go.gigamon.com Open in urlscan Pro
104.17.70.206  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://mkto-m0027.com/ODkyLVdFUi0wNzgAAAGIG3DwryQ7HcM6HMGsJ7lgAsKCMvL9GWGqCq-dRBdbI2ZM5VDIcnQTCshMsF8Pe6V9Es2MPF8= Page URL
2. https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3961252&time=1668582450106&url=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware%26mkt_tok%3DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3961252%26time%3D1668582450106%26url%3Dhttps%253A%252F%252Fgo.gigamon.com%252Fpreference-center.html%253Futm_source%253DRansomware%2526utm_medium%253Demail%2526utm_campaign%253DRansomware4%2526utm_content%253DNurture%2526utm_term%253DRansomware%2526mkt_tok%253DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3961252&time=1668582450106&url=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware%26mkt_tok%3DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3961252&time=1668582450106&url=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware%26mkt_tok%3DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e&liSync=true&e_ipv6=AQJVN6vxjMH1igAAAYR_Q6V6uU7ogW5ApQYdUzcjoXh8tL3FH7GJJp4kIZcBUwTtf7DG2-IZ_ONeNrwgY9GSer3i5WEh

Request Chain 22

• https://x.clearbitjs.com/v1/pk_b132cd96807d0b8a9a93de49949f5dc1/clearbit.js HTTP 302
• https://x.clearbitjs.com/v1/pk_b132cd96807d0b8a9a93de49949f5dc1/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true

Request Chain 32

• https://cm.everesttech.net/cm/dd?d_uuid=23510174351166213842878091043376771181 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3SMMgAAANOIMgNe

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	302 Found	ODkyLVdFUi0wNzgAAAGIG3DwryQ7HcM6HMGsJ7lgAsKCMvL9GWGqCq-dRBdbI2ZM5VDIcnQTCshMsF8Pe6V9Es2MPF8= mkto-m0027.com/	643 B 1 KB	204ms 101ms	Document text/html	52.184.251.130 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://mkto-m0027.com/ODkyLVdFUi0wNzgAAAGIG3DwryQ7HcM6HMGsJ7lgAsKCMvL9GWGqCq-dRBdbI2ZM5VDIcnQTCshMsF8Pe6V9Es2MPF8= Protocol HTTP/1.1 Server 52.184.251.130 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software adobe / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-6ODXKNV3uUw9UCKTIY1XAe0MtEu3jxmjtCJ+/F1QabU=';object-src 'none';form-action:'none';frame-src:'none' X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, no-cache, no-store, max-age=0 content-length 643 content-security-policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-6ODXKNV3uUw9UCKTIY1XAe0MtEu3jxmjtCJ+/F1QabU=';object-src 'none';form-action:'none';frame-src:'none' content-type text/html;charset=UTF-8 date Wed, 16 Nov 2022 07:07:28 GMT referrer-policy strict-origin server adobe x-frame-options SAMEORIGIN x-request-id c26f642489f6eca8
GET H2	200	Primary Request preference-center.html Show response go.gigamon.com/	26 KB 6 KB	1112ms 955ms	Document text/html	104.17.70.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Requested by Host: mkto-m0027.com URL: http://mkto-m0027.com/ODkyLVdFUi0wNzgAAAGIG3DwryQ7HcM6HMGsJ7lgAsKCMvL9GWGqCq-dRBdbI2ZM5VDIcnQTCshMsF8Pe6V9Es2MPF8= Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.70.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c323860847a853c9437353fb988fa593660da729dfb06b884aa2802ae2938d0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://mkto-m0027.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 76ae63cfb9629031-FRA content-encoding gzip content-type text/html; charset=utf-8 date Wed, 16 Nov 2022 07:07:29 GMT p3p CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT" server cloudflare vary *,Accept-Encoding x-asset-type LP x-cache-status BYPASS x-content-type-options nosniff x-mkto-nginx-cache false
GET H2	200	launch-998be3cabc13.min.js Show response assets.adobedtm.com/c82e2088a759/3b64889e0c2d/	484 KB 127 KB	44ms 7ms	Script application/x-javascript	2a02:26f0:480:284::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:284::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 55a33a65cc19100f3a70d6f60cad5349c9fda8f79a258f278dcadbe71e89288f Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:29 GMT content-encoding gzip last-modified Thu, 10 Nov 2022 17:55:42 GMT server AkamaiNetStorage etag "da0e471a92d0470ca17f098097caa972:1668102942.747537" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://go.gigamon.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 129235 expires Wed, 16 Nov 2022 08:07:29 GMT
GET H2	200	mktLPSupportCompat.css go.gigamon.com/css/	2 KB 795 B	471ms 470ms	Stylesheet text/css	104.17.70.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.gigamon.com/css/mktLPSupportCompat.css Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.70.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Tue, 04 Oct 2022 18:03:55 GMT server cloudflare etag "4211f8-633-5ea39489038c0" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 accept-ranges bytes cf-ray 76ae63d5b8909031-FRA content-length 635 expires Wed, 16 Nov 2022 11:07:30 GMT
GET H2	200	jquery-latest.min.js Show response go.gigamon.com/js/public/	54 KB 17 KB	345ms 344ms	Script application/x-javascript	104.17.70.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.gigamon.com/js/public/jquery-latest.min.js Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.70.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d548530775a6286f49ba66e0715876b4ec5985966b0291c21568fecfc4178e8d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:29 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Tue, 04 Oct 2022 18:03:48 GMT server cloudflare etag "160dc2-d9de-5ea3948256900" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 accept-ranges bytes cf-ray 76ae63d5b8919031-FRA content-length 16759 expires Wed, 16 Nov 2022 11:07:29 GMT
GET H2	200	gigamon_newlogo.jpg go.gigamon.com/rs/892-WER-078/images/	28 KB 29 KB	389ms 386ms	Image image/jpeg	104.17.70.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://go.gigamon.com/rs/892-WER-078/images/gigamon_newlogo.jpg Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.70.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7dd16da2d4727332db75007a79260b72c21effd1181c751cbc8eb31efaaaad3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT x-content-type-options nosniff cf-cache-status MISS last-modified Sat, 15 Oct 2022 03:14:55 GMT server cloudflare etag "1e0d4b-7155-5eb0a2588aeec" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=60 accept-ranges bytes cf-ray 76ae63d8cbc89031-FRA content-length 29013 expires Wed, 16 Nov 2022 07:08:30 GMT
GET H2	200	forms2.min.js Show response go.gigamon.com/js/forms2/js/	208 KB 69 KB	129ms 129ms	Script application/x-javascript	104.17.70.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.gigamon.com/js/forms2/js/forms2.min.js Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.70.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 04 Oct 2022 18:03:49 GMT server cloudflare etag "4a1422-33e51-5ea394834ab40" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 76ae63d7ead19031-FRA expires Wed, 16 Nov 2022 11:07:30 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/	85 KB 27 KB	35ms 13ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 37575 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27433 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1538f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVc8u3WGZDlMuOGCo6n07OdIe1HiLne5HyNMjeb7D4z0h6SeSysOyHPR5qutBGsE6JoOKWzVQC3vJ%2BQQ%2Fdf414yY%2BJm0PDe%2FKtgR4DQTYwgb2yfzv5V4Fwqrmbz25FAoiKs%2FpqpXmqkrgSiUjBNPkvam"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 76ae63d8da9e9bb6-FRA expires Mon, 06 Nov 2023 07:07:30 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net//	1 KB 1 KB	34ms 8ms	Script application/x-javascript	23.205.237.4 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net//munchkin.js Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-237-4.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 16 Nov 2022 07:07:30 GMT Content-Encoding gzip Last-Modified Fri, 09 Sep 2022 01:18:39 GMT Server AkamaiNetStorage ETag "92b41a298690c047b0c4602dd843cba4:1662686319.691662" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Content-Length 728
GET H2	200	stripmkttok.js Show response go.gigamon.com/js/	2 KB 785 B	311ms 308ms	Script application/x-javascript	104.17.70.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.gigamon.com/js/stripmkttok.js Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.70.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 04 Oct 2022 18:03:50 GMT server cloudflare etag "4418e0-602-5ea394843ed80" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 accept-ranges bytes cf-ray 76ae63d8cbcb9031-FRA content-length 678 expires Wed, 16 Nov 2022 11:07:30 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	33ms 7ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 16 Nov 2022 05:15:54 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 6696 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Wed, 16 Nov 2022 07:15:54 GMT
GET H/1.1	200 OK	id Show response dpm.demdex.net/	366 B 1 KB	650ms 162ms	XHR application/json	34.242.111.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=39F6555A58A470C30A495EF7%40AdobeOrg&d_nsid=0&ts=1668582449641 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.242.111.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-111-67.eu-west-1.compute.amazonaws.com Software / Resource Hash 9f9516eb4262e5f79e686c5deceba9706c254826686fba63865bb157d38b6376 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://go.gigamon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-1-v045-0ced04f65.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID lKPdqUc1TNw= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://go.gigamon.com Content-Type application/json;charset=utf-8 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 311 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	33 KB 12 KB	10ms 8ms	Script application/x-javascript	2a02:26f0:480:284::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:284::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://go.gigamon.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 12163 expires Wed, 16 Nov 2022 08:07:30 GMT
