blog.gigamon.com Open in urlscan Pro
20.94.232.253 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sl01.gigamon.com/t/101350/c/56473c5a-45dc-452a-a95f-b7314784c0fa/NB2HI4DTHIXS6YTMN5TS4Z3JM5QW233OFZRW63JPGIYDEMJP...
Effective URL:
https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff...
Submission: On June 20 via api (June 20th 2022, 10:01:01 am UTC) from IE — Scanned from DE

Summary HTTP 203 Redirects Links 156 Behaviour Indicators

Summary

This website contacted 57 IPs in 6 countries across 44 domains to perform 203 HTTP transactions. The main IP is 20.94.232.253, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is blog.gigamon.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 15th 2022. Valid for: a year.

This is the only time blog.gigamon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.85.73.22 54.85.73.22	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.58.51.104 52.58.51.104	16509 (AMAZON-02) (AMAZON-02)
23	20.94.232.253 20.94.232.253	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.169.199.35 18.169.199.35	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	54.148.139.70 54.148.139.70	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	52.31.67.18 52.31.67.18	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	96.16.137.162 96.16.137.162	16625 (AKAMAI-AS) (AKAMAI-AS)
6	35.81.118.86 35.81.118.86	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:b000:5:5a7c:e400:93a1	16509 (AMAZON-02) (AMAZON-02)
62	18.66.139.99 18.66.139.99	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::ac40:9b40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.17.83 108.138.17.83	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	34.252.147.157 34.252.147.157	16509 (AMAZON-02) (AMAZON-02)
3	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	34.250.43.187 34.250.43.187	16509 (AMAZON-02) (AMAZON-02)
2	52.212.242.20 52.212.242.20	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.205.237.4 23.205.237.4	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.139.102 18.66.139.102	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	3.18.162.240 3.18.162.240	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.46 108.138.17.46	16509 (AMAZON-02) (AMAZON-02)
1	54.211.142.161 54.211.142.161	14618 (AMAZON-AES) (AMAZON-AES)
1	23.111.9.64 23.111.9.64	33438 (STACKPATH) (STACKPATH)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	18.66.139.117 18.66.139.117	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400e:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	54.74.116.255 54.74.116.255	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
2	54.210.20.153 54.210.20.153	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.50.170.21 52.50.170.21	16509 (AMAZON-02) (AMAZON-02)
1 2	52.222.214.93 52.222.214.93	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	18.66.97.57 18.66.97.57	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:27::... 2620:1ec:27::cafe:1746	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::1c91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.121.14.2 3.121.14.2	16509 (AMAZON-02) (AMAZON-02)
3	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	34.193.113.164 34.193.113.164	14618 (AMAZON-AES) (AMAZON-AES)
2	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
203	57

1 54.85.73.22 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-73-22.compute-1.amazonaws.com

sl01.gigamon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.51.104 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-51-104.eu-central-1.compute.amazonaws.com

app.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 20.94.232.253 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

blog.gigamon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.169.199.35 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-199-35.eu-west-2.compute.amazonaws.com

reveal.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ga.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.148.139.70 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-139-70.us-west-2.compute.amazonaws.com

www.gigamon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.67.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-67-18.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 96.16.137.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-162.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.81.118.86 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-118-86.us-west-2.compute.amazonaws.com

app.hushly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:b000:5:5a7c:e400:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2ft3xf0i1jq1c.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 18.66.139.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-99.fra60.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9b40 (United States)

ASN13335 (CLOUDFLARENET, US)

cookies-data.onetrust.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-83.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.147.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-147-157.eu-west-1.compute.amazonaws.com

gigamon.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

gigamon.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.43.187 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-43-187.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.242.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-242-20.eu-west-1.compute.amazonaws.com

gigamon.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.237.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-237-4.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-102.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.18.162.240 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-162-240.us-east-2.compute.amazonaws.com

id.layerfive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-46.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.142.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-142-161.compute-1.amazonaws.com

tracking.leadlander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.64 (United States)

ASN33438 (STACKPATH, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-117.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80f::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.116.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-116-255.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

892-wer-078.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.210.20.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-20-153.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.170.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-170-21.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.93 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-93.fra56.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-57.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1746 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::1c91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.14.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-14-2.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.193.113.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-113-164.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com — Cisco Umbrella Rank: 5944	722 KB
34	gigamon.com 1 redirects sl01.gigamon.com blog.gigamon.com www.gigamon.com — Cisco Umbrella Rank: 696122	1 MB
9	6sc.co j.6sc.co — Cisco Umbrella Rank: 8285 c.6sc.co — Cisco Umbrella Rank: 12139 ipv6.6sc.co — Cisco Umbrella Rank: 8556 b.6sc.co — Cisco Umbrella Rank: 5440	15 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 489	131 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 595 c.clarity.ms — Cisco Umbrella Rank: 1161 f.clarity.ms — Cisco Umbrella Rank: 5600	26 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 9409	40 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 6388 bootstrap.api.drift.com — Cisco Umbrella Rank: 6686	456 B
6	hushly.com app.hushly.com — Cisco Umbrella Rank: 65106	158 KB
5	omtrdc.net gigamon.sc.omtrdc.net gigamon.tt.omtrdc.net	2 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 389 c.bing.com — Cisco Umbrella Rank: 229	13 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 370 www.linkedin.com — Cisco Umbrella Rank: 527 px4.ads.linkedin.com — Cisco Umbrella Rank: 5965	3 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 677 script.hotjar.com — Cisco Umbrella Rank: 992 vars.hotjar.com — Cisco Umbrella Rank: 1037 in.hotjar.com — Cisco Umbrella Rank: 1674	67 KB
4	salesloft.com 1 redirects app.salesloft.com — Cisco Umbrella Rank: 34891 scout-cdn.salesloft.com — Cisco Umbrella Rank: 15924 scout.salesloft.com — Cisco Umbrella Rank: 16259	4 KB
3	company-target.com 1 redirects segments.company-target.com — Cisco Umbrella Rank: 1357 api.company-target.com — Cisco Umbrella Rank: 3519	2 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	129 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 212 gigamon.demdex.net	5 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4381	59 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 432	138 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 12456	406 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 531	1019 B
2	google.de www.google.de — Cisco Umbrella Rank: 5111	564 B
2	google.com www.google.com — Cisco Umbrella Rank: 9	564 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 125	467 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 91	427 B
2	layerfive.com id.layerfive.com — Cisco Umbrella Rank: 445516	340 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3918	6 KB
2	gstatic.com fonts.gstatic.com	44 KB
2	onetrust.io cookies-data.onetrust.io — Cisco Umbrella Rank: 3752	86 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1467 insight.adsrvr.org — Cisco Umbrella Rank: 660	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
2	clearbit.com reveal.clearbit.com — Cisco Umbrella Rank: 19577 ga.clearbit.com — Cisco Umbrella Rank: 45444	4 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 435	702 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 657	98 B
1	mktoresp.com 892-wer-078.mktoresp.com	311 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2428	257 B
1	leadlander.com tracking.leadlander.com — Cisco Umbrella Rank: 142935
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 5254	18 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1015	517 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 818	457 B
1	cloudfront.net d2ft3xf0i1jq1c.cloudfront.net	262 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	70 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 953	3 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 793	6 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1423	38 KB
203	44

	Domain	Requested by
62	js.driftt.com	blog.gigamon.com js.driftt.com
23	blog.gigamon.com	blog.gigamon.com
10	www.gigamon.com	blog.gigamon.com
8	cdn.cookielaw.org	assets.adobedtm.com cdn.cookielaw.org blog.gigamon.com
6	b.6sc.co
6	app.hushly.com	blog.gigamon.com app.hushly.com
6	www.google-analytics.com	assets.adobedtm.com blog.gigamon.com www.google-analytics.com
4	metrics.api.drift.com	js.driftt.com
3	f.clarity.ms	www.clarity.ms
3	bat.bing.com	assets.adobedtm.com bat.bing.com blog.gigamon.com
3	gigamon.sc.omtrdc.net	assets.adobedtm.com blog.gigamon.com
3	connect.facebook.net	assets.adobedtm.com connect.facebook.net
3	static.addtoany.com	blog.gigamon.com static.addtoany.com
3	assets.adobedtm.com	blog.gigamon.com assets.adobedtm.com
2	bootstrap.api.drift.com	js.driftt.com
2	epsilon.6sense.com	j.6sc.co
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	segments.company-target.com	1 redirects blog.gigamon.com
2	match.prod.bidr.io	2 redirects
2	scout.salesloft.com	scout-cdn.salesloft.com
2	www.google.de	blog.gigamon.com
2	www.google.com	blog.gigamon.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.facebook.com	blog.gigamon.com
2	id.layerfive.com	d2ft3xf0i1jq1c.cloudfront.net
2	munchkin.marketo.net	blog.gigamon.com munchkin.marketo.net
2	px.ads.linkedin.com	2 redirects
2	gigamon.tt.omtrdc.net	assets.adobedtm.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cookies-data.onetrust.io	cdn.cookielaw.org
2	dpm.demdex.net	assets.adobedtm.com blog.gigamon.com
2	fonts.googleapis.com	blog.gigamon.com
1	c.bing.com	1 redirects
1	insight.adsrvr.org	js.adsrvr.org
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com	blog.gigamon.com
1	892-wer-078.mktoresp.com	munchkin.marketo.net
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	ga.clearbit.com	assets.adobedtm.com
1	scout-cdn.salesloft.com	blog.gigamon.com
1	tracking.leadlander.com	blog.gigamon.com
1	tag.demandbase.com	blog.gigamon.com
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	blog.gigamon.com
1	www.linkedin.com	1 redirects
1	cm.everesttech.net	1 redirects
1	gigamon.demdex.net	assets.adobedtm.com
1	static.hotjar.com	blog.gigamon.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	d2ft3xf0i1jq1c.cloudfront.net	blog.gigamon.com
1	js.adsrvr.org	assets.adobedtm.com
1	www.googletagmanager.com	assets.adobedtm.com
1	snap.licdn.com	assets.adobedtm.com
1	j.6sc.co	assets.adobedtm.com
1	maxcdn.bootstrapcdn.com	blog.gigamon.com
1	www.googleoptimize.com	blog.gigamon.com
1	reveal.clearbit.com	blog.gigamon.com
1	app.salesloft.com	1 redirects
1	sl01.gigamon.com	1 redirects
203	66

This site contains links to these domains. Also see Links.

Domain
www.gigamon.com
gigamon.force.com
gigamoncp.force.com
community.gigamon.com
jobs.jobvite.com
www.colpipe.com
www.washingtonpost.com
www.wsj.com
www.digitalshadows.com
www.crowdstrike.com
www.cybereason.com
www.eenews.net
www.dragos.com
us-cert.cisa.gov
www.reuters.com
www.whitehouse.gov
www.varonis.com
www.fireeye.com
news.sophos.com
unit42.paloaltonetworks.com
psirt.global.sonicwall.com
blog.talosintelligence.com
docs.microsoft.com
www.teamviewer.com
documentation.help
attack.mitre.org
labs.f-secure.com
github.com
www.torproject.org
redcanary.com
rclone.org
winscp.net
mega.io
www.bloomberg.com
www.lockheedmartin.com
owasp.org
www.brighttalk.com
www.twitter.com
www.youtube.com
www.facebook.com
www.linkedin.com
www.addtoany.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.gigamon.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-15` - `2023-05-16`	a year	crt.sh
clearbit.com Amazon	`2021-08-27` - `2022-09-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-29` - `2022-06-27`	3 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
*.hushly.com Amazon	`2021-09-15` - `2022-10-13`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
onetrust.io Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
id.layerfive.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
*.leadlander.com Go Daddy Secure Certificate Authority - G2	`2022-02-27` - `2023-03-31`	a year	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-16` - `2023-04-14`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.6sense.com Amazon	`2022-05-31` - `2023-06-29`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Frame ID: 274487A4737D6E7EE5E011C6F9D196E3
Requests: 130 HTTP requests in this frame

Frame: https://gigamon.demdex.net/dest5.html?d_nsid=0
Frame ID: 6C5B692531CBFF79321C0532FECDABFF
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: A49738F7A9DD8951414F7B8AA0709DB3
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: C1F7D7AA333712B411D8F1F8C54127BE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4E54C17865B75B632F9E86C27C344213
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: AF2F8D01461972882D5EF5C9820EA9A3
Requests: 32 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
Frame ID: 1E1C8B8F2BE4122811D9A1C7FB558CD0
Requests: 32 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=saipq4q&ref=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&upid=y0gkr84&upv=1.1.0
Frame ID: 61D2D54ED8A30187091860916D1001A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tracking DarkSide and Ransomware: The Network View - Gigamon BlogBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://sl01.gigamon.com/t/101350/c/56473c5a-45dc-452a-a95f-b7314784c0fa/NB2HI4DTHIXS6YTMN5TS4Z3JM5QW... HTTP 302
https://app.salesloft.com/t/101350/c/56473c5a-45dc-452a-a95f-b7314784c0fa/NB2HI4DTHIXS6YTMN5TS4Z3JM5QW... HTTP 302
https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clearbit Reveal (Analytics) Expand

Overall confidence: 100%
Detected patterns

reveal\.clearbit\.com/v[(0-9)]/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

203
Requests

98 %
HTTPS

38 %
IPv6

44
Domains

66
Subdomains

57
IPs

6
Countries

3276 kB
Transfer

8055 kB
Size

67
Cookies

156 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gigamon.com/content/gigamon/en_us/products/access-traffic/cloud-suite.html
Title: GigaVUE Cloud Suite

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/cloud/public-cloud/gigavue-cloud-suite-aws.html
Title: AWS

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/cloud/public-cloud/gigavue-cloud-suite-azure.html
Title: Azure

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/cloud/private-cloud/gigavue-cloud-suite-kubernetes.html
Title: Kubernetes

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/cloud/private-cloud/gigavue-cloud-suite-nutanix.html
Title: Nutanix

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/cloud/private-cloud/gigavue-cloud-suite-openstack.html
Title: OpenStack

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/cloud/private-cloud/gigavue-cloud-suite-vmware.html
Title: VMware

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/products/detect-respond/gigamon-threatinsight.html
Title: ThreatINSIGHT

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/products/optimize-traffic/traffic-intelligence/gigasmart/ssl-tls-decryption.html
Title: SSL/TLS Decryption

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/products/optimize-traffic/application-intelligence/application-filtering-intelligence.html
Title: Application Filtering

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/products/optimize-traffic/application-intelligence/application-metadata.html
Title: Application Metadata

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/products/access-traffic/physical-nodes.html
Title: GigaVUE Appliances

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/products/access-traffic/physical-nodes/gigavue-hc-series.html
Title: HC Series

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/products/access-traffic/network-taps.html
Title: Network TAPs

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/products/access-traffic/traffic-aggregators.html
Title: Traffic Aggregators

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/products/management/gigavue-fm.html
Title: GigaVUE Fabric Manager

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/products/optimize-traffic/traffic-intelligence/gigasmart.html
Title: GigaSMART

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/accelerate-cloud-migration.html
Title: Accelerate Cloud Migration

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/multi-cloud.html
Title: Acquire Multi-Cloud Observability

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/assure-cloud-security-compliance.html
Title: Assure Cloud Security and Compliance

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/manage-cloud-cost-complexity.html
Title: Reduce Cloud Cost and Complexity

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/optimize-my-network-and-security-tools.html
Title: Optimize Tools Performance

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/make-network-changes-without-disruption.html
Title: Make Network Changes Without Disruption

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/network-operations.html
Title: Put NetOps Back in Control

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/security-operations.html
Title: Stronger Security Starts with Network Visibility

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/campaigns/zero-trust.html
Title: Build a Zero Trust Architecture

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/solve-soc-visibility-gaps.html
Title: Eliminate the SOC Visibility Gap

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/adversary-detection-and-hunting.html
Title: Proactively Hunt and Detect for Adversaries

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/improve-soc-ir-effectiveness.html
Title: Improve SOC and IR Effectiveness

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/industry/federal.html
Title: Federal

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/industry/financial-services.html
Title: Financial Services

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/industry/healthcare.html
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/industry/IOT.html
Title: IoT, OT, ICS

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/industry/sled.html
Title: SLED

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/service-provider.html
Title: Service Providers

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/partners/technology-partners.html
Title: Technology Alliance Partners

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/partners/channel-partners.html
Title: Channel Partners

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/partners/professional-services-support-partners.html
Title: Support and Professional Services Partners

Search URL Search Domain Scan URL

URL: http://gigamon.force.com/partnerlocator
Title: Partner Locator

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/partners/channel-partners/become-a-partner.html
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://gigamoncp.force.com/partnercommunity/s/login
Title: Partner Portal Login

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/support/support-and-services.html
Title: Support and Services

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/support/policies.html
Title: Policies

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/support/warranty.html
Title: Warranty

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/support/support-and-services/contact-support.html
Title: Contact Support

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/support/education-services.html
Title: Education Services

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/support/professional-services.html
Title: Professional Services

Search URL Search Domain Scan URL

URL: https://community.gigamon.com/gigamoncp/s/answers-and-articles#forums
Title: Discussion Forum

Search URL Search Domain Scan URL

URL: https://community.gigamon.com/gigamoncp/s/answers-and-articles
Title: All Content

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/customers/customer-success.html
Title: View All

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/search-results.html?&t=All&sort=relevancy#t=Resources
Title: Resource Library

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/resources/navigating-life-in-the-cloud-podcast.html
Title: Cloud Journey Podcast

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/resources/learning-center.html
Title: Learning Center

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/resources/ndr.html
Title: NDR Resource Center

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/resources/resource-library/webinar-hub.html
Title: Webinars

