72f996e1f4bc0225629a20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HvgZCV9LNyT7x7vVdSj885BtX9dyNytM
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vlWK7A0XhCJ5MkS3iVjf186iz_5J4bNJxGgZQ4UvbE7x9nY5jOkWMQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 9 KB
3 KB 9ms
7ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:20:39 GMT
content-encoding: gzip
age: 910223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FXhpBdntUhclEQbRyN38j73SJPN5DG6s
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gBSsy45FHHXXhkQjOpgl6YNM_1hvUvRDZtQUF0xgZSxwLFnpt4QHXg==

GET
H2 200 26.a5fa75d7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 33 KB
10 KB 11ms
10ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a5fa75d7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

72d52dcf32b1f0357fdb9688cb7d59dd429ed01f5bf3098825191ba7e244927c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1815072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"07c533e32590bc52ac1b137167ac3d81"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Om6KhJpoRUYTr7Om8uqiUaVuwIdIX9mR
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DPWfXwvmWrdFuG_MOCMtkeXM11c7QY7ZCuc-VyMstfL67Cnfp7eeSw==

GET
H2 200 27.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame 0CF1 8 KB
2 KB 10ms
9ms Stylesheet
text/css 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1815072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xlq0zBG2KT_EHoSQ.8VBH19dO.kmmlfU
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bD9cUOw2Cgge0S0CMvXqaGw8VA7bIpwdFMokRwwcqwRDEnpjbt2GAA==

GET
H2 200 27.795499fe.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 12 KB
5 KB 12ms
11ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.795499fe.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

cbd1fd9e5454ee302f349f7a91241a8e37f4daf59dfbbfb26d8c76d4ec49fac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:23 GMT
server: nginx
etag: W/"5277c592e20a97f12101fb9221e1083d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: m7G6eGFZsSIOgQehhjNZaVndQOLVU8F2
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 21QvqdGnp8YCzrKbyTg17YJ3Fxgw6Hk5kTLg-pGirtPoeXATMcw7BA==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 0CF1 365 B
1007 B 12ms
11ms Stylesheet
text/css 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 08:38:41 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
age: 1942341
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Fri, 22 Apr 2022 20:24:53 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: L3VGtilyy25ajd6juXICRdarj04czsmC
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4RXwRGachmBv712YxcnqCBobl2Fe9UU53aTjjWApUzd7EwthhrjlKw==

GET
H2 200 19.375efb47.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0CF1 87 KB
24 KB 12ms
12ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.375efb47.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

06a760cd337a6f97856b60714a8cf6ad3fb80946492d50fbb1025466f26ca97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=7de59f8c-194e-440a-bad2-e6f279d5757b&sessionStarted=1656619862.149&campaignRefreshToken=780b3383-9cf1-4851-ae54-3b9ac8e2974b&hideController=false&pageLoadStartTime=1656619859932&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:22 GMT
server: nginx
etag: W/"8efbde6a9b56ea5a8fcb23e8fb346ec0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AxILm0R.lOhNWA4ZsVeiTcwoPJIrh19v
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0YCnUvN_KPN_J9SgOx3OY46vYndHIYo-iVEGmz3IKJ2U0U0sffPBmg==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 55ms
18ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-56367941-1&cid=2084144712.1656619861&jid=912214909&gjid=2142162445&_gid=1287339195.1656619862&_u=KBDAAEAAAAAAAC~&z=1364799025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 30 Jun 2022 20:11:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 9 KB
3 KB 8ms
7ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:20:39 GMT
content-encoding: gzip
age: 910223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FXhpBdntUhclEQbRyN38j73SJPN5DG6s
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8Lf5ZeFEkeO5flA9hdRuUCP593JTlbolmQ_-TzzLHr8FuZUWW4XF1g==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 81FF 7 KB
2 KB 9ms
8ms Stylesheet
text/css 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1815072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qCJlHTNUr2HFRH6Ajng7Ce3aN.cZgspN
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BZ2g0UMkXTl1KBwrS358zZ7emYJclfqx_xYZJBIVyIAQSsVmP_D1pA==