GET H2	200	AppMeasurement_Module_ActivityMap.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	3 KB 2 KB	10ms 8ms	Script application/x-javascript	2a02:26f0:480:284::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:284::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "2d1382c349d480b6b41574ac0c1af066:1644856531.739514" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://go.gigamon.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 1597 expires Wed, 16 Nov 2022 08:07:30 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	13 KB 5 KB	53ms 17ms	Script application/x-javascript	2a02:26f0:3500:16::215:14a3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:14a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip last-modified Wed, 09 Nov 2022 19:27:04 GMT x-cdn AKAM vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=72914 accept-ranges bytes content-length 4530
GET		stateCountryPlusAustralia.js www.gigamon.com/marketo/js/	0 0
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	4 KB 2 KB	56ms 7ms	Script application/x-javascript	108.138.15.119 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.15.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-15-119.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 16 Nov 2022 01:07:28 GMT Content-Encoding gzip Via 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront) Last-Modified Thu, 24 Sep 2020 15:15:34 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-P7 Age 21603 ETag W/"98d98b3499058b76d58073cf8ede2f10" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id ddOiFusXkonJrPfvlIV6FH7xbfnE55-udJlX0z6XJhGNAxOunqtAQw==
GET H2	200	getForm Show response go.gigamon.com/index.php/form/	9 KB 2 KB	894ms 894ms	XHR application/javascript	104.17.70.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.gigamon.com/index.php/form/getForm?munchkinId=892-WER-078&form=5758 Requested by Host: go.gigamon.com URL: https://go.gigamon.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.70.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16eb5a1022447d7f6ef5fb1ee0f2a6b78230dd79244fab36ba623bddb7cdd133 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/javascript; charset=utf-8 x-form-service-request-id 1edc#1847f43a52d x-marketo-source Form Service cf-ray 76ae63d90c0c9031-FRA cached false
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/162/	11 KB 5 KB	9ms 9ms	Script application/x-javascript	23.205.237.4 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/162/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net//munchkin.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-237-4.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 16 Nov 2022 07:07:30 GMT Content-Encoding gzip Last-Modified Fri, 01 Jul 2022 00:59:12 GMT Server AkamaiNetStorage ETag "75daf56f6191efe42577301908659c29:1656637152.894482" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Type application/x-javascript Cache-Control max-age=8640000 Connection keep-alive Accept-Ranges bytes Content-Length 4677 Expires Fri, 24 Feb 2023 07:07:30 GMT
OPTIONS H2	200	token cdn.linkedin.oribi.io/partner/3961252/domain/go.gigamon.com/ Frame	0 0	55ms 14ms	Preflight	52.222.214.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/3961252/domain/go.gigamon.com/token Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.52 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-52.fra56.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://go.gigamon.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin * access-control-max-age 1800 age 77026 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH content-length 0 date Tue, 15 Nov 2022 09:43:44 GMT via 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront) x-amz-cf-id b4WJSsv9zLPmd0xIdTkKnDOZt-8WsI8SdvYIuKB92U8M9-zJxN_QuQ== x-amz-cf-pop FRA56-P3 x-cache Hit from cloudfront
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/3961252/domain/go.gigamon.com/	36 B 367 B	161ms 160ms	XHR application/json	52.222.214.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/3961252/domain/go.gigamon.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.52 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-52.fra56.r.cloudfront.net Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://go.gigamon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type application/json Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip via 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P3 vary accept-encoding x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id nrydNCf-0uQe9xP0I-_5bp4bAQH3i2wTjEhzHvbbAfPzf8UtKbCOow==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3961252&time=1668582450106&url=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3961252%26time%3D1668582450106%26url%3Dhttps%253A%252F%252Fgo.gigamon.com%252Fpre... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3961252&time=1668582450106&url=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3961252&time=1668582450106&url=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaig...	0 265 B	186ms 153ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3961252&time=1668582450106&url=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware%26mkt_tok%3DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e&liSync=true&e_ipv6=AQJVN6vxjMH1igAAAYR_Q6V6uU7ogW5ApQYdUzcjoXh8tL3FH7GJJp4kIZcBUwTtf7DG2-IZ_ONeNrwgY9GSer3i5WEh Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:29 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 0EEC696E363447AF8BAE24C029160969 Ref B: FRAEDGE1519 Ref C: 2022-11-16T07:07:30Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAXtkSBBRX5t7GyntOT4UA== Redirect headers date Wed, 16 Nov 2022 07:07:30 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: BFA5852B172648ABA2CC9D47125C1C29 Ref B: DUS30EDGE0921 Ref C: 2022-11-16T07:07:30Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3961252&time=1668582450106&url=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware%26mkt_tok%3DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e&liSync=true&e_ipv6=AQJVN6vxjMH1igAAAYR_Q6V6uU7ogW5ApQYdUzcjoXh8tL3FH7GJJp4kIZcBUwTtf7DG2-IZ_ONeNrwgY9GSer3i5WEh x-li-proto http/2 content-length 0 x-li-uuid AAXtkSA+QFvUfHozhlubdQ==
POST H/1.1	200 OK	visitWebPage 892-wer-078.mktoresp.com/webevents/	2 B 318 B	641ms 98ms	Ping text/plain	192.28.144.124 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://892-wer-078.mktoresp.com/webevents/visitWebPage?_mchNc=1668582450109&_mchCn=preference-center&_mchId=892-WER-078&_mchTk=_mch-gigamon.com-1668582450108-30547&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e&_mchWs=j1RR&_mchHo=go.gigamon.com&_mchPo=&_mchRu=%2Fpreference-center.html&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=http%3A%2F%2Fmkto-m0027.com%2F&_mchQp=utm_source%3DRansomware__-__utm_medium%3Demail__-__utm_campaign%3DRansomware4__-__utm_content%3DNurture__-__utm_term%3DRansomware__-__mkt_tok%3DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/162/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.28.144.124 , United States, ASN15224 (OMNITURE, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 16 Nov 2022 07:07:30 GMT Content-Encoding gzip Server nginx/1.20.1 Transfer-Encoding chunked Content-Type text/plain; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive X-Request-Id 58804327-cd63-4ee3-9424-d31666d0582b
GET H2	200	tags.js Show response x.clearbitjs.com/v1/pk_b132cd96807d0b8a9a93de49949f5dc1/ Redirect Chain https://x.clearbitjs.com/v1/pk_b132cd96807d0b8a9a93de49949f5dc1/clearbit.js https://x.clearbitjs.com/v1/pk_b132cd96807d0b8a9a93de49949f5dc1/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true	1 KB 598 B	173ms 173ms	Script application/javascript	18.135.18.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://x.clearbitjs.com/v1/pk_b132cd96807d0b8a9a93de49949f5dc1/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Server 18.135.18.21 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-135-18-21.eu-west-2.compute.amazonaws.com Software envoy / Resource Hash 3d3d9e602916871f2c3db476df5a39f6ecb8a843894f463f3fbf7f0996cb53b1 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload server envoy etag W/"6e6c2e0cfd8a076bd0593c9d4bd2a70c" vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control private, max-age=600 Redirect headers location https://x.clearbitjs.com/v1/pk_b132cd96807d0b8a9a93de49949f5dc1/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true date Wed, 16 Nov 2022 07:07:30 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff server envoy content-length 0 content-type text/html;charset=utf-8
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 8 KB	34ms 15ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 HNx4bdEmRgn5g09KulPi7w== age 27905 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 7151 x-ms-lease-status unlocked last-modified Mon, 14 Nov 2022 03:33:57 GMT server cloudflare etag 0x8DAC5F10FDD1A08 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 19cac252-901e-0118-0b86-f8b326000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 76ae63d9596c912b-FRA