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/company/news-and-events/events.html
Title: Events

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/company/news-and-events/newsroom.html
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/company/company-information.html
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/company/careers.html
Title: Careers

Search URL Search Domain Scan URL

URL: https://community.gigamon.com/gigamoncp/s/login/
Title: Community

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us.html
Title: English

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/fr.html
Title: Français

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/de.html
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/jp.html
Title: 日本語

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/kr.html
Title: 한국어

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/cn.html
Title: 简体中文

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/contact-us.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/products/visibility-analytics-fabric.html
Title: LEARN MORE

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/cloud.html
Title: LEARN MORE

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/lp/free-trial/request-live-cloud-demo.html
Title: GET A DEMO

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/lp/free-trial/request-live-demo.html
Title: GET A DEMO

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/lp/demos.html
Title: GET A DEMO

Search URL Search Domain Scan URL

URL: https://community.gigamon.com/gigamoncp/s/my-gigamon
Title: MY GIGAMON

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/dam/resource-library/english/case-study---use-cases/cs-australian-national-university.pdf
Title: Australian National University

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/dam/resource-library/english/case-study---use-cases/cs-cegedim.pdf
Title: Cegedim.cloud

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/dam/resource-library/english/case-study---use-cases/cs-department-of-defense.pdf
Title: Department of Defense

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/campaigns/network-tools-efficiency.html
Title: Efficient Tools Are Happy Tools

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/resources/resource-library/book/definitive-guide-network-visibility-and-analytics-hybrid-cloud.html
Title: Achieve Hybrid Cloud Observability

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/dam/resource-library/english/book/eb-what-is-deep-observability.pdf
Title: Deep Observability eBook

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/campaigns/deep-observability.html
Title: Supercharge Your Security and Observability Tools

Search URL Search Domain Scan URL

URL: https://jobs.jobvite.com/gigamon
Title: Join the Team

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/lp/free-trial.html
Title: DEMOS

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/contact-sales
Title: CONTACT SALES

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/products/detect-respond/gigamon-threatinsight.html
Title: network detection

Search URL Search Domain Scan URL

URL: https://www.colpipe.com/news/press-releases/media-statement-colonial-pipeline-system-disruption
Title: Colonial Pipeline

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/business/2021/05/08/cyber-attack-colonial-pipeline/
Title: the company preemptively shut down linked industrial control systems

Search URL Search Domain Scan URL

URL: https://www.wsj.com/articles/fbi-suspects-criminal-group-with-ties-to-eastern-europe-in-pipeline-hack-11620664720
Title: linked to a

Search URL Search Domain Scan URL

URL: https://www.digitalshadows.com/blog-and-research/darkside-the-new-ransomware-group-behind-highly-targeted-attacks/
Title: at least August 2020

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/cybersecurity-101/ransomware/ransomware-as-a-service-raas/
Title: “Ransomware as a Service” or “affiliate” model

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/rise-of-double-extortion-shines-spotlight-on-ransomware-prevention
Title: “double-extortion”

Search URL Search Domain Scan URL

URL: https://www.eenews.net/stories/1060078327
Title: first notable cyber intrusion in pipeline systems

Search URL Search Domain Scan URL

URL: https://www.dragos.com/blog/industry-news/assessment-of-ransomware-event-at-u-s-pipeline-operator/
Title: ransomware

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/alerts/aa20-049a
Title: event

Search URL Search Domain Scan URL

URL: https://www.reuters.com/business/energy/us-fuel-supplies-tighten-energy-pipeline-outage-enters-fifth-day-2021-05-11/
Title: panic buying of gasoline

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/briefing-room/statements-releases/2021/05/10/statement-by-press-secretary-jen-psaki-on-the-colonial-pipeline-incident/
Title: statements from the White House

Search URL Search Domain Scan URL

URL: https://www.wsj.com/articles/colonial-pipeline-expects-to-fully-restore-service-thursday-following-cyberattack-11620917499
Title: early as May 12, 2021

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/cybereason-vs-darkside-ransomware
Title: Cyberreason Nocturnus’ overview of activity

Search URL Search Domain Scan URL

URL: https://www.varonis.com/blog/darkside-ransomware/
Title: Varonis reporting

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2021/05/shining-a-light-on-darkside-ransomware-operations.html
Title: An overview of recent DarkSide behaviors from FireEye

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/05/11/a-defenders-view-inside-a-darkside-ransomware-attack/
Title: Observations from incident response engagements from Sophos

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/darkside-ransomware/
Title: analysis from Palo Alto Unit 42

Search URL Search Domain Scan URL

URL: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0001
Title: CVE-2021-20016

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2019/11/hunting-for-lolbins.html
Title: LoLBins

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/sysinternals/
Title: Sysinternals

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/sysinternals/downloads/psexec
Title: PSExec

Search URL Search Domain Scan URL

URL: https://www.teamviewer.com/en-us/
Title: TeamViewer

Search URL Search Domain Scan URL

URL: https://documentation.help/PuTTY/plink-usage.html
Title: Plink

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/software/S0154/
Title: Cobalt Strike

Search URL Search Domain Scan URL

URL: https://labs.f-secure.com/tools/c3/
Title: Custom Command and Control (C3)

Search URL Search Domain Scan URL

URL: https://github.com/sense-of-security/ADRecon
Title: ADRecon

Search URL Search Domain Scan URL

URL: https://github.com/BloodHoundAD/BloodHound
Title: BloodHound

Search URL Search Domain Scan URL

URL: https://www.torproject.org/
Title: The Onion Router (TOR)

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/software/S0002/
Title: Mimikatz

Search URL Search Domain Scan URL

URL: https://redcanary.com/blog/rclone-mega-extortion/
Title: reporting from researchers at Red Canary

Search URL Search Domain Scan URL

URL: https://rclone.org/
Title: Rclone

Search URL Search Domain Scan URL

URL: https://winscp.net/eng/download.php
Title: WinSCP

Search URL Search Domain Scan URL

URL: https://mega.io/
Title: Mega.io

Search URL Search Domain Scan URL

URL: https://github.com/meganz/MEGAcmd
Title: MEGAcmd

Search URL Search Domain Scan URL

URL: https://github.com/meganz/MEGAsync
Title: MEGAsync

Search URL Search Domain Scan URL

URL: https://www.bloomberg.com/news/articles/2021-05-10/cyber-sleuths-blunted-pipeline-hack-choked-data-flow-to-russia?sref=ylv224K8
Title: leveraged cloud hosting infrastructure

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/business/2021/05/10/colonial-pipeline-gas-oil-markets/
Title: specifically from Digital Ocean

Search URL Search Domain Scan URL

URL: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html
Title: Cyber Kill Chain

Search URL Search Domain Scan URL

URL: https://owasp.org/www-community/attacks/Credential_stuffing
Title: credential stuffing

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/
Title: MITRE ATT&CK

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/products/visibility-analytics-fabric.html
Title: Gigamon visibility fabric

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/04/21/nearly-half-of-malware-now-use-tls-to-conceal-communications/
Title: increasingly leverage SSL/TLS

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/products/optimize-traffic/traffic-intelligence/gigasmart/ssl-tls-decryption.html
Title: Gigamon for TLS inspection

Search URL Search Domain Scan URL

URL: https://www.brighttalk.com/webcast/15843/486080
Title: Register here >>

Search URL Search Domain Scan URL

URL: https://community.gigamon.com/gigamoncp/s/group/0F91O0000009cNHSAY/security
Title: Security

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/resources/resource-library/white-paper/wp-sans-2022-ransomware-defense-report.html

Search URL Search Domain Scan URL

URL: https://www.brighttalk.com/webcast/15843/529451?utm_source=Blog&utm_medium=webinar&utm_campaign=22Q1_NA-US_IDM_WBR_Ransomware_BT-ActualTech-Ransomware-Best-Practices-Replay

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/resources/resource-library/white-paper/wp-gti-tls-ssl.html

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/campaigns/ransomware.html

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/company/company-information/management.html
Title: Leadership Team

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/legal.html
Title: Legal Resources

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/contact-us/office-locations.html
Title: Offices

Search URL Search Domain Scan URL

URL: https://community.gigamon.com/gigamoncp/s/
Title: Community

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/contact-sales.html
Title: Contact Sales

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/products/software-licensing.html
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/support/terms-and-conditions.html
Title: Product and Support Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/solutions/service-provider/5g.html
Title: 5G Solutions

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/resources/deep-observability.html
Title: Deep Observability Defined

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/dam/resource-library/english/data-sheet/cc-gigamon-product-comparison.pdf
Title: Gigamon Product Comparison

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/campaigns/ransomware.html
Title: Ransomware

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/lp/visualyze-user-conference.html
Title: Visualyze Cloud Visibility Conference

Search URL Search Domain Scan URL

URL: https://www.twitter.com/gigamon

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC6Vd7BRPT3wDE9DkEJNYinA

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gigamon/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gigamon

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/terms-agreement.html
Title: Terms & Agreement

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/cookie-policy.html
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/content/gigamon/en_us/security-disclosure.html
Title: Security

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

URL: https://www.gigamon.com/cookie-policy.html
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sl01.gigamon.com/t/101350/c/56473c5a-45dc-452a-a95f-b7314784c0fa/NB2HI4DTHIXS6YTMN5TS4Z3JM5QW233OFZRW63JPGIYDEMJPGA2S6MJXF52HEYLDNNUW4ZZNMRQXE23TNFSGKLLBNZSC24TBNZZW63LXMFZGKLLUNBSS23TFOR3W64TLFV3GSZLXF47XK5DNL5ZW65LSMNST2YTEOIWWK3LBNFWCMZC7OV2GWPJQGAZGCN3GMYZS2ZJVGZSC2NDEGU4C2YJWMJSS2OBZME2GIYRQGA2WEMJS/blog-gigamon-com-2021-05-17-tracking-darkside-and-ransomware-the-network-vi HTTP 302
https://app.salesloft.com/t/101350/c/56473c5a-45dc-452a-a95f-b7314784c0fa/NB2HI4DTHIXS6YTMN5TS4Z3JM5QW233OFZRW63JPGIYDEMJPGA2S6MJXF52HEYLDNNUW4ZZNMRQXE23TNFSGKLLBNZSC24TBNZZW63LXMFZGKLLUNBSS23TFOR3W64TLFV3GSZLXF47XK5DNL5ZW65LSMNST2YTEOIWWK3LBNFWCMZC7OV2GWPJQGAZGCN3GMYZS2ZJVGZSC2NDEGU4C2YJWMJSS2OBZME2GIYRQGA2WEMJS/blog-gigamon-com-2021-05-17-tracking-darkside-and-ransomware-the-network-vi HTTP 302
https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://cm.everesttech.net/cm/dd?d_uuid=87136677559445283780447548100031058619 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YrBFVwAAAFesJANe

Request Chain 73

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3831156&time=1655719255486&url=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Fd_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12%26utm_source%3Dbdr-email HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3831156%26time%3D1655719255486%26url%3Dhttps%253A%252F%252Fblog.gigamon.com%252F2021%252F05%252F17%252Ftracking-darkside-and-ransomware-the-network-view%252F%253Fd_utk%253D002a7ff3-e56d-4d58-a6be-89a4db005b12%2526utm_source%253Dbdr-email%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3831156&time=1655719255486&url=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Fd_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12%26utm_source%3Dbdr-email&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3831156&time=1655719255486&url=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Fd_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12%26utm_source%3Dbdr-email&liSync=true&e_ipv6=AQJcT32ZerzU3AAAAYGAjuABeQt25aEZ2F7OwsISxM6g__RFoa2L5Fq8Q0Q4SVs0QKS4cHfgjnVIj9LtcaW4giakHGmHGQ

Request Chain 100

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAdx_E7FYIsAABUBgMeHsg HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAdx_E7FYIsAABUBgMeHsg&verifyHash=585b00f0394e90aa2e9ebb84febfed78679f4dfe

Request Chain 121

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=DA66838F0E914E0EADB395CE73FEDD13&RedC=c.clarity.ms&MXFR=0B3DD49F0AE26EC720CCC5560EE26023 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=DA66838F0E914E0EADB395CE73FEDD13&MUID=34A5E669DD1C61D01340F7A0DCCE60DC

203 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/
Redirect Chain

https://sl01.gigamon.com/t/101350/c/56473c5a-45dc-452a-a95f-b7314784c0fa/NB2HI4DTHIXS6YTMN5TS4Z3JM5QW233OFZRW63JPGIYDEMJPGA2S6MJXF52HEYLDNNUW4ZZNMRQXE23TNFSGKLLBNZSC24TBNZZW63LXMFZGKLLUNBSS23TFOR3W...
https://app.salesloft.com/t/101350/c/56473c5a-45dc-452a-a95f-b7314784c0fa/NB2HI4DTHIXS6YTMN5TS4Z3JM5QW233OFZRW63JPGIYDEMJPGA2S6MJXF52HEYLDNNUW4ZZNMRQXE23TNFSGKLLBNZSC24TBNZZW63LXMFZGKLLUNBSS23TFOR3...
https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

136 KB
30 KB

932ms
438ms

Document
text/html

20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: 8bbcee206b32c385c31c893d46d3252ea5b88bbc13c4acf7adb4184d571104bf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Jun 2022 10:00:54 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.26

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 220
Content-Type: text/html; charset=utf-8
Date: Mon, 20 Jun 2022 10:00:53 GMT
Location: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: 1618a56f6cf73ba8b21a275136710a9a
X-Runtime: 0.054376
X-XSS-Protection: 1; mode=block

GET
H2 200 reveal Show response
reveal.clearbit.com/v1/companies/ 2 KB
1 KB 314ms
261ms Script
application/javascript 18.169.199.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://reveal.clearbit.com/v1/companies/reveal?authorization=pk_b132cd96807d0b8a9a93de49949f5dc1&variable=reveal

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.199.35 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-199-35.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

163b12031c5a3803d6791044c42f5bcc01675ec6a746e709eebc5b54c6214992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
x-api-version: 2018-03-28
vary: Accept-Encoding
x-account-id: 97bf1490-906f-4f60-970e-379b131b8ec2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 97 KB
38 KB 51ms
16ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NJ59WXH

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de89cbbd14daf219a675ae9dfbaec585ad4406a58878a1afd50fa9639ca6cb0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38774
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Jun 2022 10:00:54 GMT

GET
H/1.1 200
OK i17xl.js Show response
blog.gigamon.com/wp-content/cache/wpfc-minified/2c5h8fe1/ 202 B
503 B 160ms
159ms Script
application/javascript 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.gigamon.com/wp-content/cache/wpfc-minified/2c5h8fe1/i17xl.js
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: b07d46063eb26b4665aba201fb16d0377b00cbfadd541c0274c5333f340ec477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 18:08:35 GMT
Server: nginx
ETag: W/"62683523-ca"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 launch-998be3cabc13.min.js Show response
assets.adobedtm.com/c82e2088a759/3b64889e0c2d/ 477 KB
124 KB 69ms
13ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ba276950627b9533a533197b10f92e6675ff9ba0f9a43fae92715183ab2deb0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:54 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 06:13:48 GMT
server: AkamaiNetStorage
etag: "9771c090598193b16b68a536b2a8c816:1655273628.343374"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.gigamon.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 126656
expires: Mon, 20 Jun 2022 11:00:54 GMT

GET
H/1.1 200
OK i17xl.css
blog.gigamon.com/wp-content/cache/wpfc-minified/9k56tri4/ 494 KB
90 KB 323ms
163ms Stylesheet
text/css 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.gigamon.com/wp-content/cache/wpfc-minified/9k56tri4/i17xl.css
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 093c5fc8801303cec13a29b0c0336ebac08424f9eb285f0bfd49cd3208efd968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 18:08:35 GMT
Server: nginx
ETag: W/"62683523-7b9fb"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
6 KB 63ms
27ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css?ver=5.8.2

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 81320
cdn-cachedat: 2021-08-02 19:09:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b617f2db7185e51b12a3028f302ece41
cf-ray: 71e3a8fc5b0e2355-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 47ms
18ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700&ver=5.8.2

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 08:23:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Jun 2022 10:00:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Jun 2022 10:00:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
776 B 47ms
19ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3Aital%2Cwght%400%2C300%3B0%2C400%3B0%2C500%3B0%2C700%3B1%2C400&display=swap&ver=5.8.2

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6057aff4b7013d7d1449abf35f70fccf4223aa063cb37aa6ee0f3f5ea29d014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 10:00:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Jun 2022 10:00:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Jun 2022 10:00:54 GMT

GET
H/1.1 200
OK i17xl.css
blog.gigamon.com/wp-content/cache/wpfc-minified/ma4t8nd1/ 17 KB
5 KB 624ms
312ms Stylesheet
text/css 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.gigamon.com/wp-content/cache/wpfc-minified/ma4t8nd1/i17xl.css
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: a3b968f9e4a689e5e201c76fbac4aa938a81bfd4efae20b3eb12b22f47947576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 18:08:35 GMT
Server: nginx
ETag: W/"62683523-43e6"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 73ms
35ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:55 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92126
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 08:23:25 GMT
server: cloudflare
etag: W/"11ee2-5d2116348919c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 71e3a901bf17020d-ZRH
cf-bgj: minify