GET
H2 200 3.00aa1009.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 54 KB
16 KB 10ms
9ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.00aa1009.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b8eef39219651c2e824894e8f8d35742e86021c1a556136fb6ffc5e1169bccbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1815072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"b6e857285e106c4d697971a13a9e5f01"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5X0O2ApU5vgBeUnxDu8Cb4hnMjQt6Q5W
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ke5sdSm7pOMGFgInGDQn0C6NDHueBo3VCyg9e4-_wj3_i3P5wrY5RQ==

GET
H2 200 1.2a811815.chunk.css
js.driftt.com/core/assets/css/ Frame 81FF 43 KB
7 KB 9ms
9ms Stylesheet
text/css 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.2a811815.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5c09e8bec292a5b43b6a5be55beb50de7bf16c101bf236faa43e49ce70f8c229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 14:14:39 GMT
content-encoding: gzip
age: 1144583
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 13:01:27 GMT
server: nginx
etag: W/"cffa309af51f35e8b5792ddf3e06a80b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VUaHAxuPIr8zCHoCffr5ySO3Had_qiEc
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 74P3E017ad6B6hB4IV3tzehplGIT_LnZ0g4YVhh5K_IwsqJzI4qxQg==

GET
H2 200 1.f0c05bdf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 73 KB
25 KB 11ms
10ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.f0c05bdf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

09410642edee2a495d333f89ddf4c4a09dc9218c93de7d4d7d981117fe9d56b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:21 GMT
server: nginx
etag: W/"97f33a213b4ee5c284a67db4791de6fa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0D6bsqEtygBehCY0YETmhhunXna8dEK1
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: K2wyztSDy9U-RAZxcRMZsM-HTrd0Be3yZ9Ga9I-68lsCdkQ8bXb8lA==

GET
H2 200 32.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame 81FF 12 KB
3 KB 10ms
10ms Stylesheet
text/css 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1815072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: D63PtXL5bP.wpWr.uBaG9A4P_yKmwfSx
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ueJQv7CoUBgJlGdawcOL2XXqrQbMdlkRXuW1AeiFBrvD_fgUBIg-xQ==

GET
H2 200 32.339f8363.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 81FF 11 KB
5 KB 11ms
11ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.339f8363.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.711aac64.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

88d623d347bc1d092c1d546f62ac989acddceb46ca869c4b48adb62e229daee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656619859932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 4098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:23 GMT
server: nginx
etag: W/"566a10802a29d81a470d77eb56b23265"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: M0iCQaZ.gGkZ8Ke.B5BxYnub2OI8YHSv
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BMaHpyqTmxnTG_c6XxQn-dcbJQzrs8PWpDxVe9Ozrak_nvPQTo2QcA==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0CF1 25 B
122 B 116ms
115ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Jun 2022 20:11:02 GMT
server: istio-envoy
requestid: 21c69220a82a5d71
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 327ms
103ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 30 Jun 2022 20:11:02 GMT
requestid: driftb994dcf4df489fd4e72a0f9040c
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 143ms
63ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56367941-1&cid=2084144712.1656619861&jid=912214909&_u=KBDAAEAAAAAAAC~&z=1861480831

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 59ms
59ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56367941-1&cid=2084144712.1656619861&jid=912214909&_u=KBDAAEAAAAAAAC~&z=1861480831

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 20:11:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 0CF1 147 B
245 B 103ms
103ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