GET H2	200	5fc926c9-20d0-43e4-8b00-fe761c3e5ba6.json Show response cdn.cookielaw.org/consent/5fc926c9-20d0-43e4-8b00-fe761c3e5ba6/	4 KB 2 KB	50ms 34ms	XHR application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/5fc926c9-20d0-43e4-8b00-fe761c3e5ba6/5fc926c9-20d0-43e4-8b00-fe761c3e5ba6.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d1db6323f1a318464d5da05930d4bf5fa4b83c3f56668724db74e852fb245f2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Saw9m4W2WDkKBqLxJNZJYw== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1594 x-ms-lease-status unlocked last-modified Sat, 30 Apr 2022 02:00:51 GMT server cloudflare etag 0x8DA2A4D40A37CFC vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id af556713-701e-001d-6356-f2010c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 76ae63d99ffb9171-FRA expires Thu, 17 Nov 2022 07:07:30 GMT
GET H2	200	6si.min.js Show response j.6sc.co/	30 KB 10 KB	33ms 9ms	Script application/javascript	96.16.137.162 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: mkto-m0027.com URL: http://mkto-m0027.com/ODkyLVdFUi0wNzgAAAGIG3DwryQ7HcM6HMGsJ7lgAsKCMvL9GWGqCq-dRBdbI2ZM5VDIcnQTCshMsF8Pe6V9Es2MPF8= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-137-162.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash aca17711b2bcab8335b7bd9c2880033b2aa69a0e9f33ce2e1a507dbb0f9cade3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 29 Sep 2022 20:55:46 GMT server nginx/1.14.0 (Ubuntu) etag "63360652-7700" vary Accept-Encoding content-type application/javascript cache-control private, no-cache, proxy-revalidate accept-ranges bytes content-length 9869 expires Wed, 16 Nov 2022 07:07:30 GMT
OPTIONS H2	200	domaingroupcheck cookies-data.onetrust.io/bannersdk/v1/ Frame	0 0	39ms 18ms	Preflight application/json	2606:4700::6812:ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers domainid,location,url Access-Control-Request-Method GET Origin https://go.gigamon.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers access-control-allow-headers domainId, url, location, Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With access-control-allow-methods GET, HEAD, OPTIONS access-control-allow-origin * cf-ray 76ae63d9fc3b925c-FRA content-length 0 content-type application/json date Wed, 16 Nov 2022 07:07:30 GMT server cloudflare vary Accept-Encoding
GET H2	200	domaingroupcheck Show response cookies-data.onetrust.io/bannersdk/v1/	17 B 85 B	34ms 34ms	XHR application/json	2606:4700::6812:ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1aabe1212b2f9cb8f6a547454bd4e5f4773485e3e001b327e501ba3e0e77cc7 Request headers location cdn.cookielaw.org Referer https://go.gigamon.com/ url go.gigamon.com accept-language de-DE,de;q=0.9 domainId 5fc926c9-20d0-43e4-8b00-fe761c3e5ba6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type application/json access-control-allow-origin * cf-ray 76ae63da0c53925c-FRA access-control-allow-headers Content-Type content-length 17
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	66 B 303 B	54ms 28ms	XHR application/json	2606:4700::6812:1a55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://go.gigamon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 76ae63d9ff8490ef-FRA access-control-allow-headers Content-Type
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.34.0/	348 KB 83 KB	16ms 16ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e88dafe889a514ea8b9b07747f53d08b66a473b7caa78645b4aa2167563651e7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 ywzctmjVIapkx83Pz3a+AQ== age 27899 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 84671 x-ms-lease-status unlocked last-modified Tue, 17 May 2022 16:31:35 GMT server cloudflare etag 0x8DA3822B5C4CCF6 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id d89fe3b5-901e-0071-140d-6aaadf000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 76ae63da2afc912b-FRA
GET H/1.1	200 OK	dest5.html Show response gigamon.demdex.net/ Frame 292A	7 KB 3 KB	984ms 238ms	Document text/html	54.155.40.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gigamon.demdex.net/dest5.html?d_nsid=0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.155.40.229 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-155-40-229.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://go.gigamon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 2791 Content-Type text/html;charset=UTF-8 DCS dcs-prod-irl1-2-v045-071cdea73.edge-irl1.demdex.com 0 ms Expires Thu, 01 Jan 1970 00:00:00 UTC P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID AzFwocfjTOg= content-encoding gzip date Wed, 16 Nov 2022 07:07:31 GMT last-modified Fri, 28 Oct 2022 13:34:31 GMT vary accept-encoding
GET H2	200	id Show response gigamon.sc.omtrdc.net/	2 B 266 B	425ms 155ms	XHR application/x-javascript	15.188.95.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gigamon.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=39F6555A58A470C30A495EF7%40AdobeOrg&mid=23132438840435754932831425401829973728&ts=1668582450297 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-188-95-229.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://go.gigamon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 16 Nov 2022 07:07:30 GMT x-content-type-options nosniff server jag vary Origin content-type application/x-javascript;charset=utf-8 access-control-allow-origin https://go.gigamon.com p3p CP="This is not a P3P policy" cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-length 2 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=Y3SMMgAAANOIMgNe dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=23510174351166213842878091043376771181 https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3SMMgAAANOIMgNe	42 B 942 B	172ms 172ms	Image image/gif	34.242.111.67 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3SMMgAAANOIMgNe Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol HTTP/1.1 Server 34.242.111.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-111-67.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v045-07bcfe959.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID N5DcgXB8TjA= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3SMMgAAANOIMgNe Date Wed, 16 Nov 2022 07:07:30 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
POST H2	200	delivery Show response gigamon.tt.omtrdc.net/rest/v1/	350 B 716 B	311ms 46ms	XHR application/json	63.32.162.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gigamon.tt.omtrdc.net/rest/v1/delivery?client=gigamon&sessionId=dcf9ece5167b445382d03d5de055ea06&version=2.9.0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.32.162.101 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-32-162-101.eu-west-1.compute.amazonaws.com Software / Resource Hash 212723c7f40b4dc56b275470b49204e8821c92fb800f16c8b0f67532096f9bc7 Request headers Referer https://go.gigamon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List vary origin,access-control-request-method,access-control-request-headers,accept-encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://go.gigamon.com access-control-allow-credentials true timing-allow-origin * x-request-id d2eafa1e93df4098e0b665117c60a738
GET H2	200	en.json Show response cdn.cookielaw.org/consent/5fc926c9-20d0-43e4-8b00-fe761c3e5ba6/4d5169dc-5b7b-4e2a-909e-dec0d5f5c7cf/	86 KB 17 KB	46ms 45ms	Fetch application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/5fc926c9-20d0-43e4-8b00-fe761c3e5ba6/4d5169dc-5b7b-4e2a-909e-dec0d5f5c7cf/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ba1c362ee0416d18e8737b399eb671ffad3326c66f2bed46277659238f3c8c3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 eX2U3PvNY71A9pbL6n4H6w== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 17586 x-ms-lease-status unlocked last-modified Sat, 30 Apr 2022 02:00:58 GMT server cloudflare etag 0x8DA2A4D45127023 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 2c4ee985-b01e-0104-46d6-f86b31000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 76ae63da79909171-FRA expires Thu, 17 Nov 2022 07:07:30 GMT
GET H2	200	forms2.js Show response app-abm.marketo.com/js/forms2/js/	569 KB 160 KB	244ms 32ms	Script application/x-javascript	104.16.93.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app-abm.marketo.com/js/forms2/js/forms2.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.93.80 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41fd9f04c42bb9a3fffdd869b041ae962cb69c0ceba8a3d51c6fa9df39b0aa83 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Tue, 04 Oct 2022 18:03:49 GMT server cloudflare age 4438 etag "32268a-8e45b-5ea394834ab40" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 76ae63dc0d89bbe6-FRA expires Wed, 16 Nov 2022 11:07:30 GMT
GET H2	200	bat.js Show response bat.bing.com/	38 KB 12 KB	242ms 33ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Wed, 16 Nov 2022 07:07:29 GMT last-modified Wed, 09 Nov 2022 21:23:50 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 3A53452C3D2442DB84D8723A016B3524 Ref B: FRA31EDGE0709 Ref C: 2022-11-16T07:07:30Z etag "077538f81f4d81:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 accept-ranges bytes content-length 11421
GET H2	200	destinations.min.js Show response x.clearbitjs.com/v2/pk_b132cd96807d0b8a9a93de49949f5dc1/	0 29 B	211ms 211ms	Script application/javascript	18.135.18.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://x.clearbitjs.com/v2/pk_b132cd96807d0b8a9a93de49949f5dc1/destinations.min.js Requested by Host: x.clearbitjs.com URL: https://x.clearbitjs.com/v1/pk_b132cd96807d0b8a9a93de49949f5dc1/clearbit.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.135.18.21 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-135-18-21.eu-west-2.compute.amazonaws.com Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT cache-control private, max-age=600 x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload server envoy content-length 0 content-type application/javascript;charset=utf-8