GET
H/1.1 200
OK i17xl.js Show response
blog.gigamon.com/wp-content/cache/wpfc-minified/mjmtbocj/ 99 KB
38 KB 649ms
322ms Script
application/javascript 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.gigamon.com/wp-content/cache/wpfc-minified/mjmtbocj/i17xl.js
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 08b71676cab1511c70dfd06d4d02bd7479ae6dd57380ba8fe30684d08711665f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 18:08:35 GMT
Server: nginx
ETag: W/"62683523-18b1d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK i17xl.js Show response
blog.gigamon.com/wp-content/cache/wpfc-minified/992dit7t/ 3 KB
2 KB 798ms
316ms Script
application/javascript 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.gigamon.com/wp-content/cache/wpfc-minified/992dit7t/i17xl.js
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 7738674678ed4ccfbd2cf59fce20ef460374a267a115755177ee00f3912d49a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2022 18:08:35 GMT
Server: nginx
ETag: W/"62683523-c49"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gigamon-logo-white.svg
www.gigamon.com/content/dam/website-assets/icons/ 4 KB
3 KB 665ms
306ms Image
image/svg+xml 54.148.139.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gigamon.com/content/dam/website-assets/icons/gigamon-logo-white.svg

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.139.70 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-139-70.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

6c96f281c608a304b6424aa52261b114c36226f78062446f6ac513c751938c5a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://content.gigamon.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-dispatcher: dispatcher2uswest2
content-security-policy: frame-ancestors 'self' https://content.gigamon.com
content-encoding: gzip
x-content-type-options: nosniff
age: 10573363
x-vhost: gigamon
date: Mon, 20 Jun 2022 10:00:55 GMT
content-disposition: attachment; filename="gigamon-logo-white.svg"
content-length: 2080
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Jan 2020 19:44:39 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1109-59b2d6c7517c0-gzip"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
accept-ranges: bytes

GET
H2 200 navthumb-anu-logo.png.imgo.png
www.gigamon.com/content/dam/website-assets/customers/ 29 KB
30 KB 666ms
308ms Image
image/png 54.148.139.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gigamon.com/content/dam/website-assets/customers/navthumb-anu-logo.png.imgo.png

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.139.70 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-139-70.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ee89d95117140f3beccf075a232f1ad550f3ba1b4140558da8d24c68bffd35df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://content.gigamon.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-dispatcher: dispatcher1uswest2
content-security-policy: frame-ancestors 'self' https://content.gigamon.com
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 18:07:32 GMT
server: Apache
age: 10166003
date: Mon, 20 Jun 2022 10:00:55 GMT
x-vhost: gigamon
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 29551
etag: "736f-5d89f390b6100"

GET
H2 200 navthumb-cegedim-cloud.png.imgo.png
www.gigamon.com/content/dam/website-assets/customers/ 16 KB
17 KB 819ms
462ms Image
image/png 54.148.139.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gigamon.com/content/dam/website-assets/customers/navthumb-cegedim-cloud.png.imgo.png

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.139.70 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-139-70.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

c40fececba16222c9966bb1cd461f167083f00b56902f37674df56738581c0c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://content.gigamon.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-dispatcher: dispatcher2uswest2
content-security-policy: frame-ancestors 'self' https://content.gigamon.com
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 18:07:36 GMT
server: Apache
age: 10165999
date: Mon, 20 Jun 2022 10:00:55 GMT
x-vhost: gigamon
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 16611
etag: "40e3-5d89f39486a00"

GET
H2 200 navthumb-dept-defense.png.imgo.png
www.gigamon.com/content/dam/website-assets/customers/ 10 KB
11 KB 513ms
155ms Image
image/png 54.148.139.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gigamon.com/content/dam/website-assets/customers/navthumb-dept-defense.png.imgo.png

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.139.70 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-139-70.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

4b16ef712f5637c1e1cb635c0a1f4ed8164c42ec6d40781c4c293e57bb819881

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://content.gigamon.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-dispatcher: dispatcher2uswest2
content-security-policy: frame-ancestors 'self' https://content.gigamon.com
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 18:07:36 GMT
server: Apache
age: 10165999
date: Mon, 20 Jun 2022 10:00:55 GMT
x-vhost: gigamon
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 10612
etag: "2974-5d89f39486a00"

GET
H2 200 featured-nav-thumb-net-calculator.jpg.imgo.jpg
www.gigamon.com/content/dam/website-assets/thumbnails/ 6 KB
7 KB 799ms
463ms Image
image/jpeg 54.148.139.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gigamon.com/content/dam/website-assets/thumbnails/featured-nav-thumb-net-calculator.jpg.imgo.jpg

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.139.70 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-139-70.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e899e2caae4ad860dcd75b23f54757f28edc17668106fd5c01a29cc6649146ef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://content.gigamon.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-dispatcher: dispatcher1uswest2
content-security-policy: frame-ancestors 'self' https://content.gigamon.com
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 17:00:52 GMT
server: Apache
age: 5936403
date: Mon, 20 Jun 2022 10:00:55 GMT
x-vhost: gigamon
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 6481
etag: "1951-5dc7800d99900"

GET
H2 200 navthumb-def-guide-2022.jpg.imgo.jpg
www.gigamon.com/content/dam/website-assets/thumbnails/ 24 KB
25 KB 747ms
463ms Image
image/jpeg 54.148.139.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gigamon.com/content/dam/website-assets/thumbnails/navthumb-def-guide-2022.jpg.imgo.jpg

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.139.70 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-139-70.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

d7192cbdf920d1507d2c01a6de21033c443615a7bce93a628c3ea59b62475e99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://content.gigamon.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-dispatcher: dispatcher1uswest2
content-security-policy: frame-ancestors 'self' https://content.gigamon.com
x-content-type-options: nosniff
last-modified: Wed, 09 Mar 2022 19:42:49 GMT
server: Apache
age: 8864286
date: Mon, 20 Jun 2022 10:00:55 GMT
x-vhost: gigamon
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 24573
etag: "5ffd-5d9ce4d6c8040"

GET
H2 200 navthumb-eb-networkcloud.jpg.imgo.jpg
www.gigamon.com/content/dam/website-assets/thumbnails/ 27 KB
28 KB 382ms
381ms Image
image/jpeg 54.148.139.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gigamon.com/content/dam/website-assets/thumbnails/navthumb-eb-networkcloud.jpg.imgo.jpg

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.139.70 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-139-70.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e1736d07e12e0d9ffd919b0c839ac70e535ac986640cbe8536b91d4c6fbcb621

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://content.gigamon.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-dispatcher: dispatcher2uswest2
content-security-policy: frame-ancestors 'self' https://content.gigamon.com
x-content-type-options: nosniff
last-modified: Fri, 08 Apr 2022 18:00:10 GMT
server: Apache
age: 6278445
date: Mon, 20 Jun 2022 10:00:55 GMT
x-vhost: gigamon
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 28149
etag: "6df5-5dc285d8ede80"

GET
H2 200 navthumb-elevator-campaign.jpg.imgo.jpg
www.gigamon.com/content/dam/website-assets/thumbnails/ 11 KB
11 KB 382ms
382ms Image
image/jpeg 54.148.139.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gigamon.com/content/dam/website-assets/thumbnails/navthumb-elevator-campaign.jpg.imgo.jpg

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.139.70 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-139-70.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

69f17557e054f28f03eb92e3388e972e13c99224549cb9088bbb38336499482f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://content.gigamon.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-dispatcher: dispatcher1uswest2
content-security-policy: frame-ancestors 'self' https://content.gigamon.com
x-content-type-options: nosniff
last-modified: Fri, 08 Apr 2022 17:03:14 GMT
server: Apache
age: 6281861
date: Mon, 20 Jun 2022 10:00:55 GMT
x-vhost: gigamon
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 10829
etag: "2a4d-5dc2791f2d880"

GET
H2 200 nav-thumb-greatplace.png.imgo.png
www.gigamon.com/content/dam/website-assets/thumbnails/ 34 KB
35 KB 382ms
381ms Image
image/png 54.148.139.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gigamon.com/content/dam/website-assets/thumbnails/nav-thumb-greatplace.png.imgo.png

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.139.70 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-139-70.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

396c8ddd0313efc5fa48b81cf0a6cfeea05e3e62da4859c807ff98bb71634237

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://content.gigamon.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-dispatcher: dispatcher2uswest2
content-security-policy: frame-ancestors 'self' https://content.gigamon.com
x-content-type-options: nosniff
last-modified: Fri, 18 Feb 2022 00:58:15 GMT
server: Apache
age: 10573360
date: Mon, 20 Jun 2022 10:00:55 GMT
x-vhost: gigamon
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 34645
etag: "8755-5d84060acd7c0"

GET
H/1.1 200
OK gigamon-blog-logo.svg
blog.gigamon.com/wp-content/themes/gigamonblogvfour/images/ 13 KB
14 KB 338ms
160ms Image
image/svg+xml 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.gigamon.com/wp-content/themes/gigamonblogvfour/images/gigamon-blog-logo.svg
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 74d2d77d9c416a257559608f10f298a0e32fc8180cac67dd596d5e14d2f4f3b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Last-Modified: Tue, 22 Mar 2022 19:15:46 GMT
Server: nginx
ETag: "623a2062-3572"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13682

GET
H/1.1 200
OK magnifying-glass.svg
blog.gigamon.com/wp-content/themes/gigamonblogvfour/images/ 1 KB
1 KB 363ms
155ms Image
image/svg+xml 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.gigamon.com/wp-content/themes/gigamonblogvfour/images/magnifying-glass.svg
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c88179c16659e0da35d9cac18a633b3456b8031f699eb262ac7caee141409bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Last-Modified: Tue, 22 Mar 2022 19:15:46 GMT
Server: nginx
ETag: "623a2062-4e4"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1252

GET
H/1.1 200
OK group-435.png
blog.gigamon.com/wp-content/uploads/2020/08/ 22 KB
23 KB 159ms
159ms Image
image/png 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.gigamon.com/wp-content/uploads/2020/08/group-435.png
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 6a1221f4215707c1dccd6a0b68f95210ddda3c42e3c613e633e69f33cf2b5095

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Last-Modified: Wed, 29 Sep 2021 18:32:58 GMT
Server: nginx
ETag: "6154b15a-58e7"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22759
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK blog-ebook-icon.svg
blog.gigamon.com/wp-content/uploads/2020/08/ 1 KB
1 KB 156ms
156ms Image
image/svg+xml 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.gigamon.com/wp-content/uploads/2020/08/blog-ebook-icon.svg
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 10fc2ba363025beddd6891257637b38f8acdb74f87ab426c25c7fdeee393f0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Last-Modified: Mon, 24 Aug 2020 03:10:08 GMT
Server: nginx
ETag: "5f432f90-48c"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1164

GET
H/1.1 200
OK carat-orange.svg
blog.gigamon.com/wp-content/themes/gigamonblogvfour/images/ 281 B
516 B 159ms
158ms Image
image/svg+xml 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.gigamon.com/wp-content/themes/gigamonblogvfour/images/carat-orange.svg
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 34bdaa2f3129b41801dd8d081e70bbc878e14f4381708caa7378a2cb555a3a21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Last-Modified: Tue, 22 Mar 2022 19:15:46 GMT
Server: nginx
ETag: "623a2062-119"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 281

GET
H/1.1 200
OK blog-webinar-icon.svg
blog.gigamon.com/wp-content/uploads/2020/08/ 1 KB
1 KB 160ms
159ms Image
image/svg+xml 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.gigamon.com/wp-content/uploads/2020/08/blog-webinar-icon.svg
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 4303e6bd813d907078a56b9e42c455f5c9c0dc3b7dbfee0c06ee5b1a242d942a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:56 GMT
Last-Modified: Mon, 24 Aug 2020 03:10:09 GMT
Server: nginx
ETag: "5f432f91-436"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1078

GET
H/1.1 200
OK blog-webpage-icon.svg
blog.gigamon.com/wp-content/uploads/2020/08/ 3 KB
3 KB 160ms
160ms Image
image/svg+xml 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.gigamon.com/wp-content/uploads/2020/08/blog-webpage-icon.svg
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 727ab1a34e2bdc5419c1244497484c344755657d4d218f76339f5cfe88c68a3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:56 GMT
Last-Modified: Mon, 24 Aug 2020 03:10:09 GMT
Server: nginx
ETag: "5f432f91-baa"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2986

GET
H/1.1 200
OK arrow-top.svg
blog.gigamon.com/wp-content/themes/gigamonblogvfour/images/ 4 KB
4 KB 346ms
159ms Image
image/svg+xml 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.gigamon.com/wp-content/themes/gigamonblogvfour/images/arrow-top.svg
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 300021deaa8115b341eeb1f237e192726651c84f00f49468c71d1262d1cd8881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Last-Modified: Tue, 22 Mar 2022 19:15:46 GMT
Server: nginx
ETag: "623a2062-ed0"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3792

GET
H/1.1 200
OK jquery.min.js Show response
blog.gigamon.com/wp-content/themes/gigamonblogvfour/scripts/ 84 KB
33 KB 324ms
323ms Script
application/javascript 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.gigamon.com/wp-content/themes/gigamonblogvfour/scripts/jquery.min.js
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Mar 2022 19:15:46 GMT
Server: nginx
ETag: W/"623a2062-14e4a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK global-navigation-pagelibs.min.js Show response
blog.gigamon.com/wp-content/themes/gigamonblogvfour/scripts/ 431 KB
108 KB 162ms
161ms Script
application/javascript 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.gigamon.com/wp-content/themes/gigamonblogvfour/scripts/global-navigation-pagelibs.min.js
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c76e18433f0e08ea398573b3c73c094a787440c91c5dc3a5133c93fb2f7201b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Mar 2022 19:15:46 GMT
Server: nginx
ETag: W/"623a2062-6bb45"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK munchkin.js Show response
blog.gigamon.com/wp-content/themes/gigamonblogvfour/scripts/ 556 B
667 B 160ms
159ms Script
application/javascript 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.gigamon.com/wp-content/themes/gigamonblogvfour/scripts/munchkin.js
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 6eaa27ccc7461522c8457c065c8645ea08b62f67789e5867e20b073e5531a314

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Mar 2022 19:15:46 GMT
Server: nginx
ETag: W/"623a2062-22c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK wpFeatherlight.pkgd.min.js Show response
blog.gigamon.com/wp-content/plugins/wp-featherlight/js/ 14 KB
6 KB 161ms
159ms Script
application/javascript 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.gigamon.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.4
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Mar 2022 17:27:03 GMT
Server: nginx
ETag: W/"623b5867-37db"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
blog.gigamon.com/wp-includes/js/ 1 KB
1 KB 601ms
160ms Script
application/javascript 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.gigamon.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Nov 2021 18:28:03 GMT
Server: nginx
ETag: W/"619be133-592"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3366
date: Mon, 20 Jun 2022 09:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 20 Jun 2022 11:04:49 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 366 B
1 KB 764ms
168ms XHR
application/json 52.31.67.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=39F6555A58A470C30A495EF7%40AdobeOrg&d_nsid=0&ts=1655719254594

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.67.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-67-18.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b17f7e4ceb718f74753d75cf5489f853d201a91559c0958f07fbd8a557972478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v034-0467c4b8c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: xwmeO6ebTQk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://blog.gigamon.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 309
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 19ms
17ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:55 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.gigamon.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Mon, 20 Jun 2022 11:00:55 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 20ms
18ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:55 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://blog.gigamon.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Mon, 20 Jun 2022 11:00:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 29ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: igWDzlg6IqHj/kzRZsZI//TzSSK2YvY8Ml3t1oNA5NZPNcYzZt/8aG4fydlM65pyW1j9L6FRgFTclwIpg5xD/w==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 20 Jun 2022 10:00:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 58ms
13ms Script
application/javascript 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 9715
Pragma: no-cache
Last-Modified: Thu, 05 May 2022 03:45:17 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6273484d-7b02"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Mon, 20 Jun 2022 10:00:55 GMT

GET
H2 200 widget.js Show response
app.hushly.com/runtime/ 1 KB
2 KB 551ms
164ms Script
text/javascript 35.81.118.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hushly.com/runtime/widget.js?aid=5356
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.81.118.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-118-86.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 0e418b814ca71ed5a1519dec2a128e242fda6e41b5b5bf0d0e87c88dcd0c63dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 10:00:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript;charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 56ms
14ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=36270
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 42ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8TBBTSEV1P

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25db7fc5b7bc34f20b5fb5b550cdd53e5499d0d360e3c76f7954f11d9b95e5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70822
x-xss-protection: 0
expires: Mon, 20 Jun 2022 10:00:55 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 88ms
41ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 10:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jaQOgzI9+ZkWZRPB/GIusQ==
age: 5812
vary: Accept-Encoding
content-length: 6921
x-ms-lease-status: unlocked
last-modified: Mon, 20 Jun 2022 02:30:24 GMT
server: cloudflare
etag: 0x8DA5264D4970233
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5bc800a0-c01e-002d-3450-845b26000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71e3a8fdacfd01e7-ZRH

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 72ms
16ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 20 Jun 2022 04:18:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 20558
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P7
X-Amz-Cf-Id: Ss6bULyoxl_zsLwVOxLuavbdq0gg-n_q_m8hV2YAzlfEQhBCH_7EDA==

GET
H2 200 5fc926c9-20d0-43e4-8b00-fe761c3e5ba6.json Show response
cdn.cookielaw.org/consent/5fc926c9-20d0-43e4-8b00-fe761c3e5ba6/ 4 KB
2 KB 72ms
46ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5fc926c9-20d0-43e4-8b00-fe761c3e5ba6/5fc926c9-20d0-43e4-8b00-fe761c3e5ba6.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d1db6323f1a318464d5da05930d4bf5fa4b83c3f56668724db74e852fb245f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 10:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Saw9m4W2WDkKBqLxJNZJYw==
vary: Accept-Encoding
content-length: 1594
x-ms-lease-status: unlocked
last-modified: Sat, 30 Apr 2022 02:00:51 GMT
server: cloudflare
etag: 0x8DA2A4D40A37CFC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 704a3d0a-201e-00a4-1c49-5ce202000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71e3a8fe1d68cc5a-ZRH
expires: Mon, 20 Jun 2022 14:00:54 GMT