0f22cf2acf8146a0114391fa869da34a4c62183bce53e066d6605bf022b12ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Jun 2022 20:11:02 GMT
server: istio-envoy
requestid: 823d591265759a47
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 326ms
104ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 30 Jun 2022 20:11:02 GMT
requestid: drift9188b1b4df3ad206a674dc48cfb
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 95ms
95ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.cybereason.com
date: Thu, 30 Jun 2022 20:11:02 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0CF1 25 B
87 B 113ms
113ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Jun 2022 20:11:05 GMT
server: istio-envoy
requestid: 1866099c06ac32fc
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 99ms
99ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 30 Jun 2022 20:11:05 GMT
requestid: drift6d4bd5c4da1be81d54f95a72286
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 perf Show response
www.cybereason.com/_hcms/ 2 B
522 B 848ms
848ms XHR
text/plain 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/_hcms/perf
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.cybereason.com/attack-sim/hunter/us/063022?utm_campaign=Attack%20Sims&utm_medium=email&_hsmi=217950972&_hsenc=p2ANqtz-_yMvgXti1k5wU5aamf5JdWT5nlfhd17ye_h7AKmbn8W7xpNk9Y3Hz4QjvU4hjgVH95cKxsag6cqSyP1n-WQLuMefOFPtDls5b5uqdhdN3KyUKA6BA&utm_content=217950972&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 30 Jun 2022 20:11:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-cdn: Imperva
x-hubspot-correlation-id: 885bd69b-4704-48cf-ba1c-887af00bc969
x-iinfo: 13-63287387-63287390 PNYN RT(1656619858018 6941) q(0 0 0 -1) r(7 7) U6
server: cloudflare
x-trace: 2B3A8F3262C38B28014EBFE591E60C49337842BA21000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qo8gMehYrHJKIDkV9z%2BT4iverZGLtUb26Ayb0f6pAMWiaeE759OJ592%2BdSWAMjsIEc9BMkTR%2F4tXYozSaWtj4oFeV2Pfb%2FXAuSNCr8vVNSmuJJl2I2cVIy%2FgEuQ%2BgKHnwob0pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 72398c8e8919b8c1-AMS