GET H2	200	tracking.min.js Show response x.clearbitjs.com/v2/pk_b132cd96807d0b8a9a93de49949f5dc1/	168 KB 45 KB	191ms 190ms	Script application/javascript	18.135.18.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://x.clearbitjs.com/v2/pk_b132cd96807d0b8a9a93de49949f5dc1/tracking.min.js Requested by Host: x.clearbitjs.com URL: https://x.clearbitjs.com/v1/pk_b132cd96807d0b8a9a93de49949f5dc1/clearbit.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.135.18.21 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-135-18-21.eu-west-2.compute.amazonaws.com Software envoy / Resource Hash 37933e51bb18ac03d9a14d370b2d087569db43700bfa357947c472da8b8c5072 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload server envoy vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control private, max-age=600
GET H2	200	otFloatingRounded.json Show response cdn.cookielaw.org/scripttemplates/6.34.0/assets/	10 KB 3 KB	42ms 42ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otFloatingRounded.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b2a793c91a6b4893ca1934faa1738d3fea531ba0f7bfbb4180c0abc7ccb6930 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 GnBP1Tj0YWr4Qdbm7JUdUA== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 2586 x-ms-lease-status unlocked last-modified Tue, 17 May 2022 16:31:25 GMT server cloudflare etag 0x8DA3822AFC3B334 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 63bc47c8-e01e-013e-6656-f22892000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 76ae63dc1ce89171-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/	53 KB 12 KB	33ms 32ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed075e6f14b250be3c4344953433b448b5bf72d3937bcf7cafc06bcab0d130ae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 NS4/Ql3sVfXAVIyb20II4w== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 12384 x-ms-lease-status unlocked last-modified Tue, 17 May 2022 16:31:27 GMT server cloudflare etag 0x8DA3822B13BA01A vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 0f57e843-e01e-009b-522a-f955de000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 76ae63dc1cec9171-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/6.34.0/assets/	21 KB 4 KB	17ms 17ms	Fetch text/css	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 16 Nov 2022 07:07:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 /wtHD+oYY7dZRzCx50GZrQ== age 46575 x-ms-lease-status unlocked last-modified Tue, 17 May 2022 16:31:39 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 7895ead7-101e-0102-4556-f29c49000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 76ae63dc1cef9171-FRA
GET H2	204	17486718.js Show response bat.bing.com/p/action/	0 137 B	122ms 121ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/17486718.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ARR/3.0 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 16 Nov 2022 07:07:29 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 4B0F70076D6A4E6B871D103D3D006C9F Ref B: FRA31EDGE0709 Ref C: 2022-11-16T07:07:30Z x-powered-by ARR/3.0 x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control private,max-age=1800
GET H2	204	0 bat.bing.com/action/	0 175 B	32ms 32ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=17486718&tm=al001&Ver=2&mid=b30ae04a-b84f-4e2d-bb06-24ae9e1bd804&sid=55f914b0657d11ed8e19bf1df6547437&vid=55f903c0657d11edb9595369b87da32e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Gigamon&p=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware%26mkt_tok%3DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e&r=http%3A%2F%2Fmkto-m0027.com%2F&lt=1924&pt=1668582448437,,,,,2,4,138,138,159,145,159,1115,1115,1117,1918,1918,1924,,,&pn=0,0&evt=pageLoad&sv=1&rn=232605 Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 16 Nov 2022 07:07:29 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 2734C023F82443A9B92F50F71929A00C Ref B: FRA31EDGE0709 Ref C: 2022-11-16T07:07:30Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 208 B	14ms 14ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=434619331&t=pageview&_s=1&dl=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware%26mkt_tok%3DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e&dr=http%3A%2F%2Fmkto-m0027.com%2F&ul=en-us&de=UTF-8&dt=Gigamon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAACAAI~&jid=345334071&gjid=1021468011&cid=1904637925.1668582450&tid=UA-4605772-1&_gid=151989960.1668582450&_r=1&_slc=1&z=746322990 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://go.gigamon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 16 Nov 2022 07:07:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.gigamon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga.js Show response ga.clearbit.com/v1/	4 KB 1 KB	264ms 206ms	Script application/javascript	18.171.23.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ga.clearbit.com/v1/ga.js?authorization=pk_b132cd96807d0b8a9a93de49949f5dc1 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.171.23.207 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-171-23-207.eu-west-2.compute.amazonaws.com Software envoy / Resource Hash 8036f5cfb25f40f4ddb0987abf70942179b26883236816ce8b67e9ac7ebcaa98 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:30 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload server envoy x-api-version 2018-03-28 vary Accept-Encoding content-type application/javascript;charset=utf-8 x-account-id 97bf1490-906f-4f60-970e-379b131b8ec2
GET DATA	200 OK	truncated /	817 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	poweredBy_ot_logo.svg cdn.cookielaw.org/logos/static/	3 KB 2 KB	15ms 14ms	Image image/svg+xml	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 16 Nov 2022 07:07:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 LpuayL42jB78xRllx0vkOw== age 27904 x-ms-lease-status unlocked last-modified Mon, 14 Nov 2022 03:33:58 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 6c0b8d14-301e-0173-7f8d-f8ee70000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 76ae63dcdfdc912b-FRA
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 441 B	454ms 24ms	XHR text/plain	2a00:1450:400c:c0b::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4605772-1&cid=1904637925.1668582450&jid=345334071&gjid=1021468011&_gid=151989960.1668582450&_u=aGDACEAABAAAACAAI~&z=1766820994 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://go.gigamon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 16 Nov 2022 07:07:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.gigamon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	s88678334505480 gigamon.sc.omtrdc.net/b/ss/gigaem.esntls/1/JS-2.22.4-LCXS/	43 B 201 B	109ms 109ms	Image image/gif	15.188.95.229 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://gigamon.sc.omtrdc.net/b/ss/gigaem.esntls/1/JS-2.22.4-LCXS/s88678334505480?AQB=1&ndh=1&pf=1&t=16%2F10%2F2022%207%3A7%3A30%203%200&sdid=3769924BC9AD6FE6-7B0C6FC4C204DF3F&mid=23132438840435754932831425401829973728&aamlh=6&ce=UTF-8&pageName=no%20page%20name%20found&g=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware%26mkt_tok%3DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFE&r=http%3A%2F%2Fmkto-m0027.com%2F&cc=USD&ch=no%20site%20section%20found&v0=Ransomware%7Cemail%7CRansomware4%7CNurture%7CRansomware&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=D%3DpageName&v2=D%3Dg&c4=no%20page%20type%20found&v14=%28No%20Reveal%29&v15=%28No%20Reveal%29&v16=%28No%20Reveal%29&v17=%28No%20Reveal%29&v19=%28No%20Reveal%29&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=QS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e&mcorgid=39F6555A58A470C30A495EF7%40AdobeOrg&AQE=1 Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-188-95-229.eu-west-3.compute.amazonaws.com Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Wed, 16 Nov 2022 07:07:30 GMT x-content-type-options nosniff last-modified Thu, 17 Nov 2022 07:07:30 GMT server jag etag 3583253527137681408-4619703452805549676 vary * p3p CP="This is not a P3P policy" access-control-allow-origin * content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0, no-transform, private content-length 43 x-xss-protection 1; mode=block expires Tue, 15 Nov 2022 07:07:30 GMT
POST H2	200	p Show response app.clearbit.com/v1/	16 B 1 KB	548ms 202ms	XHR application/json	18.135.18.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.clearbit.com/v1/p Requested by Host: x.clearbitjs.com URL: https://x.clearbitjs.com/v2/pk_b132cd96807d0b8a9a93de49949f5dc1/tracking.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.135.18.21 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-135-18-21.eu-west-2.compute.amazonaws.com Software envoy / Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://go.gigamon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers date Wed, 16 Nov 2022 07:07:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload server envoy vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin https://go.gigamon.com content-security-policy-report-only default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://api.segment.io https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self'; img-src 'self' data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; access-control-allow-credentials true access-control-allow-headers Authorization, API-Version, Content-Type