GET
H2 200 sp.js Show response
d2ft3xf0i1jq1c.cloudfront.net/ 261 KB
262 KB 38ms
13ms Script
application/javascript 2600:9000:2491:b000:5:5a7c:e400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2ft3xf0i1jq1c.cloudfront.net/sp.js
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:b000:5:5a7c:e400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5aca4287b01a75b27ddd18dc06a8090a94f274f8bd8e4180036671982f5d93b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:46 GMT
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
last-modified: Tue, 18 May 2021 05:17:12 GMT
server: AmazonS3
age: 9
etag: "1b0c2e686a2ed37e5cc8e9ed04666667"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P7
content-length: 267715
x-amz-cf-id: D0UHNOKQK70mYt9nHG7sK8JgKD1Cfj8eUuoGRizrFIb9KqBYnGbyfg==

GET
H2 200 iu3bua46tv44.js Show response
js.driftt.com/include/1655719500000/ 210 KB
59 KB 208ms
147ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1655719500000/iu3bua46tv44.js

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

7ce39788e0d5748b7aae96377e74954f63bad1a7468b3db5505bf0937b85e288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: rOG3SE0qL8NYavRP7w8qRZc8o2Xt3kcx
content-encoding: gzip
etag: W/"aa5cd23a2ead9b56133b281532aaa424"
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 15:46:18 GMT
server: nginx
date: Mon, 20 Jun 2022 10:00:55 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WgifdUupXcEcNCf2pleazsIQKdTfY9sg_TEnrq7Mlq6sAu3F3Vaugg==

OPTIONS
H2 200 domaingroupcheck
cookies-data.onetrust.io/bannersdk/v1/ Frame 0
0 381ms
26ms Preflight
application/json 2606:4700:4400::ac40:9b40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: domainid,location,url
Access-Control-Request-Method: GET
Origin: https://blog.gigamon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-headers: domainId, url, location, Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-ray: 71e3a900a9da2397-ZRH
content-length: 0
content-type: application/json
date: Mon, 20 Jun 2022 10:00:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 domaingroupcheck Show response
cookies-data.onetrust.io/bannersdk/v1/ 17 B
86 B 41ms
40ms XHR
application/json 2606:4700:4400::ac40:9b40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1aabe1212b2f9cb8f6a547454bd4e5f4773485e3e001b327e501ba3e0e77cc7

Request headers

location: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Referer: https://blog.gigamon.com/
url: blog.gigamon.com
accept-language: de-DE,de;q=0.9
domainId: 5fc926c9-20d0-43e4-8b00-fe761c3e5ba6

Response headers

date: Mon, 20 Jun 2022 10:00:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 71e3a900da2c2397-ZRH
access-control-allow-headers: Content-Type
content-length: 17

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 77ms
43ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:54 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 71e3a8feadff23f7-ZRH
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.34.0/ 348 KB
83 KB 26ms
26ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e88dafe889a514ea8b9b07747f53d08b66a473b7caa78645b4aa2167563651e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 10:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ywzctmjVIapkx83Pz3a+AQ==
age: 4392
vary: Accept-Encoding
content-length: 84671
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:35 GMT
server: cloudflare
etag: 0x8DA3822B5C4CCF6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d89fe3b5-901e-0071-140d-6aaadf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71e3a9017af501e7-ZRH

POST
H/1.1 201
Created popular-posts Show response
blog.gigamon.com/wp-json/wordpress-popular-posts/v1/ 55 B
952 B 311ms
310ms XHR
application/json 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.gigamon.com/wp-json/wordpress-popular-posts/v1/popular-posts

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/wp-content/cache/wpfc-minified/992dit7t/i17xl.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / PHP/7.4.26

Resource Hash

3325158bfffc5ad9f3236ba45c981e92cae9d83b6e135819aeb9130be73f1ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.4.26
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Allow: GET, POST
Server: nginx
X-WP-Nonce: 3dca9796bc
Vary: Origin
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://blog.gigamon.com
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Link: <https://blog.gigamon.com/wp-json/>; rel="https://api.w.org/"
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 hotjar-2625414.js Show response
static.hotjar.com/c/ 4 KB
2 KB 40ms
6ms Script
application/javascript 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2625414.js?sv=5

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-83.fra56.r.cloudfront.net

Software

Resource Hash

884974b9e7eb0dae98b937218dc1cf34824de48106b0e1c2051c28d012e66743

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 30
etag: W/88536aeb0115d08dcd317a662b7d509b
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: d62oz5Vz1X1cybYPgVkJGrxL17QiM1Mv2atQP6KtmIuJcUWE-TKq9w==
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)

GET
H2 200 gig-sprite-sheet.svg
www.gigamon.com/content/dam/website-assets/icons/ 27 KB
7 KB 719ms
462ms Image
image/svg+xml 54.148.139.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gigamon.com/content/dam/website-assets/icons/gig-sprite-sheet.svg

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/wp-content/cache/wpfc-minified/9k56tri4/i17xl.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.139.70 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-139-70.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

9591e432631631d59610fb5be9e0dfbc88dc5016da6c15d05661d60e32e36da6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://content.gigamon.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-dispatcher: dispatcher1uswest2
content-security-policy: frame-ancestors 'self' https://content.gigamon.com
content-encoding: gzip
x-content-type-options: nosniff
age: 10573519
x-vhost: gigamon
date: Mon, 20 Jun 2022 10:00:55 GMT
content-disposition: attachment; filename="gig-sprite-sheet.svg"
content-length: 6806
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Mar 2021 16:05:49 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "6aec-5be72b4989140-gzip"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
accept-ranges: bytes

GET
H/1.1 200
OK feature-library-abstracts-GettyImages-664390100.jpg
blog.gigamon.com/wp-content/uploads/2020/06/ 660 KB
660 KB 377ms
318ms Image
image/jpeg 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.gigamon.com/wp-content/uploads/2020/06/feature-library-abstracts-GettyImages-664390100.jpg
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 3fb630c114a56f644c46a0590f839981140e41283316fc54391dcf999fac3ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Last-Modified: Mon, 24 Aug 2020 03:08:58 GMT
Server: nginx
ETag: "5f432f4a-a4e3a"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 675386
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
31 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aital%2Cwght%400%2C300%3B0%2C400%3B0%2C500%3B0%2C700%3B1%2C400&display=swap&ver=5.8.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.gigamon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:07:05 GMT
x-content-type-options: nosniff
age: 492830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 17:07:05 GMT

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v24/ 13 KB
13 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aital%2Cwght%400%2C300%3B0%2C400%3B0%2C500%3B0%2C700%3B1%2C400&display=swap&ver=5.8.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e08d3b01f0f250bb8618a14e1bacc5a5ff12ead175f372a8286f1990c1b9921e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.gigamon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:16:01 GMT
x-content-type-options: nosniff
age: 492294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12964
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 17:16:01 GMT

GET
H/1.1 200
OK Montserrat-SemiBold.woff2
blog.gigamon.com/wp-content/themes/gigamonblogvfour/fonts/montserrat/ 76 KB
76 KB 286ms
159ms Font
font/woff2 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.gigamon.com/wp-content/themes/gigamonblogvfour/fonts/montserrat/Montserrat-SemiBold.woff2
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/wp-content/cache/wpfc-minified/9k56tri4/i17xl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: eeb13fabaa09bbfe590dc746c4fd65d426739d872eca723db51879a1ba86ac40

Request headers

Referer: https://blog.gigamon.com/wp-content/cache/wpfc-minified/9k56tri4/i17xl.css
Origin: https://blog.gigamon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Last-Modified: Tue, 22 Mar 2022 19:15:46 GMT
Server: nginx
ETag: "623a2062-130b4"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78004

GET
H/1.1 200
OK joe-slowik-150x150.png
blog.gigamon.com/wp-content/uploads/2021/05/ 33 KB
33 KB 495ms
311ms Image
image/png 20.94.232.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.gigamon.com/wp-content/uploads/2021/05/joe-slowik-150x150.png
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.94.232.253 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 5d1614a80108efba5244fa069b1df188c819b37b62809654ba379f68559f2dfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Last-Modified: Wed, 29 Sep 2021 18:32:42 GMT
Server: nginx
ETag: "6154b14a-8339"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33593
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dest5.html Show response
gigamon.demdex.net/ Frame 6C5B 7 KB
3 KB 589ms
150ms Document
text/html 34.252.147.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gigamon.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.147.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-147-157.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.gigamon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v034-0a50a7dd7.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: VNXi5lsQTnE=
content-encoding: gzip
date: Mon, 20 Jun 2022 10:00:55 GMT
last-modified: Wed, 8 Jun 2022 13:40:06 GMT
vary: accept-encoding

GET
H2 200 id Show response
gigamon.sc.omtrdc.net/ 2 B
317 B 392ms
129ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gigamon.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=39F6555A58A470C30A495EF7%40AdobeOrg&mid=86714306726289836710471809548733381686&ts=1655719255379

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Jun 2022 10:00:55 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-658967d5d4-r8mcz
vary: Origin
x-c: main-1649.I02425a.M0-575
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://blog.gigamon.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YrBFVwAAAFesJANe
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=87136677559445283780447548100031058619
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YrBFVwAAAFesJANe

42 B
945 B

172ms
172ms

Image
image/gif

52.31.67.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YrBFVwAAAFesJANe

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

HTTP/1.1

Server

52.31.67.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-67-18.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v034-020703e21.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: UZia3OFnRmg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YrBFVwAAAFesJANe
Date: Mon, 20 Jun 2022 10:00:55 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
gigamon.tt.omtrdc.net/rest/v1/ 350 B
719 B 114ms
36ms XHR
application/json 52.212.242.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gigamon.tt.omtrdc.net/rest/v1/delivery?client=gigamon&sessionId=ec77b821d57740579eed5ed804722232&version=2.3.0
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.242.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-242-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7a33c3961295b7b40a3fba1b2a9ddd5431ad0578292cb6363078c48eee84d260

Request headers

Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Jun 2022 10:00:55 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blog.gigamon.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 7887806a74df34f94654555aa56b05b7

GET
H2 200 sm.23.html Show response
static.addtoany.com/menu/ Frame A497 741 B
534 B 78ms
78ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.gigamon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1583483
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 71e3a9025827020d-ZRH
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 10:00:55 GMT
etag: W/"2e5-5cc9e128a4c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/5fc926c9-20d0-43e4-8b00-fe761c3e5ba6/4d5169dc-5b7b-4e2a-909e-dec0d5f5c7cf/ 86 KB
17 KB 45ms
45ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5fc926c9-20d0-43e4-8b00-fe761c3e5ba6/4d5169dc-5b7b-4e2a-909e-dec0d5f5c7cf/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ba1c362ee0416d18e8737b399eb671ffad3326c66f2bed46277659238f3c8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 10:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: eX2U3PvNY71A9pbL6n4H6w==
vary: Accept-Encoding
content-length: 17586
x-ms-lease-status: unlocked
last-modified: Sat, 30 Apr 2022 02:00:58 GMT
server: cloudflare
etag: 0x8DA2A4D45127023
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a6bf32cb-f01e-0061-2343-5c9c39000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71e3a90269cacc5a-ZRH
expires: Mon, 20 Jun 2022 14:00:55 GMT

GET
H2 200 icons.30.svg.js Show response
static.addtoany.com/menu/svg/ 77 KB
33 KB 24ms
24ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.30.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:55 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19190826
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 01:49:04 GMT
server: cloudflare
etag: W/"132a9-5d0656e4a26b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 71e3a9026843020d-ZRH
cf-bgj: minify

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 63 KB
20 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.62

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e547fe50a764e43c4a31eee65d715869f35c7ad8d781584453561b87c4fcf7f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20460
x-xss-protection: 0
pragma: public
x-fb-debug: w4PgctkT6X0EH6aVNFprL3JOD/SiruhtKYdA76vuv4AJ2OS8aG01gJkMDv4CCv4wem/DC/HeckkSISSbiGjRpw==
x-frame-options: DENY
date: Mon, 20 Jun 2022 10:00:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 679529899803173 Show response
connect.facebook.net/signals/config/ 287 KB
83 KB 74ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/679529899803173?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9540158da66c236639d9e8e783cf4caa8b172094f1f3410ecfe8ea6a1146d996

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 8YEZCeebr7v0ti6JUpPFVr3Tja9yMje2DfAuocdNHxIviC6DC6bVdr6cdrdoYJZ+u7NOe/Zw9rZXaGFEV2n9dg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 20 Jun 2022 10:00:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655719255511
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 otFloatingRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 10 KB
3 KB 47ms
47ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otFloatingRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2a793c91a6b4893ca1934faa1738d3fea531ba0f7bfbb4180c0abc7ccb6930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 10:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: GnBP1Tj0YWr4Qdbm7JUdUA==
vary: Accept-Encoding
content-length: 2586
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:25 GMT
server: cloudflare
etag: 0x8DA3822AFC3B334
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 44ddc324-e01e-00b2-4c22-6a239c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71e3a902ca27cc5a-ZRH

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/ 53 KB
12 KB 49ms
49ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed075e6f14b250be3c4344953433b448b5bf72d3937bcf7cafc06bcab0d130ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 10:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NS4/Ql3sVfXAVIyb20II4w==
vary: Accept-Encoding
content-length: 12384
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:27 GMT
server: cloudflare
etag: 0x8DA3822B13BA01A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 74a33a64-801e-0161-4d22-6ada6c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71e3a902ca29cc5a-ZRH

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 21 KB
4 KB 48ms
48ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 10:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 217b6ea2-401e-0133-7d22-6ac79e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71e3a902ca2acc5a-ZRH

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3831156&time=1655719255486&url=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Fd_utk%3D00...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3831156%26time%3D1655719255486%26url%3Dhttps%253A%252F%252Fblog.gigamon.com%252F2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3831156&time=1655719255486&url=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Fd_utk%3D00...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3831156&time=1655719255486&url=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Fd_utk%3D0...

0
263 B

181ms
157ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3831156&time=1655719255486&url=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Fd_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12%26utm_source%3Dbdr-email&liSync=true&e_ipv6=AQJcT32ZerzU3AAAAYGAjuABeQt25aEZ2F7OwsISxM6g__RFoa2L5Fq8Q0Q4SVs0QKS4cHfgjnVIj9LtcaW4giakHGmHGQ
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:55 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 195DCC545E5348459636265932594E51 Ref B: FRAEDGE1213 Ref C: 2022-06-20T10:00:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXh3i4djVJivLeEmcwzTw==
x-li-fabric: prod-ltx1

Redirect headers

date: Mon, 20 Jun 2022 10:00:55 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A7FA0A246E89461A857BA29307C2D88B Ref B: FRAEDGE1121 Ref C: 2022-06-20T10:00:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3831156&time=1655719255486&url=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Fd_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12%26utm_source%3Dbdr-email&liSync=true&e_ipv6=AQJcT32ZerzU3AAAAYGAjuABeQt25aEZ2F7OwsISxM6g__RFoa2L5Fq8Q0Q4SVs0QKS4cHfgjnVIj9LtcaW4giakHGmHGQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXh3i4a0nkK68bU/tpuRw==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 131ms
25ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/wp-content/themes/gigamonblogvfour/scripts/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 modules.b871a939666125f20d79.js Show response
script.hotjar.com/ 243 KB
63 KB 33ms
7ms Script
application/javascript 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b871a939666125f20d79.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2625414.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-102.fra60.r.cloudfront.net

Software

Resource Hash

e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 08:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 954530
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64109
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 08:51:29 GMT
etag: "a7a5f230aae7accf37f785c6590c07fa"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: nLiPJeuc8liUSbJ4VxaSQBAHUJg1liMz5NtL8DybMc9eZzjRk3H9ig==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 34ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8TBBTSEV1P&gtm=2oe6f0&_p=1681148256&_z=ccd.v9B&cid=56360436.1655719255&ul=en-us&sr=1600x1200&_s=1&sid=1655719255&sct=1&seg=0&dl=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&dt=Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8TBBTSEV1P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 10:00:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.gigamon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tp2 Show response
id.layerfive.com/com.snowplowanalytics.snowplow/ 2 B
340 B 324ms
108ms XHR
text/plain 3.18.162.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.layerfive.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d2ft3xf0i1jq1c.cloudfront.net
URL: https://d2ft3xf0i1jq1c.cloudfront.net/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.18.162.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-18-162-240.us-east-2.compute.amazonaws.com
Software: akka-http/10.1.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://blog.gigamon.com
date: Mon, 20 Jun 2022 10:00:56 GMT
access-control-allow-credentials: true
server: akka-http/10.1.10
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 tp2
id.layerfive.com/com.snowplowanalytics.snowplow/ Frame 0
0 332ms
108ms Preflight 3.18.162.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.layerfive.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.18.162.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-18-162-240.us-east-2.compute.amazonaws.com
Software: akka-http/10.1.10 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://blog.gigamon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://blog.gigamon.com
access-control-max-age: 5
content-length: 0
date: Mon, 20 Jun 2022 10:00:56 GMT
server: akka-http/10.1.10

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 14ms
14ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Wed, 28 Sep 2022 10:00:56 GMT

GET
H2 200 15az4bIb.min.js Show response
tag.demandbase.com/ 66 KB
18 KB 77ms
7ms Script
application/javascript 108.138.17.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/15az4bIb.min.js

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-46.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

05c3e6ab5a2570eee92443a74d3959606f0cfff3f003e8676fc39bde55f709de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: eg69lyLKthz4GXfEvFSt0raJW.ptRTui
content-encoding: gzip
etag: W/"5ef8704bbf4fa599b79676971b7f838e"
age: 1846
x-cache: Hit from cloudfront
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 16:40:49 GMT
server: AmazonS3
date: Mon, 20 Jun 2022 09:47:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: Vg4Ju--xYq-M5dKG7NcJCldDz58ryjsCMf6HYqmgkjAvLnrsYrbSGg==