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.cybereason.com/	1969-12-31 23:59:59	Name: __cfruid Value: 3a456508165cf4e54fdd4f45451f8e26b33e1e7b-1656619859
.cybereason.com/	1970-01-20 12:54:36	Name: visid_incap_2710048 Value: KPWZSkUQQC+1PcNjSs+/gFIDvmIAAAAAQUIPAAAAAAB0/aIsASJwQayGuy3c7O4L
.cybereason.com/	1969-12-31 23:59:59	Name: nlbi_2710048 Value: MZrMAs0sjhIO6aQ12P/mMAAAAADG2nIU+DeL3FY4TJbWVUm7
.cybereason.com/	1969-12-31 23:59:59	Name: incap_ses_729_2710048 Value: Yty4MmSguEq2wog7Te4dClMDvmIAAAAAVZ37ggXmSsamEclfeqT9xA==
.cybereason.com/	1970-01-20 06:19:55	Name: _gcl_au Value: 1.1.1298849812.1656619860
.hubspot.com/	1970-01-20 04:10:21	Name: __cf_bm Value: u3eWFyZa7OdwqLKMPdIOh2R31xl7d2wQr4rN905ME8I-1656619860-0-Ac1pitBj3+OKaWoOUbUWvJo18Io4+bqTIXQFgymibr6UiDQWlBRV/ybLCDepwnWwb4ZSzCfxVbimtU0zl9TQW4k=
.bing.com/	1970-01-20 13:31:55	Name: MUID Value: 39005CBDD88E6F31076C4D6ED95C6E8B
.cybereason.com/	1970-01-20 06:19:55	Name: _rdt_uuid Value: 1656619860593.fde01c9e-16dc-4eff-babc-a76b9aa30831
.techtarget.com/	1970-01-20 04:10:21	Name: __cf_bm Value: 8K4bog3jJlbt3Vmyv_z_UZEj2ep1xy4E0nuEAdhE5b4-1656619860-0-AaB078rMqu4DT47A7DFt7jp+E6yujObuiYZ0L7UwYvOO3aN7ww4ZFlzdVrlrMSO/438DjHkiTpfuuOAc5t1HWYo=
.cybereason.com/	1970-01-20 04:11:46	Name: _uetsid Value: c2b47a30f8b011ec8957ab67191c73b0
.cybereason.com/	1970-01-20 13:31:55	Name: _uetvid Value: c2b49870f8b011ec9d9ad9b6e36bff56
.mathtag.com/	1970-01-20 13:36:15	Name: uuid Value: 507462be-0354-4d00-aa59-5860cfd31aaa
www.cybereason.com/	1970-01-20 12:55:55	Name: __pdst Value: fe1ced145f85438db5ca7b5401c8e006
.ws.zoominfo.com/	1970-01-20 12:55:55	Name: visitorId Value: f4c21c6437c43dcf8fcc9f55d52aea3514adf988ff5866b280ad1332dcbcae2d
.t.co/	1970-01-20 21:41:31	Name: muc_ads Value: 823254ef-b90e-45b2-8861-550e5d15c4bc
.mathtag.com/	1970-01-20 04:53:31	Name: mt_misc Value: mt_bt:1
.twitter.com/	1970-01-20 21:41:31	Name: personalization_id Value: "v1_vpnHcLPhK4dwGXFvPDKofQ=="
.cybereason.com/	1970-01-20 12:55:55	Name: _hjSessionUser_704918 Value: eyJpZCI6IjU1ZmIxMmVkLTg1ODAtNWQ4MC1iMDM3LWVmZmQ3YzM1YzExNiIsImNyZWF0ZWQiOjE2NTY2MTk4NjA4NDQsImV4aXN0aW5nIjpmYWxzZX0=
.cybereason.com/	1970-01-20 04:10:21	Name: _hjFirstSeen Value: 1
www.cybereason.com/	1970-01-20 04:10:19	Name: _hjIncludedInSessionSample Value: 0
.cybereason.com/	1970-01-20 04:10:21	Name: _hjSession_704918 Value: eyJpZCI6IjNlYjAwODJiLTg1MzEtNGVmMy05ZTgxLTQzY2Y2N2UyZDFkYSIsImNyZWF0ZWQiOjE2NTY2MTk4NjA4NjUsImluU2FtcGxlIjpmYWxzZX0=
www.cybereason.com/	1970-01-20 04:10:19	Name: _hjIncludedInPageviewSample Value: 1
.cybereason.com/	1970-01-20 04:10:21	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1970-01-20 04:53:31	Name: UserMatchHistory Value: AQK_2TXTX6H8-QAAAYG2PQMvwDNQkRxchICP90J01NRaZezxjCM90nycC3aURGbu7pKOyWHoCO6xJg
.linkedin.com/	1970-01-20 04:53:31	Name: AnalyticsSyncHistory Value: AQIxBs1kC8lDLwAAAYG2PQMvFsMNfm0jw9VRVrMMOVUc88LORssxr9Vy7WoWu0sZVwHCGwhbNMyzK-8IrMbSIw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:42:13	Name: bcookie Value: "v=2&f1f1dac3-a3c4-427d-8bd6-f902105aacb4"
.linkedin.com/	1970-01-20 04:11:46	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2698:u=1:x=1:i=1656619860:t=1656706260:v=2:sig=AQHSTmAzGe-HPKuRhedVJdUw373kdqKK"