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	15ms 14ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=434619331&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware%26mkt_tok%3DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e&dr=http%3A%2F%2Fmkto-m0027.com%2F&ul=en-us&de=UTF-8&dt=Gigamon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=Enriched&el=Clearbit%20Enriched&_u=aHDACEADBAAAACAAI~&jid=1852887431&gjid=1472524025&cid=1904637925.1668582450&tid=UA-4605772-1&_gid=151989960.1668582450&_r=1&cd1=isp&z=205499205 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://go.gigamon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 16 Nov 2022 07:07:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.gigamon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 7ms	Image image/gif	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&a=434619331&t=event&ni=1&_s=2&dl=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware%26mkt_tok%3DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e&dr=http%3A%2F%2Fmkto-m0027.com%2F&ul=en-us&de=UTF-8&dt=Gigamon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=Enriched&el=Clearbit%20Enriched&_u=aHDACEADBAAAACAAI~&jid=&gjid=&cid=1904637925.1668582450&tid=UA-4605772-1&_gid=151989960.1668582450&cd1=isp&z=233623667 Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Tue, 15 Nov 2022 20:27:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 38428 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	sl.js Show response scout-cdn.salesloft.com/	6 KB 3 KB	229ms 16ms	Script application/javascript	2606:4700::6812:df5a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scout-cdn.salesloft.com/sl.js Requested by Host: mkto-m0027.com URL: http://mkto-m0027.com/ODkyLVdFUi0wNzgAAAGIG3DwryQ7HcM6HMGsJ7lgAsKCMvL9GWGqCq-dRBdbI2ZM5VDIcnQTCshMsF8Pe6V9Es2MPF8= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:df5a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT x-amz-version-id 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc content-encoding br cf-cache-status HIT strict-transport-security max-age=0 x-amz-request-id HZJ761PC0HH3VMMR age 2618 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 dvVv//zyFmukwIAlsFVWsd4KTkr4e1UY3Sd6wvG7mtSeN1Np5WLlXuCBaBQFZLJc/wePe8E6EbQ= last-modified Mon, 13 Dec 2021 16:28:37 GMT server cloudflare etag W/"d74cc4825c8e333b2116da3fcc649db1" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=14400 cf-ray 76ae63df983b68fe-FRA expires Wed, 16 Nov 2022 11:07:31 GMT
GET H2	200	forms2.css go.gigamon.com/js/forms2/css/	13 KB 3 KB	329ms 329ms	Stylesheet text/css	104.17.70.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.gigamon.com/js/forms2/css/forms2.css Requested by Host: go.gigamon.com URL: https://go.gigamon.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.70.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 04 Oct 2022 18:03:49 GMT server cloudflare etag "4814e9-3437-5ea394834ab40" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 accept-ranges bytes cf-ray 76ae63de9a039031-FRA content-length 2623 expires Wed, 16 Nov 2022 11:07:31 GMT
GET H2	200	forms2-theme-simple.css go.gigamon.com/js/forms2/css/	826 B 385 B	134ms 133ms	Stylesheet text/css	104.17.70.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.gigamon.com/js/forms2/css/forms2-theme-simple.css Requested by Host: go.gigamon.com URL: https://go.gigamon.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.70.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c Security Headers Name Value Strict-Transport-Security max-age=63113904 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63113904 last-modified Tue, 04 Oct 2022 18:03:49 GMT server cloudflare cf-cache-status MISS etag "322684-33a-5ea394834ab40" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 accept-ranges bytes cf-ray 76ae63de9a089031-FRA content-length 242 expires Wed, 16 Nov 2022 11:07:31 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	24ms 23ms	XHR text/plain	2a00:1450:400c:c0b::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4605772-1&cid=1904637925.1668582450&jid=1852887431&gjid=1472524025&_gid=151989960.1668582450&_u=aHDACEADBAAAACAAI~&z=831657232 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://go.gigamon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 16 Nov 2022 07:07:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.gigamon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	42ms 19ms	Image image/gif	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4605772-1&cid=1904637925.1668582450&jid=345334071&_u=aGDACEAABAAAACAAI~&z=1447303175 Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Wed, 16 Nov 2022 07:07:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	49ms 22ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4605772-1&cid=1904637925.1668582450&jid=345334071&_u=aGDACEAABAAAACAAI~&z=1447303175 Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Wed, 16 Nov 2022 07:07:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	r Show response scout.salesloft.com/	41 B 402 B	294ms 93ms	XHR application/json	54.160.109.99 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDEzNTB9.WMfPsOO7_onkPSjHoloulOWneH55r0TIi2W9PLjZC8c Requested by Host: scout-cdn.salesloft.com URL: https://scout-cdn.salesloft.com/sl.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.160.109.99 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-160-109-99.compute-1.amazonaws.com Software / Resource Hash aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT strict-transport-security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://go.gigamon.com access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true content-length 41 x-request-id 92a6799897afccec7c448e9e0d2fe0db
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	40ms 21ms	Image image/gif	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4605772-1&cid=1904637925.1668582450&jid=1852887431&_u=aHDACEADBAAAACAAI~&z=1453541729 Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Wed, 16 Nov 2022 07:07:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	46ms 23ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4605772-1&cid=1904637925.1668582450&jid=1852887431&_u=aHDACEADBAAAACAAI~&z=1453541729 Requested by Host: go.gigamon.com URL: https://go.gigamon.com/preference-center.html?utm_source=Ransomware&utm_medium=email&utm_campaign=Ransomware4&utm_content=Nurture&utm_term=Ransomware&mkt_tok=ODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Wed, 16 Nov 2022 07:07:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i Show response scout.salesloft.com/	48 B 510 B	94ms 93ms	XHR application/json	54.160.109.99 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://scout.salesloft.com/i Requested by Host: scout-cdn.salesloft.com URL: https://scout-cdn.salesloft.com/sl.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.160.109.99 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-160-109-99.compute-1.amazonaws.com Software / Resource Hash 63f00b356afb93062d1fc8000e71e7532164a81ddbc6813c855fa15fafdd879f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT strict-transport-security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://go.gigamon.com access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true content-length 48 x-request-id f5d29467a82a7184aabf22e464facd18
GET H/1.1	200 OK	getuidj Show response secure.adnxs.com/	11 B 702 B	60ms 14ms	XHR application/json	185.89.210.46 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/getuidj Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Pragma no-cache Date Wed, 16 Nov 2022 07:07:31 GMT AN-X-Request-Uuid 463630f1-123d-4ee3-9518-8ec036cab720 Server nginx/1.21.3 Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://go.gigamon.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 138.199.38.134; 138.199.38.134; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 11 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response c.6sc.co/	7 B 201 B	12ms 10ms	XHR text/html	96.16.137.162 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-137-162.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/html access-control-allow-origin https://go.gigamon.com access-control-allow-credentials true access-control-allow-headers * content-length 7
GET H2	200	/ Show response ipv6.6sc.co/	35 B 279 B	34ms 8ms	XHR text/html	2a02:26f0:480:381::1c91 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:381::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c3f84c240cc32dd2fe7b03bce8e48a6bfda07f3433a165e2de1bee7ee39c760a Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Wed, 16 Nov 2022 07:07:31 GMT vary Origin content-type text/html access-control-allow-origin https://go.gigamon.com cache-control max-age=0, no-cache, no-store 6si-ipv6 2a02:6ea0:c71b:0:1012:ddb:e0a6:fad0 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 35 expires Wed, 16 Nov 2022 07:07:31 GMT
GET H2	200	RC9e98b75462d942ebb8ca94290788076c-source.min.js Show response assets.adobedtm.com/c82e2088a759/3b64889e0c2d/39c7bf9bc915/	619 B 645 B	13ms 12ms	Script application/x-javascript	2a02:26f0:480:284::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/39c7bf9bc915/RC9e98b75462d942ebb8ca94290788076c-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:284::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 974e4ee04ce0655e4add5e77959713d30c08feab7a5789ba11e0f8ea47ee1f2d Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT content-encoding gzip last-modified Thu, 10 Nov 2022 17:55:43 GMT server AkamaiNetStorage etag "506fc657edc037f9cb2b0efd44adf2aa:1668102943.560178" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://go.gigamon.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 381 expires Wed, 16 Nov 2022 08:07:31 GMT