GET
H2 403 lt-v2.min.js
tracking.leadlander.com/ 0
0 357ms
99ms Script
text/html 54.211.142.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.leadlander.com/lt-v2.min.js
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.142.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-142-161.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 37ms
6ms Script
application/javascript 23.111.9.64
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://scout-cdn.salesloft.com/sl.js
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.64 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 9SVBW5D96YRE9MKH
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
x-cache: HIT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
content-type: application/javascript
x-amz-id-2: TJb5kk747mxuKnEXbz29tQJ1sQvSyNxbKJRGG3lU673YkggVe65g8ewEE/Oj2Z9B3Nwl0O+gsQY=

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3366
date: Mon, 20 Jun 2022 09:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 20 Jun 2022 11:04:49 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 20ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1681148256&t=pageview&_s=1&dl=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&ul=en-us&de=UTF-8&dt=Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHACEABBAAAAC~&jid=526286638&gjid=1249444055&cid=56360436.1655719255&tid=UA-4605772-1&_gid=1475881461.1655719255&_r=1&_slc=1&z=924256176

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 10:00:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.gigamon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.js Show response
ga.clearbit.com/v1/ 6 KB
2 KB 429ms
411ms Script
application/javascript 18.169.199.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.clearbit.com/v1/ga.js?authorization=pk_b132cd96807d0b8a9a93de49949f5dc1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.199.35 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-199-35.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

701d838c52ce1bebf032d7e5f48f0bffb81f1991b6b8446a7cd46b12c761b76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
x-api-version: 2018-03-28
vary: Accept-Encoding
x-account-id: 97bf1490-906f-4f60-970e-379b131b8ec2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 74ms
47ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C474EAA843D43D1BAE5EBB9B806EDFA Ref B: FRAEDGE1211 Ref C: 2022-06-20T10:00:56Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 20 Jun 2022 10:00:55 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 30ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=679529899803173&ev=PageView&dl=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&rl=&if=false&ts=1655719255888&sw=1600&sh=1200&v=2.9.62&r=stable&a=adobe_launch&ec=0&o=30&fbp=fb.1.1655719255887.500267009&it=1655719255438&coo=false&exp=p1&rqm=GET

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 20 Jun 2022 10:00:56 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 38ms
38ms Image
image/svg+xml 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 10:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: LpuayL42jB78xRllx0vkOw==
age: 8350
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Mon, 20 Jun 2022 02:30:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 7f950f06-001e-00d5-4e52-84903b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71e3a905aa6f01e7-ZRH

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4605772-1&cid=56360436.1655719255&jid=526286638&gjid=1249444055&_gid=1475881461.1655719255&_u=aGHACEAABAAAAC~&z=1857149558

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 20 Jun 2022 10:00:55 GMT
content-type: text/plain
access-control-allow-origin: https://blog.gigamon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame C1F7 2 KB
1 KB 33ms
6ms Document
text/html 18.66.139.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2625414.js?sv=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-117.fra60.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://blog.gigamon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1736809
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-id: 9qeoK7IakaJVckbhM-Un2h4RqFlHkWG_zIYR87Vtn36hcVNUPZ5GeA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 widget-862458c95f6d6678570d584214f4c95b.js Show response
app.hushly.com/assets/ 408 KB
121 KB 322ms
322ms Script
application/javascript 35.81.118.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hushly.com/assets/widget-862458c95f6d6678570d584214f4c95b.js
Requested by: Host: app.hushly.com
URL: https://app.hushly.com/runtime/widget.js?aid=5356
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.81.118.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-118-86.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ae960ac9e3e93430d614027a7388c692d5374d914c60f1db80efc6a6fc36a665

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
content-encoding: gzip
last-modified: Fri, 10 Jun 2022 06:06:50 GMT
etag: "widget-862458c95f6d6678570d584214f4c95b.js"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
content-length: 123308

GET
H2 200 s71629831741381
gigamon.sc.omtrdc.net/b/ss/gigaem.esntls/1/JS-2.22.0-LCS4/ 43 B
246 B 135ms
134ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gigamon.sc.omtrdc.net/b/ss/gigaem.esntls/1/JS-2.22.0-LCS4/s71629831741381?AQB=1&ndh=1&pf=1&t=20%2F5%2F2022%2010%3A0%3A56%201%200&sdid=293B8B3E72B9C2F1-7DAAB9C22726FE3E&mid=86714306726289836710471809548733381686&aamlh=6&ce=UTF-8&pageName=Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog&g=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&cc=USD&ch=Gigamon%20Blog&v0=bdr-email%7C%7C%7C%7C&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=D%3DpageName&v2=D%3Dg&c4=post&v14=OVPN.com&v15=ovpn.com&v16=Internet%20Software%20%26%20Services&v17=1-10&v19=company&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=39F6555A58A470C30A495EF7%40AdobeOrg&AQE=1

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
x-content-type-options: nosniff
x-c: main-1649.I02425a.M0-575
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 21 Jun 2022 10:00:56 GMT
server: jag
xserver: anedge-658967d5d4-vd7jd
etag: 3555630030065991680-4619833553196908568
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 19 Jun 2022 10:00:56 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 59ms
31ms Image
image/gif 2a00:1450:400e:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4605772-1&cid=56360436.1655719255&jid=526286638&_u=aGHACEAABAAAAC~&z=1940111790

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 10:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 66ms
45ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4605772-1&cid=56360436.1655719255&jid=526286638&_u=aGHACEAABAAAAC~&z=1940111790

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 10:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2625414/ 148 B
322 B 101ms
35ms XHR
application/json 54.74.116.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2625414/visit-data?sv=5
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b871a939666125f20d79.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.116.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-116-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3dca05421db1a4f3c0518f74af0e01b2e8092fc76f735e1fc65b85686f12008d

Request headers

Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 2625414 Show response
vc.hotjar.io/sessions/ 0
257 B 71ms
35ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2625414?s=0.25&r=0.22126740731210548
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b871a939666125f20d79.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 8tHuLFIR9I-9qiI-ORyyaKxvqYMk00T7EOg3FL7F__soUyftxoQE0g==

POST
H/1.1 200
OK visitWebPage
892-wer-078.mktoresp.com/webevents/ 2 B
311 B 572ms
95ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://892-wer-078.mktoresp.com/webevents/visitWebPage?_mchNc=1655719256078&_mchCn=&_mchId=892-WER-078&_mchTk=_mch-gigamon.com-1655719256077-61630&_mchHo=blog.gigamon.com&_mchPo=&_mchRu=%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F&_mchPc=https%3A&_mchVr=161&_mchEcid=39F6555A58A470C30A495EF7%40AdobeOrg%3A6%3A86714306726289836710471809548733381686&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbdr-email__-__d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:56 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: cc557c5f-b88d-44dc-a0ce-99ec877cf809

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
403 B 319ms
98ms XHR
application/json 54.210.20.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDEzNTB9.WMfPsOO7_onkPSjHoloulOWneH55r0TIi2W9PLjZC8c

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.210.20.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-20-153.compute-1.amazonaws.com

Software

Resource Hash

aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.gigamon.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 130f07ef52b032dff9527851f354aa0c

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAdx_E7FYIsAABUBgMeHsg
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAdx_E7FYIsAABUBgMeHsg&verifyHash=585b00f0394e90aa2e9ebb84febfed78679f4dfe

26 B
409 B

189ms
188ms

Image
image/gif

52.222.214.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAdx_E7FYIsAABUBgMeHsg&verifyHash=585b00f0394e90aa2e9ebb84febfed78679f4dfe
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: HTTP/1.1
Server: 52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-93.fra56.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:56 GMT
Via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 4c53873837af7aa3
X-Amz-Cf-Id: 9kmWhW3Ano135RE4ccouXpdAysBqL0zvL1igrZweEsNXaUYIf8Gaww==

Redirect headers

Date: Mon, 20 Jun 2022 10:00:56 GMT
Via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAdx_E7FYIsAABUBgMeHsg&verifyHash=585b00f0394e90aa2e9ebb84febfed78679f4dfe
Connection: keep-alive
trace-id: df75b44c8d98531d
Content-Length: 0
X-Amz-Cf-Id: 1z0NA_t-MUIbhFk9tX8WTqNqxZF2btRQJJTkINs1eUvTKs8FqTavrQ==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 39ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 3 KB
1 KB 76ms
49ms XHR
application/json 18.66.97.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&page_title=Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog&src=tag&auth=v1lsrOQEcQSxKjvkLSbHxo7Ne6PPaFKqfuRfHxBL
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/15az4bIb.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-57.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0330acb1c867714838b204d8df4cadf4d1faa30285fc047d8fb258c5e71cc250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: 4a818ec5-edbe-4a09-8667-33a285c8346a
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://blog.gigamon.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PRNzlRBuemAD98yNmgqPAG8XRtrbDa0MCEIg05y4-8F5QcoWVimglA==
expires: Sun, 19 Jun 2022 10:00:56 GMT

GET
H2 200 17486718.js Show response
bat.bing.com/p/action/ 219 B
474 B 144ms
144ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17486718.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0a3a8087a0937a2b6798e19d510d9769893a825753ac78bedb65e47d679b31a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0B5C144D926D4E1D912E697D9C05A145 Ref B: FRAEDGE1211 Ref C: 2022-06-20T10:00:56Z
date: Mon, 20 Jun 2022 10:00:55 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 300

GET
H2 204 0
bat.bing.com/action/ 0
175 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17486718&tm=al001&Ver=2&mid=54aa8159-1ab2-47a9-acfe-dae0ac5f7a7a&sid=e09f42c0f07f11ecaa73d1d471ee1243&vid=e09f5020f07f11ecbfb20f5496460b42&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog&p=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&r=&lt=3219&pt=1655719252716,,,,,762,762,773,773,1255,931,1256,1693,1695,1697,3151,3151,3219,,,&pn=0,0&evt=pageLoad&msclkid=N&sv=1&rn=754580

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B733DFA2ED9443E289CFA74B62AA0D3F Ref B: FRAEDGE1211 Ref C: 2022-06-20T10:00:56Z
date: Mon, 20 Jun 2022 10:00:55 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17486718 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 176ms
119ms Script
application/x-javascript 2620:1ec:27::cafe:1746
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/17486718
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/17486718.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1746 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: c79476a033a0b0cab3dffb04460ab3d1ad291ca1f8811265e2489fbab3b1b50b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:55 GMT
x-powered-by: ASP.NET
x-azure-ref: 0WEWwYgAAAABS2Gfyv1QYRrAtrcTg8V+1Q1BIMzBFREdFMDQwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
content-length: 1542
expires: -1

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4E54 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://blog.gigamon.com
Referer: https://blog.gigamon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://blog.gigamon.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 10:00:56 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
511 B 98ms
98ms XHR
application/json 54.210.20.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.210.20.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-20-153.compute-1.amazonaws.com

Software

Resource Hash

549447d49d2c07668dd36c059802573c7cd2d867d401246bba09eeb125b7378f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.gigamon.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 6d5cfeba7b71ae08b374c7d9075fb56a

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-b/s/0.6.34/ 53 KB
23 KB 111ms
110ms Script
application/javascript 2620:1ec:27::cafe:1746
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-b/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/17486718
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1746 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:55 GMT
content-encoding: br
etag: "1d880d11ff3a854"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0WEWwYgAAAABt9qqoHimOSJ2LocyyA9GkQ1BIMzBFREdFMDQwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1681148256&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&ul=en-us&de=UTF-8&dt=Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=Enriched&el=Clearbit%20Enriched&_u=aHHACEADBAAAAC~&jid=177517292&gjid=983768927&cid=56360436.1655719255&tid=UA-4605772-1&_gid=1475881461.1655719255&_r=1&cd1=company&cd4=OVPN.com&cd2=ovpn.com&cd5=Internet%20Software%20%26%20Services&cd3=1-10&z=256276994

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 10:00:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.gigamon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1681148256&t=event&ni=1&_s=2&dl=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&ul=en-us&de=UTF-8&dt=Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=Enriched&el=Clearbit%20Enriched&_u=aHHACEADBAAAAC~&jid=&gjid=&cid=56360436.1655719255&tid=UA-4605772-1&_gid=1475881461.1655719255&cd1=company&cd4=OVPN.com&cd2=ovpn.com&cd5=Internet%20Software%20%26%20Services&cd3=1-10&z=23524112

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 23:28:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37926
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1681148256&t=pageview&_s=2&dl=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&ul=en-us&de=UTF-8&dt=Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHHACEADBAAAAC~&jid=&gjid=&cid=56360436.1655719255&tid=UA-4605772-1&_gid=1475881461.1655719255&cd1=company&cd4=OVPN.com&cd2=ovpn.com&cd5=Internet%20Software%20%26%20Services&cd3=1-10&z=369042091

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 23:28:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37926
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4605772-1&cid=56360436.1655719255&jid=177517292&gjid=983768927&_gid=1475881461.1655719255&_u=aHHACEADBAAAAC~&z=1923334532

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 20 Jun 2022 10:00:56 GMT
content-type: text/plain
access-control-allow-origin: https://blog.gigamon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 60ms
32ms Image
image/gif 2a00:1450:400e:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4605772-1&cid=56360436.1655719255&jid=177517292&_u=aHHACEADBAAAAC~&z=1886725232

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 10:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 46ms
30ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4605772-1&cid=56360436.1655719255&jid=177517292&_u=aHHACEADBAAAAC~&z=1886725232

Requested by

Host: blog.gigamon.com
URL: https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/?utm_source=bdr-email&d_utk=002a7ff3-e56d-4d58-a6be-89a4db005b12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 10:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
702 B 31ms
10ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 10:00:56 GMT
X-Proxy-Origin: 217.64.151.68; 217.64.151.68; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 77400347-997a-4823-8dde-e2d8934c0c68
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blog.gigamon.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
372 B 49ms
13ms XHR
text/plain 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-137-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 66050fc997aede5fc99786dcf7cd5707faa0ba90eb9fed31b64cc2ee3c52d610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:56 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://blog.gigamon.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H2 200 / Show response
ipv6.6sc.co/ 36 B
282 B 59ms
14ms XHR
text/html 2a02:26f0:6c00:296::1c91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 180dc092ac5450f477719b623c2e46ec229fe6741bc241403828d506329587f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 10:00:56 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://blog.gigamon.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:ac8:20:3d00:1012:c1f7:bc11:6d6e
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 36
expires: Mon, 20 Jun 2022 10:00:56 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame AF2F 2 KB
1 KB 1085ms
1085ms Document
text/html 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1655719500000/iu3bua46tv44.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

527cdadeaef488639617c13b883e497b676608ddd012cb71383d712f53c9ce91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.gigamon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 10:00:57 GMT
etag: W/"548021a05f36bc222b127047648c1541"
last-modified: Fri, 17 Jun 2022 15:46:08 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-id: 1vK-ljXejHfzmrv25cqnS0STS6rrzhgApl8Bu6H9dgXMt2Mq2yCtUw==
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: 69dKGDB.1fm8.HyI7x2nlMQXZKWs4XjK
x-cache: Hit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 1E1C 2 KB
1 KB 113ms
113ms Document
text/html 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1655719500000/iu3bua46tv44.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

527cdadeaef488639617c13b883e497b676608ddd012cb71383d712f53c9ce91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.gigamon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 10:00:56 GMT
etag: W/"548021a05f36bc222b127047648c1541"
last-modified: Fri, 17 Jun 2022 15:46:08 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-id: IVilV84UW7ZsL06W5t6UX-PkHEOQF26pdMBTPspzBxzGjTRcoz74pw==
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: 69dKGDB.1fm8.HyI7x2nlMQXZKWs4XjK
x-cache: RefreshHit from cloudfront

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 61D2 0
182 B 102ms
32ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=saipq4q&ref=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&upid=y0gkr84&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.gigamon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 20 Jun 2022 10:00:56 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=DA66838F0E914E0EADB395CE73FEDD13&RedC=c.clarity.ms&MXFR=0B3DD49F0AE26EC720CCC5560EE26023
https://c.clarity.ms/c.gif?CtsSyncId=DA66838F0E914E0EADB395CE73FEDD13&MUID=34A5E669DD1C61D01340F7A0DCCE60DC

42 B
368 B

26ms
26ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=DA66838F0E914E0EADB395CE73FEDD13&MUID=34A5E669DD1C61D01340F7A0DCCE60DC
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 10:00:56 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 10:00:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5DE002DB7B7A4C758E343C1C813158AA Ref B: FRAEDGE1211 Ref C: 2022-06-20T10:00:56Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=DA66838F0E914E0EADB395CE73FEDD13&MUID=34A5E669DD1C61D01340F7A0DCCE60DC
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 256ms
219ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4f8940777f901846f0ca8e9c86cb925a&svisitor=null&session=4ad6505b-9821-492b-8bc1-1ad292d0bfa0&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2020%20Jun%202022%2010%3A00%3A55%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20deliver%20visibility%20and%20analytics%20on%20all%20data-in-motion%20across%20the%20hybrid%20cloud%20network%20to%20solve%20for%20critical%20security%2C%20performance%20and%20budget%20requirements%20%E2%80%93%20freeing%20you%20to%20accelerate%20digital%20innovation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&pageViewId=f816206d-43d9-4253-8262-bc2b8355a25f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 423 B
406 B 23ms
10ms XHR
application/json 3.121.14.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.14.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-14-2.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e99a52151c294c42df9ab0df1048d2403af8d1cf94817c26c706c8d75d002743

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
Authorization: Token ddf12392dbe4d5adfc648c6b186ba049c40f03c4
EpsilonCookie: cfd5ce17809100005745b062df0100006e8bae01