.doubleclick.net/	1970-01-20 13:31:55	Name: IDE Value: AHWqTUn0nrQTRyysKLjAIokkWUE1skmGj7Po4t_S0Syxm05XudhjskdhCzcph4CH
.bidr.io/	1970-01-20 13:38:53	Name: bito Value: AAGIhE7FfAcAABCmMnvzDw
.bidr.io/	1970-01-20 13:38:53	Name: bitoIsSecure Value: ok
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:42:13	Name: bscookie Value: "v=1&2022063020110025acfa75-b0a2-4bb9-89bf-f1f52d524209AQHik-ugDSPEcf7ZDli5VIp4mFEizIlZ"
.linkedin.com/	1970-01-20 21:40:50	Name: li_gc Value: MTswOzE2NTY2MTk4NjA7MjswMjE6eCoeBrdr/iR4g6vhB6woXNOAYu0vt0iEb/yQFFH52A==
.company-target.com/	1970-01-20 21:41:31	Name: tuuid Value: 1235fbbe-0a06-48ad-a569-01ba628ca85b
.company-target.com/	1970-01-20 21:41:31	Name: tuuid_lu Value: 1656619861
www.clarity.ms/	1970-01-20 12:55:55	Name: CLID Value: 1975b072a4b64787a6bcf52a757cd069.20220630.20230630
.cybereason.com/	1970-01-20 12:55:55	Name: _clck Value: sjol2t\|1\|f2r\|0
www.cybereason.com/	1970-01-20 04:10:21	Name: drift_campaign_refresh Value: 780b3383-9cf1-4851-ae54-3b9ac8e2974b
.cybereason.com/	1970-01-20 21:41:31	Name: _ga_SSF38JVRVJ Value: GS1.1.1656619860.1.0.1656619862.60
.cybereason.com/	1970-01-20 08:29:31	Name: __hstc Value: 85683782.6236313abf3d5fcbd745cd51469f336a.1656619862173.1656619862173.1656619862173.1
.cybereason.com/	1970-01-20 08:29:31	Name: hubspotutk Value: 6236313abf3d5fcbd745cd51469f336a
.cybereason.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cybereason.com/	1970-01-20 04:10:21	Name: __hssc Value: 85683782.1.1656619862173
dpx.airpr.com/	1970-01-20 04:10:20	Name: an_airpr_recent_visit Value: 1
.adnxs.com/	1970-01-20 06:19:55	Name: uuid2 Value: 2497554874986931511
.cybereason.com/	1970-01-20 21:41:31	Name: _ga Value: GA1.2.2084144712.1656619861
.cybereason.com/	1970-01-20 04:11:46	Name: _gid Value: GA1.2.1287339195.1656619862
.cybereason.com/	1970-01-20 04:10:19	Name: _gat Value: 1
.cybereason.com/	1970-01-20 04:11:46	Name: _clsk Value: 1pe9q4p\|1656619862295\|1\|1\|b.clarity.ms/collect
.c.bing.com/	1970-01-20 13:31:55	Name: SRM_B Value: 39005CBDD88E6F31076C4D6ED95C6E8B
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:31:55	Name: MUID Value: 39005CBDD88E6F31076C4D6ED95C6E8B
.c.clarity.ms/	1970-01-20 04:10:20	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lltrck.com/lt-v2.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10272547.fls.doubleclick.net
10428681.fls.doubleclick.net
3354902.fs1.hubspotusercontent-na1.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
alb.reddit.com
analytics.twitter.com
api.company-target.com
app.hubspot.com
apt.techtarget.com
b.clarity.ms
bat.bing.com
bootstrap.api.drift.com
c.bing.com
c.clarity.ms
cdn.pdst.fm
cdn2.hubspot.net
cdnjs.cloudflare.com
cpjwr04.na1.hubspotlinks.com
dpx.airpr.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
id.rlcdn.com
in.hotjar.com
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
lltrck.com
match.prod.bidr.io
metrics.api.drift.com
p.typekit.net
pixel.mathtag.com
pixel.sitescout.com
px.ads.linkedin.com
px.airpr.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tag.demandbase.com
track.hubspot.com
trk.techtarget.com
up.pixel.ad
us-central1-adaptive-growth.cloudfunctions.net
use.typekit.net
vars.hotjar.com