GET H2	200	RC29f41d09594e405c8f49a801e69249af-source.min.js Show response assets.adobedtm.com/c82e2088a759/3b64889e0c2d/39c7bf9bc915/	1 KB 939 B	13ms 12ms	Script application/x-javascript	2a02:26f0:480:284::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/39c7bf9bc915/RC29f41d09594e405c8f49a801e69249af-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:284::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 0ae9e3048c3c35f6075f865069cb5b9edc6770d02cacce6895b71eb677317960 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT content-encoding gzip last-modified Thu, 10 Nov 2022 17:55:43 GMT server AkamaiNetStorage etag "506fc657edc037f9cb2b0efd44adf2aa:1668102943.560178" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://go.gigamon.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 675 expires Wed, 16 Nov 2022 08:07:31 GMT
GET H2	200	RCc07816b3ccd0443a9dca6fd7d0be5edd-source.min.js Show response assets.adobedtm.com/c82e2088a759/3b64889e0c2d/39c7bf9bc915/	1 KB 998 B	13ms 13ms	Script application/x-javascript	2a02:26f0:480:284::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/39c7bf9bc915/RCc07816b3ccd0443a9dca6fd7d0be5edd-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:284::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 4f7bed989ad88290842d5b324c8de1945bdca6bece2120386fb9d97e65af99a5 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT content-encoding gzip last-modified Thu, 10 Nov 2022 17:55:43 GMT server AkamaiNetStorage etag "506fc657edc037f9cb2b0efd44adf2aa:1668102943.560178" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://go.gigamon.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 734 expires Wed, 16 Nov 2022 08:07:31 GMT
GET H2	200	up Show response insight.adsrvr.org/track/ Frame 43FB	0 182 B	118ms 33ms	Document text/html	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insight.adsrvr.org/track/up?adv=saipq4q&ref=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware%26mkt_tok%3DODkyLVdFUi0wNzgAAAGIG3Dwr4Xpd6YMn33E8oki5sw76S9ZRPYAFF3Dz7trrmYMXiiaJ0x77D5XBnKuAKGxXXnqPDm5O6wFEQS9ofsFyuv_k2ypwrnEc_V7s6Fs0HOWRD0e&upid=y0gkr84&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://go.gigamon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private,no-cache, must-revalidate content-type text/html date Wed, 16 Nov 2022 07:07:31 GMT p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" pragma no-cache x-aspnet-version 4.0.30319
GET H2	200	js Show response www.googletagmanager.com/gtag/	214 KB 75 KB	76ms 25ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8TBBTSEV1P Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/c82e2088a759/3b64889e0c2d/launch-998be3cabc13.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9a4b51698f39215303ab9e26b0bbb3f99d514a1965a1a6b9e6006cf6ece216d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76533 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 16 Nov 2022 07:07:31 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	184ms 183ms	Image image/gif	96.16.137.162 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4f8940777f901846f0ca8e9c86cb925a&svisitor=null&visitor=880387f9-f05d-40bf-813a-873f6e3df620&session=5aade652-351f-45c7-81d7-3e17f39b1e36&event=ipv6&q=%7B%22address%22%3A%222a02%3A6ea0%3Ac71b%3A0%3A1012%3Addb%3Ae0a6%3Afad0%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Gigamon%22%7D&cb=&r=http%3A%2F%2Fmkto-m0027.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware&pageViewId=53cd2058-0197-4b31-87bf-65ba3b21930c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-137-162.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 494 B	184ms 184ms	Image image/gif	96.16.137.162 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4f8940777f901846f0ca8e9c86cb925a&svisitor=null&visitor=880387f9-f05d-40bf-813a-873f6e3df620&session=5aade652-351f-45c7-81d7-3e17f39b1e36&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2016%20Nov%202022%2007%3A07%3A30%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Gigamon%22%7D&cb=&r=http%3A%2F%2Fmkto-m0027.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware&pageViewId=53cd2058-0197-4b31-87bf-65ba3b21930c&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-137-162.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu) etag "60bb2e15-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 346 B	37ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-8TBBTSEV1P&gtm=2oeb90&_p=434619331&cid=1904637925.1668582450&ul=en-us&sr=1600x1200&_s=1&sid=1668582451&sct=1&seg=0&dl=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware&dr=http%3A%2F%2Fmkto-m0027.com%2F&dt=Gigamon&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8TBBTSEV1P Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Wed, 16 Nov 2022 07:07:31 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.gigamon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	l5m.js Show response d2ft3xf0i1jq1c.cloudfront.net/	261 KB 78 KB	37ms 8ms	Script application/javascript	2600:9000:2491:8600:5:5a7c:e400:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ft3xf0i1jq1c.cloudfront.net/l5m.js Requested by Host: mkto-m0027.com URL: http://mkto-m0027.com/ODkyLVdFUi0wNzgAAAGIG3DwryQ7HcM6HMGsJ7lgAsKCMvL9GWGqCq-dRBdbI2ZM5VDIcnQTCshMsF8Pe6V9Es2MPF8= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:8600:5:5a7c:e400:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f5aca4287b01a75b27ddd18dc06a8090a94f274f8bd8e4180036671982f5d93b Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:04 GMT content-encoding gzip via 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront) last-modified Mon, 10 Oct 2022 22:18:51 GMT server AmazonS3 x-amz-cf-pop FRA56-P7 age 28 etag "b2184ec1151d055fcd8677c11bfda055" x-amz-meta-sha256 f3efe21d5ba5fdbc20543217352131c74068c8f50331d13dd5fc4a6265689eee content-type application/javascript x-cache Hit from cloudfront cache-control 315360000 content-length 79254 x-amz-cf-id Y7JYd8Cr3RaBRJ_E6HXY3XuCDgPuJzfaZg6lEcI_E1rSFRK63MpNgg== x-amz-meta-s3b-last-modified 20221010T220436Z
GET H2	200	iu3bua46tv44.js Show response js.driftt.com/include/1668582600000/	211 KB 60 KB	170ms 143ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/include/1668582600000/iu3bua46tv44.js Requested by Host: mkto-m0027.com URL: http://mkto-m0027.com/ODkyLVdFUi0wNzgAAAGIG3DwryQ7HcM6HMGsJ7lgAsKCMvL9GWGqCq-dRBdbI2ZM5VDIcnQTCshMsF8Pe6V9Es2MPF8= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash f1709c86b86ce2dd0fd2e8b213ee88a314ff65973d2a30ef61b177af11737c10 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT x-amz-version-id TJ2oGWkjC02j1avGRhQbessD.UwbtIaC content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront last-modified Tue, 15 Nov 2022 00:04:31 GMT server nginx etag W/"c22dd0c661aa0f015202f5665af0db08" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id F4QuN2aM2aHAb-pHfn5FOT10qRHHmNVJTsghizmv82ZNHewaR1OkLQ==
GET H2	200	details Show response epsilon.6sense.com/v3/company/	550 B 463 B	32ms 11ms	XHR application/json	52.58.186.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.186.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-186-52.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 8de78f8e7df4fb40076aaf25c368594d6872e1ed65e1f4693234f630d9e5f18d Request headers Referer https://go.gigamon.com/ accept-language de-DE,de;q=0.9 Authorization Token ddf12392dbe4d5adfc648c6b186ba049c40f03c4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:31 GMT content-encoding gzip server nginx vary Accept-Encoding content-type application/json access-control-allow-origin https://go.gigamon.com access-control-allow-credentials true content-length 279
OPTIONS H2	200	details epsilon.6sense.com/v3/company/ Frame	0 0	53ms 10ms	Preflight	52.58.186.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.186.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-186-52.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://go.gigamon.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization access-control-allow-methods OPTIONS,GET access-control-allow-origin https://go.gigamon.com access-control-max-age 1800 date Wed, 16 Nov 2022 07:07:31 GMT server nginx
POST H2	200	tp2 Show response id.layerfive.com/com.snowplowanalytics.snowplow/	2 B 339 B	316ms 104ms	XHR text/plain	3.18.161.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.layerfive.com/com.snowplowanalytics.snowplow/tp2 Requested by Host: d2ft3xf0i1jq1c.cloudfront.net URL: https://d2ft3xf0i1jq1c.cloudfront.net/l5m.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.18.161.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-18-161-20.us-east-2.compute.amazonaws.com Software akka-http/10.1.10 / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://go.gigamon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers access-control-allow-origin https://go.gigamon.com date Wed, 16 Nov 2022 07:07:32 GMT access-control-allow-credentials true p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" server akka-http/10.1.10 content-length 2 content-type text/plain; charset=UTF-8
OPTIONS H2	200	tp2 id.layerfive.com/com.snowplowanalytics.snowplow/ Frame	0 0	364ms 110ms	Preflight	3.18.161.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.layerfive.com/com.snowplowanalytics.snowplow/tp2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.18.161.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-18-161-20.us-east-2.compute.amazonaws.com Software akka-http/10.1.10 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://go.gigamon.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type access-control-allow-origin https://go.gigamon.com access-control-max-age 5 content-length 0 date Wed, 16 Nov 2022 07:07:32 GMT server akka-http/10.1.10