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://blog.gigamon.com
access-control-allow-credentials: true
content-length: 221

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 43ms
9ms Preflight 3.121.14.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.14.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-14-2.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,epsiloncookie
Access-Control-Request-Method: GET
Origin: https://blog.gigamon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,epsiloncookie
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://blog.gigamon.com
access-control-max-age: 1800
date: Mon, 20 Jun 2022 10:00:56 GMT
server: nginx

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 253ms
226ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4f8940777f901846f0ca8e9c86cb925a&svisitor=cfd5ce17809100005745b062df0100006e8bae01&session=4ad6505b-9821-492b-8bc1-1ad292d0bfa0&event=ipv6&q=%7B%22address%22%3A%222001%3Aac8%3A20%3A3d00%3A1012%3Ac1f7%3Abc11%3A6d6e%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20deliver%20visibility%20and%20analytics%20on%20all%20data-in-motion%20across%20the%20hybrid%20cloud%20network%20to%20solve%20for%20critical%20security%2C%20performance%20and%20budget%20requirements%20%E2%80%93%20freeing%20you%20to%20accelerate%20digital%20innovation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&pageViewId=f816206d-43d9-4253-8262-bc2b8355a25f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
176 B 318ms
95ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://blog.gigamon.com
date: Mon, 20 Jun 2022 10:00:56 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 widget-86616d5946edd9a2cd99f210fd4931af.css
app.hushly.com/assets/ 68 KB
12 KB 159ms
159ms Stylesheet
text/css 35.81.118.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hushly.com/assets/widget-86616d5946edd9a2cd99f210fd4931af.css
Requested by: Host: app.hushly.com
URL: https://app.hushly.com/assets/widget-862458c95f6d6678570d584214f4c95b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.81.118.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-118-86.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ecb4cf1400337bb3e1f8d6e9c312534a7e4a786832b909799c1d26373371861e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
content-encoding: gzip
last-modified: Fri, 10 Jun 2022 06:06:50 GMT
etag: "widget-86616d5946edd9a2cd99f210fd4931af.css"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
content-length: 11705

POST
H2 200 5356 Show response
app.hushly.com/runtime/widgets/ 4 KB
2 KB 532ms
218ms XHR
text/javascript 35.81.118.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hushly.com/runtime/widgets/5356
Requested by: Host: app.hushly.com
URL: https://app.hushly.com/assets/widget-862458c95f6d6678570d584214f4c95b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.81.118.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-118-86.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 083b0832515f53148d9ef152e470ed36d71ce10c43f4e1be3070b354eb0e08cc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://blog.gigamon.com
date: Mon, 20 Jun 2022 10:00:57 GMT
content-encoding: gzip
access-control-allow-credentials: true
x-robots-tag: noindex
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 5356 Show response
app.hushly.com/runtime/visitor/ 40 B
695 B 186ms
186ms Script
text/javascript 35.81.118.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hushly.com/runtime/visitor/5356?callback=hushlyVisitorCallback&sid=14ee7e1c-7b6f-410a-a8d6-54d34935a2cf&vid=0ab5d081-7be0-4d6e-a592-256a0562d13f&version=2&hly-ip-address=&_=1655719256652
Requested by: Host: app.hushly.com
URL: https://app.hushly.com/assets/widget-862458c95f6d6678570d584214f4c95b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.81.118.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-118-86.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d785c60ec544292beae331726c9dcaf35475e1002ae85820b9e33737e7a01d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
content-encoding: gzip
cache-control: max-age=31536000, public
x-robots-tag: noindex
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 s75707829802248
gigamon.sc.omtrdc.net/b/ss/gigaem.esntls/1/JS-2.22.0-LCS4/ 43 B
140 B 150ms
150ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gigamon.sc.omtrdc.net/b/ss/gigaem.esntls/1/JS-2.22.0-LCS4/s75707829802248?AQB=1&ndh=1&pf=1&t=20%2F5%2F2022%2010%3A0%3A56%201%200&mid=86714306726289836710471809548733381686&aamlh=6&ce=UTF-8&pageName=Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog&g=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&cc=USD&ch=Gigamon%20Blog&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=D%3DpageName&v2=D%3Dg&c3=Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog&v3=D%3Dc3&c4=post&v14=OVPN.com&v15=ovpn.com&v16=Internet%20Software%20%26%20Services&v17=1-10&v19=company&v30=Low&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=39F6555A58A470C30A495EF7%40AdobeOrg&lrt=137&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
x-content-type-options: nosniff
x-c: main-1649.I02425a.M0-575
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 21 Jun 2022 10:00:56 GMT
server: jag
xserver: anedge-658967d5d4-wdtps
etag: 3555630028636618752-4619859225916633631
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 19 Jun 2022 10:00:56 GMT

POST
H2 200 delivery Show response
gigamon.tt.omtrdc.net/rest/v1/ 365 B
724 B 32ms
32ms XHR
application/json 52.212.242.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gigamon.tt.omtrdc.net/rest/v1/delivery?client=gigamon&sessionId=ec77b821d57740579eed5ed804722232&version=2.3.0
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.242.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-242-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 065f804ec42d116cce1997d3c08e536f682ac1685d6de6ab43b8cbd6cf94dcd8

Request headers

Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Jun 2022 10:00:56 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blog.gigamon.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 279bf175aa2f7df7d67d8cb3ce99bdcb

POST
H2 204 collect Show response
f.clarity.ms/ 0
25 B 325ms
198ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://blog.gigamon.com
date: Mon, 20 Jun 2022 10:00:56 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 runtime~main.b3a0ca5d.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 6 KB
3 KB 8ms
7ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

b339bdb07ea2df0f40629052bdeda41410aaf541dff56f46239cdea5d59b47e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:29 GMT
server: nginx
etag: W/"69f8b5fdba551ac6e2dbfc311c6548f4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6daTpdR8xHxzp4XWU.Ic3TEw1ssUepbq
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H-_jh8i3gZTZOg9PQ-70tmt6F4Vrnhy9ugYAJWQWjavZ79Ke3G85AA==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 35 KB
13 KB 8ms
8ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FjPE-qHRgBWbkitjRkq1TRaOgouoM1uMRBgaUy0084c2kpxPi9Tu_Q==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 7 KB
3 KB 9ms
8ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:15 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9qbak4s_fS3U3ItMkJp51dxjDAaDzA89
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jhpaPoCoeZg3iAEYxdX4Hr1BxXagmk3ULkiRrGr-gBKicu_fzoIbsQ==

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 47 KB
14 KB 7ms
6ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ghx9KuLEsU65toAWp7tNXfQomgxjyrbm
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tGhWWq-CM85qDu57JMSkMGN2voOkBHVMBq--5ui6NdjInH7ktsK4gQ==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 44 KB
13 KB 7ms
7ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9rIJ_he3NnZfaZwCr7GvLzRmtehknn.
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J46tXeUnqRNAJhTKfhA0fw33EnOW24pc7qO_lHq1605hMIDCHNog2A==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 25 KB
8 KB 8ms
7ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 914466
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3g.L2n28pTj8AcDJTW_JUnx4I1CqyPA9
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zMQL07x8USh61N_-G9V__sjlaiS05HgjgQw00MACAXCYsLdehkJnuA==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 16 KB
5 KB 8ms
7ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6bdaEoVaogjxYdNJvlFfyTO_1fTxsp6o
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dufLIj4y4o_OF-V9Q0L32lABSitlFE3Ikfss8BUPYo3cNtW0OhAp1g==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 74 KB
23 KB 8ms
8ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6gQKY2Z4WlMksLZdIWb2FJrblhtgX_rJ2FcJ3eTxudmj-DXq_PRscQ==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 59 KB
19 KB 9ms
8ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyXTxSuCBvZx654ePqR2xs6GalDG76.D
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Uc_E8kEskqnNvi0GlagElZpMs-GgBNr4tJ0W6bK4MjsIWe_gtOkhqQ==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 91 KB
28 KB 10ms
9ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eWIFIo8DxLn4S25aWqEs5lrAyCB0pQZS
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gAInXwmGepf2-69o7Z4MjY9vdhWHBj-8_JLMx2jlxsa2DmB_QcQaMA==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 23 KB
7 KB 10ms
10ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g.TAX9Ljd1CKN2hPKg7rBsCyhJ70wktS
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: adlz0EKQGhOvrWZCQ0iSqxz6pFywu3cWTL2QR1EUPB7B7CRrHWn30g==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 62 KB
20 KB 11ms
11ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 914466
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AZatU1G3W6aZgnPi8EiGVtSbHMH8e_3C
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pRSX4WsEi6yjjud7hEk0RbRDPM2bej1Cm6NGmKQFA2ZofgtaC71qkg==

GET
H2 200 45.772158c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 105 KB
34 KB 12ms
11ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Wo_uRM2rzEKAIONIW1ozWH.Ih3Zgd.66
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ilWMIYqTBHTuNqkBnTUfP5jHyChhxlxSfSYInG8fkZwr2CoJprRBwg==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 12 KB
4 KB 13ms
13ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 914466
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nPi-KvKWnX-k-0iZkkfEv1AReAuwX0dJc9SEb691rhbX-v2ejoHrgQ==

GET
H2 200 28.ed383893.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 12 KB
5 KB 14ms
14ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W4iSCS77kEC.SSNCcLhsvI35ESlRZh_5
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5sZAlTF2CYg_OEjMvuLDrWJv67JBG1bLtbix7RcEZ_dP2s-D8GxRmg==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 17 KB
7 KB 14ms
14ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IYcZXStVL2CjeeCB9Www5YnCHKJfMMCs
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -dmiWZPKtgo2AmZKSEPP-JTnQfDuRnUIJE60BkmJI4eB8UEONRwplQ==

GET
H2 200 9.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 1E1C 11 KB
3 KB 14ms
14ms Stylesheet
text/css 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hokYckg1IjTUPfKmbuCy6NNmRFmQH3VZ
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0MFnibAf4gQEP8HQIx7sZTv7KwRY9MIcj4ltTE6NM8G1Qm6KDMB0mQ==

GET
H2 200 9.61bf5d5e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 70 KB
22 KB 14ms
14ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.61bf5d5e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

6774401309d194234d263e20d3b25357dd8e0080d357ba297064b94490e64151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:28 GMT
server: nginx
etag: W/"b0dd42407985a4f00c1012ed8c5c2e3e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6lcA8QuitZUhP8J6Df4tn8YMBMYoSZaq
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fXKfnlfjOiCYcniPFh020Ga1gbbLmGuM5KV_b1Gxb8kr0jzWlWv82Q==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 1E1C 24 B
667 B 15ms
15ms Stylesheet
text/css 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TBvY8KvDrMQWHQDk_95tUhz1V6lQM-Ng3qH1cqiBtXgpvfBezR8Avw==

GET
H2 200 17.3f0b9ace.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 78 KB
20 KB 16ms
15ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.3f0b9ace.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

7bcce44ec2d943fe9d61522360b1672f3f933a0b2b2fb8290ddab6b8bc6fa518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"fc1b69d2d46a8b9cd77ca44b344c39a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6w3rkEH8f0AxCr0_I6dnTuo.LuWYHxbE
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4vsxGWjs9i-d7YDcE34bV5lCGbFFTYVrRylcVbX48ajDSteLVSMBFg==

GET
H2 200 24.424a0721.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 47 KB
13 KB 16ms
16ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.424a0721.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

65665bb05b1ad71d6d32de916f9f57f9f246b64b34bda4bb8e8a3a28f5a88f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"8dc35338012f228e661545170673b0ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: va_EyNdsZjSRy0VIugBwqZ6uxWhBKMTQ
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G7TSnNuIAVRrehlGmHfR71_MKP58BNNHtGa6ACE_6xD3eZSGN4n8Pg==

GET
H2 200 15.b47cc4a6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 40 KB
13 KB 17ms
17ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.b47cc4a6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

10bbac7e2573245b857cbd8f748dd4c4fdabb0b6aed035e24279adfbf5827b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"ea7cb1975200446203d5380d96bcb52c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rgpUPBH8l30iCkNptICZb1R4wFf8Hw2S
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Tu2-prNvHeeMM79Na5NPmrjvYYr44ukJTSCdFDJydzlvfKkOKRsS_w==

GET
H2 200 34.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 1E1C 3 KB
1 KB 7ms
7ms Stylesheet
text/css 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pDgWOASMN9_NDbkmryYYC4K2HoZ50omL
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: USW1_TYZgZ1eFmTj_PhzJoeYWfEKc_w6nM_dRJd2c-aatUhbbjOQGA==

GET
H2 200 34.07340d2f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 3 KB
2 KB 7ms
7ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.07340d2f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 14:14:39 GMT
content-encoding: gzip
age: 243978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 13:01:30 GMT
server: nginx
etag: W/"f732dfb3db72f996e1f4bc0225629a20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HvgZCV9LNyT7x7vVdSj885BtX9dyNytM
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZrNmyuAYJaGJs7MrXXMsCPNZCFuv0ZWSsgyV4j7h5QZhghS2am6nEQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 9 KB
3 KB 7ms
7ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:34 GMT
content-encoding: gzip
age: 3487403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:05 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: R58GC9JKCFqRYH8PW35ajAhO8b2ao9Fj
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a9oWwtNQSBdL5tmsZW9U0LOHcgLR6fRPmWVw_f5MctSnG7k7JDHUVA==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 1E1C 7 KB
2 KB 8ms
7ms Stylesheet
text/css 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qCJlHTNUr2HFRH6Ajng7Ce3aN.cZgspN
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 19GXZppkJ6H-ixlTAcUMKFn6vIDcySFU9M6NRUHGrNjQaHsMZah90w==

GET
H2 200 3.00aa1009.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 54 KB
16 KB 8ms
8ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.00aa1009.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

b8eef39219651c2e824894e8f8d35742e86021c1a556136fb6ffc5e1169bccbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"b6e857285e106c4d697971a13a9e5f01"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5X0O2ApU5vgBeUnxDu8Cb4hnMjQt6Q5W
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4cUMegZFSLCltThy0VEG9DLuJnj7gA40ECvoDQE4COv-rHhVrzzYkg==

GET
H2 200 1.2a811815.chunk.css
js.driftt.com/core/assets/css/ Frame 1E1C 43 KB
7 KB 9ms
8ms Stylesheet
text/css 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.2a811815.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

5c09e8bec292a5b43b6a5be55beb50de7bf16c101bf236faa43e49ce70f8c229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 14:14:39 GMT
content-encoding: gzip
age: 243978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 13:01:27 GMT
server: nginx
etag: W/"cffa309af51f35e8b5792ddf3e06a80b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VUaHAxuPIr8zCHoCffr5ySO3Had_qiEc
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vKCqjb2WuuI_rD-7OWnKT7TravWmbmtKCVbpq5mtoFqLUd_Fa5L2-g==

GET
H2 200 1.703eaedc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 73 KB
25 KB 9ms
9ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.703eaedc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

653623f60084fd90a4b77c27ef32e61b8c2bd9d79c0a89862fab02050acb45cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238489
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"dc64944623f982a6b9f90826280c904a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Z5QgxW_TRh0NIcTxSkJlyHAMlampKTw
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2ZYec-YJzW9Z0JBdihMQlLEBFjab7KJ-nFY60FXi59e62-PrEgcDYw==

GET
H2 200 32.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame 1E1C 12 KB
3 KB 10ms
9ms Stylesheet
text/css 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: D63PtXL5bP.wpWr.uBaG9A4P_yKmwfSx
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7Q983-qUxYFxcohCAppktXfsTXS2Kq2cE03JkYY63tKP-dQyvPsgmg==

GET
H2 200 32.08d8dedf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E1C 11 KB
5 KB 10ms
10ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.08d8dedf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

88d623d347bc1d092c1d546f62ac989acddceb46ca869c4b48adb62e229daee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655719254411
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238489
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"566a10802a29d81a470d77eb56b23265"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: q1XXFzMgigoPtwIuvu5JzvITbp4A1Agn
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JMzZNvrFWphTfEuhk0Ng14SnT_yQV_bgEd81C06qwUV-wnYRGvku8A==

GET
H2 200 5356 Show response
app.hushly.com/runtime/countries/ 75 KB
20 KB 185ms
184ms Script
text/javascript 35.81.118.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hushly.com/runtime/countries/5356?callback=hushlyCountriesCallback&_=1655719256653
Requested by: Host: app.hushly.com
URL: https://app.hushly.com/assets/widget-862458c95f6d6678570d584214f4c95b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.81.118.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-118-86.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 68b4b6fc343811ef9268a786ba1a6d45532277051d2db7804896df2b58a9b429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:00:57 GMT
content-encoding: gzip
cache-control: max-age=31536000, public
x-robots-tag: noindex
vary: Accept-Encoding
content-type: text/javascript

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 219ms
218ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4f8940777f901846f0ca8e9c86cb925a&svisitor=cfd5ce17809100005745b062df0100006e8bae01&session=4ad6505b-9821-492b-8bc1-1ad292d0bfa0&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2020%20Jun%202022%2010%3A00%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2020%20Jun%202022%2010%3A00%3A55%20GMT%22%2C%22timeSpent%22%3A%222176%22%2C%22totalTimeSpent%22%3A%222176%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20deliver%20visibility%20and%20analytics%20on%20all%20data-in-motion%20across%20the%20hybrid%20cloud%20network%20to%20solve%20for%20critical%20security%2C%20performance%20and%20budget%20requirements%20%E2%80%93%20freeing%20you%20to%20accelerate%20digital%20innovation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&pageViewId=f816206d-43d9-4253-8262-bc2b8355a25f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:57 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 runtime~main.b3a0ca5d.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 6 KB
3 KB 8ms
7ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

b339bdb07ea2df0f40629052bdeda41410aaf541dff56f46239cdea5d59b47e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238489
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:29 GMT
server: nginx
etag: W/"69f8b5fdba551ac6e2dbfc311c6548f4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6daTpdR8xHxzp4XWU.Ic3TEw1ssUepbq
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hk2KsJ8tHQQZd0J3sbeQDllxOfSOgBkmd9cLxHPlN27DM54iQG4ZJQ==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 35 KB
13 KB 8ms
8ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2Uw06L2BeX8GFQVq7d1tVQiwR56itVB2TIp-Tjma_ZUTLgvFz0plcw==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 7 KB
3 KB 9ms
8ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:15 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9qbak4s_fS3U3ItMkJp51dxjDAaDzA89
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JxVXxODwrfjofN1hD43y5KsiDczS_H9SzCYSb-DmPegtPgigod3wVQ==