ws.zoominfo.com
www.clarity.ms
www.cybereason.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.244.42.133
104.244.42.195
13.107.43.14
142.250.184.198
142.250.186.130
143.204.215.10
143.204.215.25
143.204.215.26
143.204.215.43
143.204.215.62
143.204.215.82
143.204.215.97
151.101.193.140
178.79.242.16
18.185.197.79
199.232.136.157
2.18.233.201
20.234.93.27
20.75.32.255
2001:4860:4802:32::36
2001:4860:4802:36::36
2001:4860:4802:38::178
206.19.49.24
2606:4700:4400::6812:2a27
2606:4700:4400::ac40:9a55
2606:4700:4400::ac40:9ad8
2606:4700::6810:a852
2606:4700::6811:180e
2606:4700::6811:43b0
2606:4700::6811:d6cc
2606:4700::6811:e9cc
2606:4700::6811:f2cc
2606:4700::6812:1e69
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:22::14
2620:1ec:27::cafe:1806
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:801::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2008
2a00:1450:4001:811::200a
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2003
2a00:1450:400c:c07::9d
2a00:1450:401b:807::2002
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1494
2a02:26f0:3500:16::215:14a0
2a04:4e42:200::396
2a04:4e42:200::622
34.192.106.225
34.193.113.164
35.244.142.80
35.244.174.68
37.252.172.123
45.60.64.106
52.16.40.114
54.147.21.139
65.9.66.112
66.155.71.149
99.80.161.153
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
01b20f3c9294790a8fe4fbf5b736fb601874ff41085a0a49d8cc2b0562ccade7
02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06294245f12818c2d04b2a9f1e1d9d5cadd44667f565cdc6f51c83aaf4dfef28
06a760cd337a6f97856b60714a8cf6ad3fb80946492d50fbb1025466f26ca97c
09410642edee2a495d333f89ddf4c4a09dc9218c93de7d4d7d981117fe9d56b9
0a02cb2d7190c4675ee2cb667418b06615b563bc0b541fa4964518f48e98dfd2
0b454edb897d49bf8a73b07627b670a55f0972988094770495a308e5a5e39d1b
0c3f75f81857e502a5a33690ac077add9f4fdcdbab44dd0e8df9a378f278de88
0eb72f7db8ece3000ed103a80ad77700b4ae7abd5f9f361ab6888f93e2d216ec
0f22cf2acf8146a0114391fa869da34a4c62183bce53e066d6605bf022b12ce1
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
1211a9a77e9e16594929055d1e99009c3e85f4ffbbfd5b0646319087812eea30
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
163eb6275eba2b44f68cb1cdf0ef5b0f417ed24aebd866c3cfef1ebf8c6ce683
18a569c479194250ed431bbecbeb6b2f91b7bc98c22d214e5cfd3f0aee4971d7
18c545256f2217ee841db63336dddc318198118b706001a05985fc1f9efc6551
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
2092c7d96ad467b4da482317b4406ad6a635567da3968480c7988548358481e1
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2ca281bdcd543e2e3559e6505c323c8d64df73f2a594a043780df3007e16d161
2cd758eab046eecb663aa71adfb547646f07ef9809ed1fb163a322c32b30ecda
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ede6a21b324d76960dbbc7036fcb5d48bd8a5d69b93f4ef0fb8266ae31fc515
30be525067a4b3b886855264b9f690bbbe8d45e7aaf1381551ce0471199a316d
327bff03815a03aa28f368d2736190b3a501918044016aade71ab4163d2c3350
34e9c01aebc2b737a17ac5c0ae80d6391d64a8ef68db7c3dffbe4cef2b7ef7b7
37c18698722c6a2e4940ee3f65d56e08ad88d779ba3be1865396ac38e91d62ba
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d6f7f4b5314d01b6466d5b95e62fa7387d6391273b094b6e485fee9090be427
42ca97255c160f4b6460ffeaa38a7706685eaebd5145b45191a5c9c2d7c87c1d