GET H2	200	core Show response js.driftt.com/ Frame 373D	2 KB 1 KB	114ms 110ms	Document text/html	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1668582600000/iu3bua46tv44.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 879367b60f3fc42c89bad26ece25ba576c7d8647162d4deadaff329362b78da0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://go.gigamon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache content-encoding gzip content-type text/html; charset=utf-8 date Wed, 16 Nov 2022 07:07:32 GMT etag W/"ce593bfd8b320eb0dee5c6fd199bafd3" last-modified Tue, 15 Nov 2022 00:04:40 GMT server nginx strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-id RqOL-AoI75LkAY3roK2EKPu18YD68KarMCWulgiDsOI2Wjh4eRfwpA== x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-amz-version-id r0OiJsMh.qIhatCSayp5EoYhJlGyjpps x-cache RefreshHit from cloudfront
GET H2	200	chat Show response js.driftt.com/core/ Frame 6FDD	2 KB 1 KB	152ms 150ms	Document text/html	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1668582600000/iu3bua46tv44.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 879367b60f3fc42c89bad26ece25ba576c7d8647162d4deadaff329362b78da0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://go.gigamon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache content-encoding gzip content-type text/html; charset=utf-8 date Wed, 16 Nov 2022 07:07:32 GMT etag W/"ce593bfd8b320eb0dee5c6fd199bafd3" last-modified Tue, 15 Nov 2022 00:04:40 GMT server nginx strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-id c6aoIqKskbyNgSI6ISNOwm-Jw5LbTzkdLfAoN5z9IFdmdgy-JpheUg== x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-amz-version-id r0OiJsMh.qIhatCSayp5EoYhJlGyjpps x-cache RefreshHit from cloudfront
GET H2	200	runtime~main.2b2e8dac.js Show response js.driftt.com/core/assets/js/ Frame 373D	6 KB 3 KB	49ms 8ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash a96d215091479e9a19eafd856c668be5497590106d2c46fa893924f07c607676 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware Origin https://js.driftt.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 15 Nov 2022 00:04:39 GMT x-amz-version-id ausE8n2J72mwgSinCrtfgSzuoX52Hznr content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 111773 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 14 Nov 2022 23:58:34 GMT server nginx etag W/"92996efdb701d9ab8c2ce8c6b6caccc6" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id rZrQDKa02_gfAUeU7fPMdv0zkhvxgDloQnJAHY8CKKGYGkA1LkPOXw==
GET H2	200	8.611ead2e.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	35 KB 13 KB	50ms 9ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware Origin https://js.driftt.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 09 Jun 2022 19:59:49 GMT x-amz-version-id _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 13777663 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 09 Jun 2022 14:58:14 GMT server nginx etag W/"6aa29962f34a8e117268142c7cc1cc3d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id tx5Sj4NuhP_ds70nYKf4-nCh2mItCN0KSuoWk7u8VqIqaod0wQRtFw==
GET H2	200	main~493df0b3.d3ac7d8e.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	7 KB 3 KB	50ms 9ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/main~493df0b3.d3ac7d8e.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 7ad9ef3a4bc35c8e26b515b58bfa16be478746a7716c91b69c5d53222986f959 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware Origin https://js.driftt.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 28 Oct 2022 16:30:47 GMT x-amz-version-id 1PMN2YZru9S0WwHo36rIqDOML6PItZQh content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1607805 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 28 Oct 2022 15:57:23 GMT server nginx etag W/"f953d4d3bced33e843c6d5f9a6da145f" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id NwolD8QeR7gs-m08bwl9CHOxu2febVeCJDseLv-_gkhcdClO8LZ7HA==
GET H2	200	runtime~main.2b2e8dac.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	6 KB 3 KB	18ms 10ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash a96d215091479e9a19eafd856c668be5497590106d2c46fa893924f07c607676 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 Origin https://js.driftt.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 15 Nov 2022 00:04:39 GMT x-amz-version-id ausE8n2J72mwgSinCrtfgSzuoX52Hznr content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 111773 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 14 Nov 2022 23:58:34 GMT server nginx etag W/"92996efdb701d9ab8c2ce8c6b6caccc6" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id zcEifVGcOyJhqsPLrSyeNH5pQXeG9k3p8lQp9esOdgaoxW7hv6Tf1w==
GET H2	200	8.611ead2e.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	35 KB 13 KB	18ms 11ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 Origin https://js.driftt.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 09 Jun 2022 19:59:49 GMT x-amz-version-id _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 13777663 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 09 Jun 2022 14:58:14 GMT server nginx etag W/"6aa29962f34a8e117268142c7cc1cc3d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id kGTHg1-4-FnZoclCB6rcreANGTfbD4SEoJQ2_N4lpglwRNbiDjVEBg==
GET H2	200	main~493df0b3.d3ac7d8e.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	7 KB 3 KB	19ms 12ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/main~493df0b3.d3ac7d8e.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 7ad9ef3a4bc35c8e26b515b58bfa16be478746a7716c91b69c5d53222986f959 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 Origin https://js.driftt.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 28 Oct 2022 16:30:47 GMT x-amz-version-id 1PMN2YZru9S0WwHo36rIqDOML6PItZQh content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1607805 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 28 Oct 2022 15:57:23 GMT server nginx etag W/"f953d4d3bced33e843c6d5f9a6da145f" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id wdoysGF2Wow0Tt2Nsc5ZYYRU68KTuAnvMozqeV8PONnU_VI5PKAUmw==
GET H2	200	49.b6336d11.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	23 KB 8 KB	28ms 13ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 1cb2a3ed712d8fcfa64505237ae54ffe9f2f5d293f371f40871d830891568b88 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:00:24 GMT x-amz-version-id tFkawZ7Fd.jveKk2Q_grwX_qW9zyzYsf content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 2822828 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 14 Oct 2022 14:29:30 GMT server nginx etag W/"8004ba5ba9fc99e5c559490658a3863f" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id C3QLyXxzPl5BNmNmr7GLhuyDbmBLtoUpUQZvTVyzVb9lJdqCK0IPAA==
GET H2	200	33.ae4de0a0.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	36 KB 10 KB	28ms 14ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/33.ae4de0a0.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:00:24 GMT x-amz-version-id HixqumxK82A.kHDuHBPfmn6VAN6aPH4h content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 2822828 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 14 Oct 2022 14:29:30 GMT server nginx etag W/"db0cd5b66c52523e10b87a0c8a2db182" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id hlAGhh3YRot7zNV947Z_QWSoIUm_bdvrOkqABKUANLNT_cDq2dEkVg==
GET H2	200	23.60057654.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	32 KB 11 KB	29ms 14ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/23.60057654.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 489eb2769765657c9325f65117f5c7b87ffc4eab547622608c12c8f6fd60df1b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:00:24 GMT x-amz-version-id A.jwRfFHKkUyhAxHnaTtscpVGcKmzGah content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 2822828 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 14 Oct 2022 14:29:29 GMT server nginx etag W/"0e963aeeee70e63f5078955e6db860f3" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id -m9NLdp2xULR1dT-RrB5mIpyUYCFlsjG_VFSNB4Ar67Lp8G5VZeN-w==
GET H2	200	18.2ab31195.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	17 KB 5 KB	29ms 15ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/18.2ab31195.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash a0da3cdc4c400e5e5030c733b68bff8fddc8c4c82c2432330fa8cb858b16bd85 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 29 Oct 2022 01:24:42 GMT x-amz-version-id j4jJT.0DNiEfhPFz6.1hx2AtFTUpNBZz content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1575770 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 28 Oct 2022 15:57:20 GMT server nginx etag W/"09e4a870348ecb960c5807c49bbf0c16" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id K9cm0j7y-tDo-ZZUP46bTVqFlr1I8U-W6ZshfcFYSfWSN3fWoU728A==
GET H2	200	40.5fa801cd.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	25 KB 8 KB	31ms 18ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/40.5fa801cd.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 759a08226cc8d5a5a89c64b7f814457ee6191384f30e4dc9cd123aaf279003fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sun, 30 Oct 2022 00:24:39 GMT x-amz-version-id ZGtJfEWa_xLDh.3_Sm0.6L8ahZc2GhtT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1492973 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 28 Oct 2022 15:57:21 GMT server nginx etag W/"e7d37d5ffc01767c10d8677c65ead60b" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id grkKNmd4qFWMDeJXioiedX9djRFUI46XvT3imUoPhLxofPuKftaR6g==
GET H2	200	20.8c21ea18.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	74 KB 23 KB	32ms 18ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 06 Jul 2022 11:53:35 GMT x-amz-version-id DvU1VknvadEMM0li2kjSs2rGEgsC.2zC content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 11474037 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 01 Jul 2022 20:20:56 GMT server nginx etag W/"6d77a76055d81227033363af2f18caf8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id c_XsaBSjmneDtKsAkOS-wxgGMSrS6FGAnIW_u7cEUgcTYxxE-FmDww==