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 47 KB
14 KB 7ms
7ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ghx9KuLEsU65toAWp7tNXfQomgxjyrbm
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LIZURU7Vwn0Ak6FdAO6vLAaLzha3hHsYnnEGPDa5mu9aEXbiMMRNSg==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 44 KB
13 KB 8ms
7ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9rIJ_he3NnZfaZwCr7GvLzRmtehknn.
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H2DfM9FAk61spfuNu4LJfzXl3gPZrARhQSfFXI-fjnFInLzblkxvrg==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 25 KB
8 KB 8ms
8ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3g.L2n28pTj8AcDJTW_JUnx4I1CqyPA9
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Amf645gCtQMo0YfTQ3aWCqlx_1wWmgOHBEWnLA9RKpQrJf5yA9Dqdg==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 16 KB
5 KB 9ms
8ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6bdaEoVaogjxYdNJvlFfyTO_1fTxsp6o
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F9rf_E_lUE7UVHx9hbAHMzX0e-IUHoDBjaL0zKNWI-PpoXqeppA2qQ==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 74 KB
23 KB 9ms
8ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NWCxvIimxtB7yN_7ELMes5_KI7lm0t4XlL11zlhqhV0iRl27NwWi_g==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 59 KB
19 KB 10ms
9ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyXTxSuCBvZx654ePqR2xs6GalDG76.D
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -eUGkzoBIZUkdPpsj3N8Et6lZrkK_PVMh7SryekWVUlqWQoPEWyRXw==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 91 KB
28 KB 10ms
9ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eWIFIo8DxLn4S25aWqEs5lrAyCB0pQZS
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5oiRrF-EM8vVItT0zlSSrqa1ko5sJDJlcxZTlU1HmtUZpcrdOPHf6A==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 23 KB
7 KB 11ms
10ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g.TAX9Ljd1CKN2hPKg7rBsCyhJ70wktS
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mere4p-sVqYkEDlvj_nGLL-DxUC_vIlwa_k6g7hTpgYynsRANddcMw==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 62 KB
20 KB 11ms
10ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AZatU1G3W6aZgnPi8EiGVtSbHMH8e_3C
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q1mfnQvEATVbOXNAi5XXCIxjP5jU-xt-ab04qF3smjL-D0vQ5Ci1OA==

GET
H2 200 45.772158c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 105 KB
34 KB 12ms
11ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Wo_uRM2rzEKAIONIW1ozWH.Ih3Zgd.66
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pdwHqt2lJHDi1S44iid1I3pz5BtcEZioCk_dEfDg0YZMTbzoOs0zzQ==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 12 KB
4 KB 12ms
11ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4FLyC1yOHpx2uNzIoVS2SHPj7lzuUwWXOxVSzfXAMx9yg0bsCxcyPg==

GET
H2 200 28.ed383893.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 12 KB
5 KB 13ms
12ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W4iSCS77kEC.SSNCcLhsvI35ESlRZh_5
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pNlwCS8wl93j-LWJZxds3X5V-DL3I6MuUUpZ2MQzMtxSzBvoH56hpA==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 17 KB
7 KB 13ms
12ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IYcZXStVL2CjeeCB9Www5YnCHKJfMMCs
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6762xTcL0NRO6SKy5Erh8O3mZiywCcnaXQZAI6tYYWZiIzjhQ0EXOg==

GET
H2 200 9.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame AF2F 11 KB
3 KB 13ms
12ms Stylesheet
text/css 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hokYckg1IjTUPfKmbuCy6NNmRFmQH3VZ
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZbK0oCYdqTVD29JBtab2fQUJt1fUDNBO59XqMB4HcTnj3IOefqQe_A==

GET
H2 200 9.61bf5d5e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 70 KB
22 KB 14ms
13ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.61bf5d5e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

6774401309d194234d263e20d3b25357dd8e0080d357ba297064b94490e64151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238489
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:28 GMT
server: nginx
etag: W/"b0dd42407985a4f00c1012ed8c5c2e3e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6lcA8QuitZUhP8J6Df4tn8YMBMYoSZaq
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2ToLDEt8nuWcwy7gdtTBgvp6r3g5oHAbYerfQvhZnnfTWl9p3qu69g==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame AF2F 24 B
666 B 14ms
13ms Stylesheet
text/css 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
age: 914468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IPiou_mMixG5aHc5SAWtHrWPhgf1ZSwwDjT5Ga1OPK2wW8fic7qZjA==

GET
H2 200 17.3f0b9ace.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 78 KB
20 KB 15ms
14ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.3f0b9ace.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

7bcce44ec2d943fe9d61522360b1672f3f933a0b2b2fb8290ddab6b8bc6fa518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238489
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"fc1b69d2d46a8b9cd77ca44b344c39a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6w3rkEH8f0AxCr0_I6dnTuo.LuWYHxbE
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dlDn16Skiuzl23IN_zlmbRwQ8nivRoWRt2hv2j-ti3Kjxbr0XAOFRA==

GET
H2 200 24.424a0721.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 47 KB
13 KB 15ms
15ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.424a0721.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

65665bb05b1ad71d6d32de916f9f57f9f246b64b34bda4bb8e8a3a28f5a88f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238489
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"8dc35338012f228e661545170673b0ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: va_EyNdsZjSRy0VIugBwqZ6uxWhBKMTQ
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3C9tSsSTdBIN3z9RAFBXDNcxgF5x87NS6PV2AeUzTPFcvl-gLxk7Ag==

GET
H2 200 15.b47cc4a6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 40 KB
13 KB 16ms
16ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.b47cc4a6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

10bbac7e2573245b857cbd8f748dd4c4fdabb0b6aed035e24279adfbf5827b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238489
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"ea7cb1975200446203d5380d96bcb52c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rgpUPBH8l30iCkNptICZb1R4wFf8Hw2S
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Lbf4M2P9xzhyKO-L_IhZ-drsZ-EtthxweEgPR5HREzLsVRejj7VLdQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 9 KB
3 KB 7ms
6ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:34 GMT
content-encoding: gzip
age: 3487403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:05 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: R58GC9JKCFqRYH8PW35ajAhO8b2ao9Fj
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 89YGsJBwyK3Isa0QcoEXm4WSPBIuQ8mmZyAbdJC1fJkVzj0CTqHOHg==

GET
H2 200 26.a5fa75d7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 33 KB
10 KB 7ms
7ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a5fa75d7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

72d52dcf32b1f0357fdb9688cb7d59dd429ed01f5bf3098825191ba7e244927c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"07c533e32590bc52ac1b137167ac3d81"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Om6KhJpoRUYTr7Om8uqiUaVuwIdIX9mR
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VnxyB6Hjfeho0smZntSa67MEjtDqEn1WR4XCTrspKmhBhDG4nk9UBw==

GET
H2 200 27.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame AF2F 8 KB
2 KB 8ms
7ms Stylesheet
text/css 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 914467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xlq0zBG2KT_EHoSQ.8VBH19dO.kmmlfU
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5H11eTbrV1mrDs0O8zfYTNagOYMeGEbiY23JKJxq-E0jjdoPPUSCbQ==

GET
H2 200 27.cae93f43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 12 KB
5 KB 8ms
8ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.cae93f43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

cbd1fd9e5454ee302f349f7a91241a8e37f4daf59dfbbfb26d8c76d4ec49fac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238489
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"5277c592e20a97f12101fb9221e1083d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RRKwz_zWe9zBFE0ke3ga_KW8r9kULuha
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a-hysUn3dx9KywxovFc3kgEUSYnzFzzEX6phJerv8Hcdng4wwsEKug==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame AF2F 365 B
1006 B 8ms
8ms Stylesheet
text/css 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 08:38:41 GMT
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
age: 1041736
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Fri, 22 Apr 2022 20:24:53 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: L3VGtilyy25ajd6juXICRdarj04czsmC
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ShYmS9zuke9HYaWphx6j6utyj5o2lJigef22W8U08iYIlXA7pVrt7Q==

GET
H2 200 19.3e3f9111.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AF2F 87 KB
24 KB 9ms
8ms Script
application/javascript 18.66.139.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.3e3f9111.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-99.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

c1b1fa0d1bd18fded151783314b2ff0e0e331d0b834a802b556de1188b0190c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=db54d69d-5b0c-4748-b9ed-52c2d08a192a&sessionStarted=1655719256.663&campaignRefreshToken=b47b7fd9-349c-41f6-aa30-1c429ad2a9e0&hideController=false&pageLoadStartTime=1655719254411&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 238489
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"3d2db6ec92b78995faa183006f204b50"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OlwPf5h5MTo.GrftkVN7H1MHuFTAK0BH
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P4
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WuhWoS23we1DcCuuAS2iexgSq46J2NP0n5R0YLnMOEY3XkPknB5a7g==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame AF2F 25 B
123 B 113ms
112ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Jun 2022 10:00:58 GMT
server: istio-envoy
requestid: 32beb5362673df6a
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 321ms
100ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 20 Jun 2022 10:00:58 GMT
requestid: drift0c8a9d84d49b0bdf72ea06f7a09
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame AF2F 147 B
245 B 104ms
103ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

d00c7f38c7dceaf454fadd16d59fd550808cbea824993d87a6407ba16e28cf1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Jun 2022 10:00:58 GMT
server: istio-envoy
requestid: 5cb168d83f65d5c5
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 314ms
103ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 20 Jun 2022 10:00:58 GMT
requestid: drifta87ee604d42af82f8d0b7051ba2
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 240ms
239ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4f8940777f901846f0ca8e9c86cb925a&svisitor=cfd5ce17809100005745b062df0100006e8bae01&session=4ad6505b-9821-492b-8bc1-1ad292d0bfa0&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2020%20Jun%202022%2010%3A00%3A58%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2020%20Jun%202022%2010%3A00%3A57%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%223181%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20deliver%20visibility%20and%20analytics%20on%20all%20data-in-motion%20across%20the%20hybrid%20cloud%20network%20to%20solve%20for%20critical%20security%2C%20performance%20and%20budget%20requirements%20%E2%80%93%20freeing%20you%20to%20accelerate%20digital%20innovation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&pageViewId=f816206d-43d9-4253-8262-bc2b8355a25f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:58 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 92ms
92ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://blog.gigamon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://blog.gigamon.com
date: Mon, 20 Jun 2022 10:00:58 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 211ms
210ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4f8940777f901846f0ca8e9c86cb925a&svisitor=cfd5ce17809100005745b062df0100006e8bae01&session=4ad6505b-9821-492b-8bc1-1ad292d0bfa0&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2020%20Jun%202022%2010%3A00%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2020%20Jun%202022%2010%3A00%3A58%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224182%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20deliver%20visibility%20and%20analytics%20on%20all%20data-in-motion%20across%20the%20hybrid%20cloud%20network%20to%20solve%20for%20critical%20security%2C%20performance%20and%20budget%20requirements%20%E2%80%93%20freeing%20you%20to%20accelerate%20digital%20innovation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&pageViewId=f816206d-43d9-4253-8262-bc2b8355a25f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:00:59 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame AF2F 25 B
88 B 110ms
110ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Jun 2022 10:01:00 GMT
server: istio-envoy
requestid: 4658e1196f8c6af2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 100ms
98ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 20 Jun 2022 10:01:00 GMT
requestid: driftf81edf8455799e1430227030459
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 212ms
211ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4f8940777f901846f0ca8e9c86cb925a&svisitor=cfd5ce17809100005745b062df0100006e8bae01&session=4ad6505b-9821-492b-8bc1-1ad292d0bfa0&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2020%20Jun%202022%2010%3A01%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2020%20Jun%202022%2010%3A00%3A59%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%225184%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20deliver%20visibility%20and%20analytics%20on%20all%20data-in-motion%20across%20the%20hybrid%20cloud%20network%20to%20solve%20for%20critical%20security%2C%20performance%20and%20budget%20requirements%20%E2%80%93%20freeing%20you%20to%20accelerate%20digital%20innovation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&pageViewId=f816206d-43d9-4253-8262-bc2b8355a25f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.gigamon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 10:01:00 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gigamon.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 08:14:31	Name: demdex Value: 87136677559445283780447548100031058619
.gigamon.com/	1969-12-31 23:59:59	Name: AMCVS_39F6555A58A470C30A495EF7%40AdobeOrg Value: 1
.blog.gigamon.com/	1970-01-20 21:26:31	Name: _ga Value: GA1.3.56360436.1655719255
.blog.gigamon.com/	1970-01-20 03:56:45	Name: _gid Value: GA1.3.1475881461.1655719255
.6sc.co/	1970-01-20 21:26:31	Name: 6suuid Value: cfd5ce17809100005745b062df0100006e8bae01
blog.gigamon.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: cq44tjfctgqrr71vdc090mf2oc
.gigamon.com/	1969-12-31 23:59:59	Name: _sp_ses.4bc7 Value: *
.gigamon.com/	1970-01-20 21:26:31	Name: _sp_id.4bc7 Value: 614a2f3f-4acf-4d06-9161-561b47b13eab.1655719256.1.1655719256.1655719256.eba18afd-0edb-46c8-b791-ed9754203b11
.everesttech.net/	1970-01-20 12:40:55	Name: everest_g_v2 Value: g_surferid~YrBFVwAAAFesJANe
.gigamon.com/	1970-01-20 21:26:31	Name: _ga_8TBBTSEV1P Value: GS1.1.1655719255.1.0.1655719255.0
.linkedin.com/	1970-01-20 04:38:31	Name: UserMatchHistory Value: AQK4sR3otdmVLQAAAYGAjt6TXZJy9yutKcXysmFBr0LEfje3unJGb_AlNBNMh603KNIL5OnEGKzAxw
.linkedin.com/	1970-01-20 04:38:31	Name: AnalyticsSyncHistory Value: AQJgipkFl6ZMigAAAYGAjt6TbXB-InB9HjhTwu7P-j2g30JQfr8Dagf5IMUuQVXRuwS7DT8e7-LxELfUq5xPfg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:27:13	Name: bcookie Value: "v=2&5a3d0826-1f5b-42ed-849a-9c70d804d82a"
.linkedin.com/	1970-01-20 03:56:45	Name: lidc Value: "b=TGST00:s=T:r=T:a=T:p=T:g=2906:u=1:x=1:i=1655719255:t=1655805655:v=2:sig=AQGF4IR60w1DFPWmofes-XLpUjejt3o4"
.gigamon.com/	1970-01-20 21:26:31	Name: _ga Value: GA1.2.56360436.1655719255
.gigamon.com/	1970-01-20 03:56:45	Name: _gid Value: GA1.2.1475881461.1655719255
.gigamon.com/	1970-01-20 03:55:19	Name: _gat Value: 1
.gigamon.com/	1970-01-20 06:04:55	Name: _fbp Value: fb.1.1655719255887.500267009
.dpm.demdex.net/	1970-01-20 08:14:31	Name: dpm Value: 87136677559445283780447548100031058619
.gigamon.com/	1970-01-20 04:38:31	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Jun+20+2022+10%3A00%3A55+GMT%2B0000+(GMT)&version=6.34.0&isIABGlobal=false&hosts=&consentId=bd237162-c9bf-4b55-a8fa-9c1523ed5a1d&interactionCount=0&landingPath=https%3A%2F%2Fblog.gigamon.com%2F2021%2F05%2F17%2Ftracking-darkside-and-ransomware-the-network-view%2F%3Futm_source%3Dbdr-email%26d_utk%3D002a7ff3-e56d-4d58-a6be-89a4db005b12&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0
.gigamon.com/	1970-01-20 21:27:57	Name: AMCV_39F6555A58A470C30A495EF7%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19164%7CMCMID%7C86714306726289836710471809548733381686%7CMCAAMLH-1656324055%7C6%7CMCAAMB-1656324055%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1655726455s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19171%7CvVersion%7C5.2.0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:27:13	Name: bscookie Value: "v=1&20220620100055268fe8df-e1c4-4e05-8576-7b77b1d47c83AQElsUGebRTEOPhsvbwgh-WB6eTUvlYa"
.linkedin.com/	1970-01-20 21:16:53	Name: li_gc Value: MTswOzE2NTU3MTkyNTU7MjswMjELoi6TmbEy1xWeil/BgaSllqaLR8HvEp3c25UppGX/DA==
.gigamon.com/	1970-01-20 03:55:21	Name: gpv Value: Tracking%20DarkSide%20and%20Ransomware%3A%20The%20Network%20View%20-%20Gigamon%20Blog
.gigamon.com/	1969-12-31 23:59:59	Name: s_campaign Value: bdr-email%7C%7C%7C%7C
.gigamon.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.gigamon.com/	1970-01-20 12:40:55	Name: _hjSessionUser_2625414 Value: eyJpZCI6Ijc0MzY3YzM5LTgzMjEtNTNmYS05MjAyLTRmNDkwZDY3OWY1NiIsImNyZWF0ZWQiOjE2NTU3MTkyNTYwNTYsImV4aXN0aW5nIjpmYWxzZX0=
.gigamon.com/	1970-01-20 03:55:21	Name: _hjFirstSeen Value: 1
blog.gigamon.com/	1970-01-20 03:55:19	Name: _hjIncludedInSessionSample Value: 0
.gigamon.com/	1970-01-20 03:55:21	Name: _hjSession_2625414 Value: eyJpZCI6IjJiMjk0ZTFmLTlmM2ItNGE1NS04NDc3LWMzZTMxMGQxNjAwOSIsImNyZWF0ZWQiOjE2NTU3MTkyNTYwNjgsImluU2FtcGxlIjpmYWxzZX0=
blog.gigamon.com/	1970-01-20 03:55:19	Name: _hjIncludedInPageviewSample Value: 1
.gigamon.com/	1970-01-20 03:55:21	Name: _hjAbsoluteSessionInProgress Value: 1
.gigamon.com/	1970-01-20 21:26:31	Name: _mkto_trk Value: id:892-WER-078&token:_mch-gigamon.com-1655719256077-61630
www.gigamon.com/	1970-01-20 04:05:24	Name: AWSALB Value: R6MHQP9M5lxS34Ghs59+33Mmpt/pVZj07e79lWeYFyeNR/x4IsmK8+neq9sDRc7wv8Usu4QxnWqiKbbgXyJtsBjwMmMLV/1CWDWLPYbtttqgAyMD05Uk8P9C3Rla
www.gigamon.com/	1970-01-20 04:05:24	Name: AWSALBCORS Value: R6MHQP9M5lxS34Ghs59+33Mmpt/pVZj07e79lWeYFyeNR/x4IsmK8+neq9sDRc7wv8Usu4QxnWqiKbbgXyJtsBjwMmMLV/1CWDWLPYbtttqgAyMD05Uk8P9C3Rla
.facebook.com/	1970-01-20 06:04:55	Name: fr Value: 0WiWjqGgGQ4Zmu9ru..BisEVY...1.0.BisEVY.
.bing.com/	1970-01-20 13:16:55	Name: MUID Value: 34A5E669DD1C61D01340F7A0DCCE60DC
.gigamon.com/	1970-01-20 03:56:45	Name: _uetsid Value: e09f42c0f07f11ecaa73d1d471ee1243
.gigamon.com/	1970-01-20 13:16:55	Name: _uetvid Value: e09f5020f07f11ecbfb20f5496460b42
.bidr.io/	1970-01-20 13:23:52	Name: bito Value: AAdx_E7FYIsAABUBgMeHsg
.bidr.io/	1970-01-20 13:23:52	Name: bitoIsSecure Value: ok
.company-target.com/	1970-01-20 21:26:31	Name: tuuid Value: 619a4970-3e18-4f36-8940-1bbd8ff5b312
.company-target.com/	1970-01-20 21:26:31	Name: tuuid_lu Value: 1655719256
blog.gigamon.com/	1970-01-20 04:05:24	Name: slireg Value: https://scout.us2.salesloft.com
www.clarity.ms/	1970-01-20 12:40:55	Name: CLID Value: 8cf606edccb242589c3376cd34433a29.20220620.20230620
.layerfive.com/	1970-01-20 12:40:55	Name: l5_sp Value: 62635915-7ed6-4323-8528-259b64a0949f
.blog.gigamon.com/	1970-01-20 03:55:19	Name: _gat_35b96cb80b3e89e85eb544aa4736c289 Value: 1
blog.gigamon.com/	1970-01-20 12:40:55	Name: sliguid Value: 92d596b9-7f22-4265-a668-841d0cbb16b9
blog.gigamon.com/	1970-01-20 12:40:55	Name: slirequested Value: true
.gigamon.com/	1970-01-20 12:40:55	Name: _clck Value: 11qqq5k\|1\|f2h\|0
blog.gigamon.com/	1970-01-20 03:55:21	Name: drift_campaign_refresh Value: b47b7fd9-349c-41f6-aa30-1c429ad2a9e0
.gigamon.com/	1970-01-23 19:31:19	Name: _hly_vid Value: 0ab5d081-7be0-4d6e-a592-256a0562d13f
blog.gigamon.com/	1970-01-20 04:05:24	Name: _an_uid Value: 0
blog.gigamon.com/	1970-01-20 21:26:31	Name: _gd_visitor Value: 6ccf582a-47ec-4206-89c5-1ed7f9d87a40
blog.gigamon.com/	1970-01-20 03:55:33	Name: _gd_session Value: 4ad6505b-9821-492b-8bc1-1ad292d0bfa0
blog.gigamon.com/	1970-01-20 21:26:31	Name: _gd_svisitor Value: cfd5ce17809100005745b062df0100006e8bae01
blog.gigamon.com/	1969-12-31 23:59:59	Name: _hly_sid Value: 14ee7e1c-7b6f-410a-a8d6-54d34935a2cf
.c.bing.com/	1970-01-20 13:16:55	Name: SRM_B Value: 34A5E669DD1C61D01340F7A0DCCE60DC
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:16:55	Name: MUID Value: 34A5E669DD1C61D01340F7A0DCCE60DC
.c.clarity.ms/	1970-01-20 03:55:19	Name: ANONCHK Value: 0
.gigamon.com/	1970-01-20 21:29:24	Name: mbox Value: session#ec77b821d57740579eed5ed804722232#1655721115\|PC#ec77b821d57740579eed5ed804722232.37_0#1718964057
.gigamon.com/	1970-01-20 03:56:45	Name: _clsk Value: 1alx16n\|1655719257062\|1\|1\|f.clarity.ms/collect
app.hushly.com/	1970-01-20 04:05:24	Name: AWSALBCORS Value: ZZeL4TU3BhwTSQATCDCPooPo4N26CPc54xb5SycUv45oOuQmAED9rkh1cLVNBHXyfQDHo7zKFaX1zs/lj2lo/nIFJycA8eMs0TK3nepsuS2egS7T+tsyR/Jk3kev