433e587206c31e00a841c939942db662bb0bfb58a1611a3f558e921afcfe75a6
43540081ae33f1c3921efeb0d7c6388cd5206ee7185188a3f331559222ef341e
468aaf98493ae682d8014dfe5e0ffd4428c49f8a4668a30a5fd18154d40ec738
46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7
48c20972edce24f03376563f318442b689a607ec9e22591be1524220725d94fa
4a9b26feeb019b0f4d31de16b470f4aefdb42ea158105601341521e0e6eb6141
4f8410f013058de27b95c5e8131036c9adaaeaabc63a5ecb90a1f9e8f181be5f
529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57ee028f35cf7f6b2187f84dcef596d4404b03beccbef562477b6233bd61cc76
5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a
599dd661a1d9e0af96d614fab0ea7396bf06de4265029166a265c2b10cc1a1b0
59faa5a9c84137ef5dfaccb399ebc9063a50ec9cdeac395d38d42c2f715a9d48
5c09e8bec292a5b43b6a5be55beb50de7bf16c101bf236faa43e49ce70f8c229
5c8d63abd4075c4ebd692fbd02e35fb72950f214a6486607c1819d4279ad526f
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5f1e63391856d3352aed3ba6ed5906f1bf38a37330e26da15bd74844a241e80d
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
65795809a3f9ae73c33a0130a04991c0882b94f74a1ed8fc1dca3fff21e8928d
68fdb57f77373689d189e5f4769f1cb4a5c43c8659f6770278bf689b2301c581
6a927b3ecf7e92de249172cbcd84627ba74e73bd8db15f3b3952103126ab3237
6bcc4ca1c87795c43789907a41136e491827f8fcac911ad18d0d17bdb30679b2
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
6fbb8b26d99cd60bf31a3c832a71cd7e5ed40d58079adfa48f2fc7732653b705
72493a3f42ed0260f03b6ffd3ea131be38a1070845bfae24927f643a3fcf3255
72d52dcf32b1f0357fdb9688cb7d59dd429ed01f5bf3098825191ba7e244927c
72fe18777ebf37b44d58c82be9b67edceefb88c2c6984c614c72991d6e3b8853
7438dceeb2b7d1c7dba9f8ed551fb156574b8a20b911bdce9a615eb1cd811e54
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
7b007525d142bbc02dda59ccd34237bfa93685d7e75fe089b44ac1e8bcdef02f
7bad7e0bac49c5fa8a0c1355bff45f53623820d2f91ab5c036e447a8fd334264
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c576593d506da9fdd926b356f37bf25e7dc3938d2fc776fc85aaefd0b58777b
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
8181ebe15c6c3e9bc86cb4d209e035d3d3498dd6ef2ce3a19cd28faf744f49ed
81c836c05ab1f2d37b7aa60d509a656c7a441e2a4fabf035c1b0666a4daa50fa
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
8276d60cb14dcb7bf262b67edf850713d61a995f881b9fefe86118a7c9e837af
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
875f8e591b4fbc6567e2b33553bea9ca2d0e18593bd857783a569fe7bf4ba097
8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d
88badf53b16ffe06a7c8c98815c8cb08635b4037feef05703226fa5b7c63a1fb
88d623d347bc1d092c1d546f62ac989acddceb46ca869c4b48adb62e229daee5
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
95e434e341733ff433604b231b188df10130f774c53ed8f706191b6cec580cab
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d943fe5fde08d5b742d383b625031f75e3e89035369f2cde2778f4c6cf5c119
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4803d7bdeb478a5b9238fe74d8aaa98dafe2e8e68fccbd0e3f4dced823f27f0
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aa1895205efb0ef0fa4232b6289c46a12bf07b9493598c2d50d3afe6d9ce9d9d
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
aa69fadd2520bef455327ee2faafd79a6f8761fc485940b1c579ef1fe9bc6539
ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac892f3c59d3f46c5ae0e739a1c31b684fbdca0cf1cba3a8394cf26f68bb1456
ad1929c116d6ba14a998e3de8cfc3e142fa091a75ee7c3574bdbfad0258f3d0e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31a46ddf5c126c1de06b9052e26831661cd9b904cd255bbb84375bcd8b688ea
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b8eef39219651c2e824894e8f8d35742e86021c1a556136fb6ffc5e1169bccbd
c31a94a2a97f5b5fe19d6d4081c9c66400d9483fc65d62d4ef8ca83b5c2fb57a
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c944a902ee2dca0b6d5bf30c2507e76b6588426ffbe9b04a6bd9c70f0727abb6
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cbd1fd9e5454ee302f349f7a91241a8e37f4daf59dfbbfb26d8c76d4ec49fac9
cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de
cdb0cc0715f6956f1d044503fa5793eec23a76b79c2d74fbff3be44315f137a9
cdd92f4f344ad8f45df20000fe365c776b45b5fe29bad3dabfd16c0f8266bf05
ce881dc95896693e0f88ea5a960fe574f4e2ad7a8a05d4ff6846b29ca8143257
d1478fa19a20a462f4c461d7c2aff8a3e86945475f96f331c06e2681740aac32
d279982ef90edd594effd108c4e40326550e04992973d3b529504b70ce163219
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d8094f06152627e1ab27a06d18b2b2cd4f01bbfe5c0193d76a59ac68b15f1c42
dbd7f1d813cc432777765f0866d0e138226bee883d39f872182999519463c680
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc70b5334393eecc8c7549d4b9bd7d3977fc785afc0b808fa598245e8692f829
dd03eda5317d9d62243195e41b4b52d55640561480d2682fcf6daf9b90987434
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6
dd8ce52adc4b0ab60f82c29ba12f25e2f6446245fc8c0b5f4bd6dab3146f9ef7
e1d17f49687e707b10a61608d1a9cc4e01ab1e3e116bb03dffb058671ee7d092
e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e848ae9917b35cffb61e8be66065a1c90c628d5440a22387b617ae3ec39e33f7
ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaf50dd0be48360746de27c8624174b9689a29834970fe93656ec22cc9b770c
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f24560f5b81158a42b8d38ffe5795d9959eb2308ee6780ea912a6594bb999d1e
f3f2822ba3d24c1f7f53bff8959801c644b2c1c556eb8c15ca36a86717f1ae7d
f64368e7be69abe40585911860d83acfa8b14179d3008b2594166ae4c10ec0fd
f6c5a07d99c4c7c73b6c3731a9a0bfceb6ab8b192eaf5ac6bae45899d0a1f88f
f7c6bfc2a6ecc9c6518511625c865287b5f126b4b2ec14c85962cdbdc8a19a40
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f930a09aad371b7ffc7432476473928d6a44d9eb7cc71630bfa55faf92a3dc49
f9389f24a0631d1ed558cd2a6f03ce70d1dc279674fad09c6bc88a3dd79139c6
fae97720cc87bd389d1798495de074a94dcebf3b166fbbdb8fe931b8d220e907
fbb5b43bced9867f0de741937e47bd3ae5d11089befb3478816411fab3ef6c6e
fcba0ef5c17fd435aaa6cfac66375e7bfae52f5116b7a6e126c8b0f38b841613

www.cybereason.com Open in urlscan Pro 45.60.64.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

207 Requests

97 %HTTPS

52 %IPv6

46 Domains

69 Subdomains

61 IPs

5 Countries

8915 kBTransfer

13585 kBSize

54 Cookies

5 Outgoing links

Page URL History

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cybereason.com Open in urlscan Pro
45.60.64.106 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

97 %
HTTPS

52 %
IPv6

46
Domains

69
Subdomains

61
IPs

5
Countries

8915 kB
Transfer

13585 kB
Size

54
Cookies

207 HTTP transactions
0 data transactions