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.cookielaw.org/scripttemplates/otSDKStub.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.cookielaw.org/scripttemplates/otSDKStub.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.adsrvr.org/up_loader.1.1.0.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://tracking.leadlander.com/lt-v2.min.js Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

892-wer-078.mktoresp.com
api.company-target.com
app.hushly.com
app.salesloft.com
assets.adobedtm.com
b.6sc.co
bat.bing.com
blog.gigamon.com
bootstrap.api.drift.com
c.6sc.co
c.bing.com
c.clarity.ms
cdn.cookielaw.org
cm.everesttech.net
connect.facebook.net
cookies-data.onetrust.io
d2ft3xf0i1jq1c.cloudfront.net
dpm.demdex.net
epsilon.6sense.com
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
ga.clearbit.com
geolocation.onetrust.com
gigamon.demdex.net
gigamon.sc.omtrdc.net
gigamon.tt.omtrdc.net
id.layerfive.com
id.rlcdn.com
in.hotjar.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.driftt.com
match.prod.bidr.io
maxcdn.bootstrapcdn.com
metrics.api.drift.com
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
reveal.clearbit.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
secure.adnxs.com
segments.company-target.com
sl01.gigamon.com
snap.licdn.com
static.addtoany.com
static.hotjar.com
stats.g.doubleclick.net
tag.demandbase.com
tracking.leadlander.com
vars.hotjar.com
vc.hotjar.io
www.clarity.ms
www.facebook.com
www.gigamon.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
108.138.15.119
108.138.17.46
108.138.17.83
13.107.42.14
13.36.218.177
18.169.199.35
18.66.112.19
18.66.139.102
18.66.139.117
18.66.139.99
18.66.97.57
192.28.144.124
20.234.93.27
20.84.22.197
20.94.232.253
2001:4860:4802:32::36
23.111.9.64
23.205.237.4
2600:9000:2491:b000:5:5a7c:e400:93a1
2606:4700:10::6814:b844
2606:4700:10::6816:46c5
2606:4700:4400::ac40:9b40
2606:4700::6810:9440
2606:4700::6812:acf
2620:1ec:21::14
2620:1ec:27::cafe:1746
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c1b::9a
2a00:1450:400e:80f::2004
2a00:1450:400e:80f::200a
2a02:26f0:3500:16::215:14a0
2a02:26f0:3500:591::1e80
2a02:26f0:6c00:296::1c91
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.14.2
3.18.162.240
34.193.113.164
34.250.43.187
34.252.147.157
35.244.174.68
35.81.118.86
37.252.173.38
52.212.242.20
52.222.214.93
52.223.40.198
52.31.67.18
52.50.170.21
52.58.51.104
54.147.21.139
54.148.139.70
54.210.20.153
54.211.142.161
54.74.116.255
54.85.73.22
96.16.137.162
02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5
0330acb1c867714838b204d8df4cadf4d1faa30285fc047d8fb258c5e71cc250
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05c3e6ab5a2570eee92443a74d3959606f0cfff3f003e8676fc39bde55f709de
065f804ec42d116cce1997d3c08e536f682ac1685d6de6ab43b8cbd6cf94dcd8
083b0832515f53148d9ef152e470ed36d71ce10c43f4e1be3070b354eb0e08cc
08b71676cab1511c70dfd06d4d02bd7479ae6dd57380ba8fe30684d08711665f
093c5fc8801303cec13a29b0c0336ebac08424f9eb285f0bfd49cd3208efd968
0a3a8087a0937a2b6798e19d510d9769893a825753ac78bedb65e47d679b31a2
0e418b814ca71ed5a1519dec2a128e242fda6e41b5b5bf0d0e87c88dcd0c63dc
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10bbac7e2573245b857cbd8f748dd4c4fdabb0b6aed035e24279adfbf5827b8d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fc2ba363025beddd6891257637b38f8acdb74f87ab426c25c7fdeee393f0c7
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
163b12031c5a3803d6791044c42f5bcc01675ec6a746e709eebc5b54c6214992
180dc092ac5450f477719b623c2e46ec229fe6741bc241403828d506329587f7
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
25db7fc5b7bc34f20b5fb5b550cdd53e5499d0d360e3c76f7954f11d9b95e5a9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d1db6323f1a318464d5da05930d4bf5fa4b83c3f56668724db74e852fb245f2
300021deaa8115b341eeb1f237e192726651c84f00f49468c71d1262d1cd8881
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3325158bfffc5ad9f3236ba45c981e92cae9d83b6e135819aeb9130be73f1ca3
34bdaa2f3129b41801dd8d081e70bbc878e14f4381708caa7378a2cb555a3a21
396c8ddd0313efc5fa48b81cf0a6cfeea05e3e62da4859c807ff98bb71634237
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3dca05421db1a4f3c0518f74af0e01b2e8092fc76f735e1fc65b85686f12008d
3fb630c114a56f644c46a0590f839981140e41283316fc54391dcf999fac3ac9
4303e6bd813d907078a56b9e42c455f5c9c0dc3b7dbfee0c06ee5b1a242d942a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4b16ef712f5637c1e1cb635c0a1f4ed8164c42ec6d40781c4c293e57bb819881
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4c88179c16659e0da35d9cac18a633b3456b8031f699eb262ac7caee141409bc
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
527cdadeaef488639617c13b883e497b676608ddd012cb71383d712f53c9ce91
549447d49d2c07668dd36c059802573c7cd2d867d401246bba09eeb125b7378f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a
5ba1c362ee0416d18e8737b399eb671ffad3326c66f2bed46277659238f3c8c3
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c09e8bec292a5b43b6a5be55beb50de7bf16c101bf236faa43e49ce70f8c229
5c76e18433f0e08ea398573b3c73c094a787440c91c5dc3a5133c93fb2f7201b
5d1614a80108efba5244fa069b1df188c819b37b62809654ba379f68559f2dfc
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
653623f60084fd90a4b77c27ef32e61b8c2bd9d79c0a89862fab02050acb45cd
65665bb05b1ad71d6d32de916f9f57f9f246b64b34bda4bb8e8a3a28f5a88f94
66050fc997aede5fc99786dcf7cd5707faa0ba90eb9fed31b64cc2ee3c52d610
6774401309d194234d263e20d3b25357dd8e0080d357ba297064b94490e64151
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
68b4b6fc343811ef9268a786ba1a6d45532277051d2db7804896df2b58a9b429
69f17557e054f28f03eb92e3388e972e13c99224549cb9088bbb38336499482f
6a1221f4215707c1dccd6a0b68f95210ddda3c42e3c613e633e69f33cf2b5095
6b2a793c91a6b4893ca1934faa1738d3fea531ba0f7bfbb4180c0abc7ccb6930
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
6c96f281c608a304b6424aa52261b114c36226f78062446f6ac513c751938c5a
6eaa27ccc7461522c8457c065c8645ea08b62f67789e5867e20b073e5531a314
701d838c52ce1bebf032d7e5f48f0bffb81f1991b6b8446a7cd46b12c761b76a
727ab1a34e2bdc5419c1244497484c344755657d4d218f76339f5cfe88c68a3e
72d52dcf32b1f0357fdb9688cb7d59dd429ed01f5bf3098825191ba7e244927c
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
74d2d77d9c416a257559608f10f298a0e32fc8180cac67dd596d5e14d2f4f3b0
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8
7738674678ed4ccfbd2cf59fce20ef460374a267a115755177ee00f3912d49a4
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
7a33c3961295b7b40a3fba1b2a9ddd5431ad0578292cb6363078c48eee84d260
7bcce44ec2d943fe9d61522360b1672f3f933a0b2b2fb8290ddab6b8bc6fa518
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ce39788e0d5748b7aae96377e74954f63bad1a7468b3db5505bf0937b85e288
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d
884974b9e7eb0dae98b937218dc1cf34824de48106b0e1c2051c28d012e66743
88d623d347bc1d092c1d546f62ac989acddceb46ca869c4b48adb62e229daee5
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8bbcee206b32c385c31c893d46d3252ea5b88bbc13c4acf7adb4184d571104bf
8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
9540158da66c236639d9e8e783cf4caa8b172094f1f3410ecfe8ea6a1146d996
9591e432631631d59610fb5be9e0dfbc88dc5016da6c15d05661d60e32e36da6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3b968f9e4a689e5e201c76fbac4aa938a81bfd4efae20b3eb12b22f47947576
aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362
ae960ac9e3e93430d614027a7388c692d5374d914c60f1db80efc6a6fc36a665
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0
b07d46063eb26b4665aba201fb16d0377b00cbfadd541c0274c5333f340ec477
b17f7e4ceb718f74753d75cf5489f853d201a91559c0958f07fbd8a557972478
b339bdb07ea2df0f40629052bdeda41410aaf541dff56f46239cdea5d59b47e5
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b8eef39219651c2e824894e8f8d35742e86021c1a556136fb6ffc5e1169bccbd
ba276950627b9533a533197b10f92e6675ff9ba0f9a43fae92715183ab2deb0c
c1b1fa0d1bd18fded151783314b2ff0e0e331d0b834a802b556de1188b0190c5
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c40fececba16222c9966bb1cd461f167083f00b56902f37674df56738581c0c1
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c79476a033a0b0cab3dffb04460ab3d1ad291ca1f8811265e2489fbab3b1b50b
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cbd1fd9e5454ee302f349f7a91241a8e37f4daf59dfbbfb26d8c76d4ec49fac9
cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de
d00c7f38c7dceaf454fadd16d59fd550808cbea824993d87a6407ba16e28cf1d
d1aabe1212b2f9cb8f6a547454bd4e5f4773485e3e001b327e501ba3e0e77cc7
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d7192cbdf920d1507d2c01a6de21033c443615a7bce93a628c3ea59b62475e99
d785c60ec544292beae331726c9dcaf35475e1002ae85820b9e33737e7a01d63
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de89cbbd14daf219a675ae9dfbaec585ad4406a58878a1afd50fa9639ca6cb0d
e08d3b01f0f250bb8618a14e1bacc5a5ff12ead175f372a8286f1990c1b9921e
e1736d07e12e0d9ffd919b0c839ac70e535ac986640cbe8536b91d4c6fbcb621
e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e547fe50a764e43c4a31eee65d715869f35c7ad8d781584453561b87c4fcf7f3
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
e88dafe889a514ea8b9b07747f53d08b66a473b7caa78645b4aa2167563651e7
e899e2caae4ad860dcd75b23f54757f28edc17668106fd5c01a29cc6649146ef
e99a52151c294c42df9ab0df1048d2403af8d1cf94817c26c706c8d75d002743
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ecb4cf1400337bb3e1f8d6e9c312534a7e4a786832b909799c1d26373371861e
ed075e6f14b250be3c4344953433b448b5bf72d3937bcf7cafc06bcab0d130ae
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee89d95117140f3beccf075a232f1ad550f3ba1b4140558da8d24c68bffd35df
eeb13fabaa09bbfe590dc746c4fd65d426739d872eca723db51879a1ba86ac40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f5aca4287b01a75b27ddd18dc06a8090a94f274f8bd8e4180036671982f5d93b
f6057aff4b7013d7d1449abf35f70fccf4223aa063cb37aa6ee0f3f5ea29d014
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

blog.gigamon.com Open in urlscan Pro 20.94.232.253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

203 Requests

98 %HTTPS

38 %IPv6

44 Domains

66 Subdomains

57 IPs

6 Countries

3276 kBTransfer

8055 kBSize

67 Cookies

156 Outgoing links

Page URL History

Redirected requests

203 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.gigamon.com Open in urlscan Pro
20.94.232.253 Public Scan

Screenshot
Live screenshot

Full Image

203
Requests

98 %
HTTPS

38 %
IPv6

44
Domains

66
Subdomains

57
IPs

6
Countries

3276 kB
Transfer

8055 kB
Size

67
Cookies

203 HTTP transactions
2 data transactions