GET H2	200	25.8f107198.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	59 KB 19 KB	32ms 19ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/25.8f107198.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 27 Jun 2022 07:26:46 GMT x-amz-version-id eI68DKvvjxiDbX_K1dX4xe2PNV6BS0F2 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 12267646 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 17 Jun 2022 14:39:27 GMT server nginx etag W/"e2511c69e5bdc03467952abaccdb5383" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id QSx5LvwJZH6lhaB6BiNxP2X8tMzYB59tLkpOHTeqyBy3rABxJzWNOA==
GET H2	200	13.3e86f1f6.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	91 KB 28 KB	33ms 21ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 27 Jun 2022 07:26:46 GMT x-amz-version-id 2rH9Vw5zwyFjPSSMs.YwDeMiE5sBqg4r content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 12267646 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 17 Jun 2022 14:39:26 GMT server nginx etag W/"fdee1a560ca08e3d3702e14d8f1f0b82" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id sDxPEn6MNmr6VZO1PwEqymmzRY54xKCY83d1IUPLGu__wamAWAbjAQ==
GET H2	200	11.639238ba.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	23 KB 7 KB	38ms 26ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/11.639238ba.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sun, 18 Sep 2022 01:32:02 GMT x-amz-version-id 41Rj_7QKP59w2WnODlMWAa6QFTo_5uBY content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 5117730 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 16 Sep 2022 16:12:57 GMT server nginx etag W/"4049f38c00add1738dc4806148ff8829" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 6Vwi_HnoMJzl6r6NCGU_VBUgTtS8_GIK9HXP4fr4qpirIWxcm_scMg==
GET H2	200	16.fde6fa28.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	62 KB 20 KB	39ms 27ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 30 Aug 2022 01:42:02 GMT x-amz-version-id 4419YFPoRA1JyzCepHPPe9MgW2odb2j5 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 6758729 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 25 Aug 2022 21:13:15 GMT server nginx etag W/"90795af8c950a50300cf801b300db7ab" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 95g4JOKmie-0Tt2Thc2uXs4Dnp7HiYb72BRYqG6sTrLJWTGtUzShpA==
GET H2	200	47.9d4808ed.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	105 KB 34 KB	39ms 28ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/47.9d4808ed.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 20997bd3984886e845f5a5e0d036f9808a5e30051f219705ef4e6ef1ef1b0f55 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 01 Nov 2022 03:29:14 GMT x-amz-version-id 5.qlQZugXZmIeUzMQ5iuiZuCWncn2USj content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1309098 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 31 Oct 2022 16:19:37 GMT server nginx etag W/"dfc66008c702c40fea0587f735010013" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 84gz8NBzF51Ol-bDlN_z_peojilzfgkWFAcUSjcXvVE0y2bras6VYg==
GET H2	200	38.5941b51c.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	12 KB 4 KB	40ms 29ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/38.5941b51c.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 62eb2106959f57e67d6a5209dc51af437b7b61a4256fd93b1a822e4d606ef9ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 02:07:00 GMT x-amz-version-id d8TIPZmWDWO9Yh1PxV831Dnon8d0661F content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1054832 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 04 Nov 2022 00:27:55 GMT server nginx etag W/"aa24724b97a516c589a05bc577d15db9" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id MVMQ-NPG2dWzNoDbqNp51Feb-6w4I65Lvewp_WuElbSIMEbDF_qm9Q==
GET H2	200	28.190877b8.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	13 KB 6 KB	41ms 30ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/28.190877b8.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 01:21:41 GMT x-amz-version-id XNe27IyH0CuVErKbmWDfSMo019HBMs8f content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1057551 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 04 Nov 2022 00:27:54 GMT server nginx etag W/"94c7e7cb2f40e10abeee8e28c0f68eb7" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id TBJQ8hptZojVGTTW5WqlG_qhog4zD5hremXVeIe1v8-WY7JlHsFO_w==
GET H2	200	21.b8c41db9.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	17 KB 7 KB	42ms 31ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 27 Oct 2022 05:08:55 GMT x-amz-version-id EYZ7uhLGB_IusLdu9MjAoVbxz3x8SiAp content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1735117 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 26 Oct 2022 23:22:49 GMT server nginx etag W/"65e5c965272e021ae33ff8bc39565ef5" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 3jk-Lf_V4r0I6MWwv1WxUksp4CLasv0VrwHkm8p__9nki3Yt3tI6RQ==
GET H2	200	9.7980313a.chunk.css js.driftt.com/core/assets/css/ Frame 6FDD	14 KB 3 KB	16ms 6ms	Stylesheet text/css	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/9.7980313a.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 146b085fcb240a04c301d265173b47e2794d3fd86c26ccb986ca01095fe8f847 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 30 Sep 2022 08:00:43 GMT x-amz-version-id pYz13ynN1RmHsYVNLJx0AFxc0UfReNe_ content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 4057609 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 29 Sep 2022 20:45:23 GMT server nginx etag W/"97ab5d7bf24ef1c4f1e14801b9a510ed" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id QZpKwOnFzBa7BEk4wgsOAMiC32ZAGC5BhDWiN7Ey4XS_RE8O26oUrQ==
GET H2	200	9.cc859315.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	78 KB 25 KB	43ms 32ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/9.cc859315.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash d8bda1b0af6b698fff3f612170c79a39e2fb3ed9c4d5acd8edb34c24b746d4d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 20:02:03 GMT x-amz-version-id DbHa5NGznlWoo7NhUiJ3GTlZi3VjXZvj content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 126329 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 14 Nov 2022 19:29:21 GMT server nginx etag W/"eae19071cebafe967627e045c973da82" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id jq-aBDGOhM-N5N-uH1455SvhGmeF7i1c6kTrMw5kq4nbPH_58McKSw==
GET H2	200	15.22abfce0.chunk.css js.driftt.com/core/assets/css/ Frame 6FDD	24 B 667 B	22ms 12ms	Stylesheet text/css	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 03 Oct 2022 11:02:35 GMT x-amz-version-id 4HaliywZLTbWidTr9jxerhwMhVKcNAWE via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA56-P5 age 3787497 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 24 last-modified Wed, 08 Jun 2022 17:19:34 GMT server nginx etag "0c5dad92482d9a7c7c253510f5082465" access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id QWoPSaL2VdOnXv-9ZSMd-38nXiIod7oVbh9_1aw7zuPkeL7Qg5zJsw==
GET H2	200	15.6bdacb6c.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	82 KB 21 KB	44ms 34ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/15.6bdacb6c.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash e062929f824821658cccc9ed57ad5fa184d4bd35691565be09d8701530046d24 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 20:02:03 GMT x-amz-version-id 4ECyK_L7Yd8JnonguQEgB1Ucy9o2b9KG content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 126329 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 14 Nov 2022 19:29:18 GMT server nginx etag W/"8c943a6c9d92434fdbe5ee9bfc2d54a5" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id t36TaXMVWzKz1u088_SbngPuLzWMGy9wvpyeiXKfenh0QMJ2sDRCIQ==
GET H2	200	24.721cb0e2.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	49 KB 13 KB	45ms 36ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/24.721cb0e2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 9b3b61d4115b7a54323c83d2d497c5466be0909a1e2a4c622a3d35abcdf3856f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 15 Nov 2022 00:04:39 GMT x-amz-version-id ySWwCx0JAWr7Wl_PQ6L7IyfnwyO51sYy content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 111773 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 14 Nov 2022 23:58:32 GMT server nginx etag W/"a86e306b6edb57764e822dd45f47d3df" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id WBZFCp5p7K2F9tqI0LCVWVlpeTEBfskeF7QLg589GMsyrh0q07iFMg==
GET H2	200	17.80feaecc.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	39 KB 13 KB	46ms 37ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/17.80feaecc.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 61b285d0e2b54949a3d3ec58d59459431bac7e12b528f8e8de8377f64a2928ad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 15 Nov 2022 00:04:39 GMT x-amz-version-id cCM_h1WNyn5AwdQIdMhIR5fkx9LDVl7j content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 111773 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 14 Nov 2022 23:58:32 GMT server nginx etag W/"946116ade8bfdb5c1112455ac5df6a98" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 94NZroSdNZNUsyIB2Kn-TysxnTb380a0sqB5MALQhc4J-4oTDRVD0w==
GET H2	200	49.b6336d11.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	23 KB 8 KB	46ms 37ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 1cb2a3ed712d8fcfa64505237ae54ffe9f2f5d293f371f40871d830891568b88 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:00:24 GMT x-amz-version-id tFkawZ7Fd.jveKk2Q_grwX_qW9zyzYsf content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 2822828 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 14 Oct 2022 14:29:30 GMT server nginx etag W/"8004ba5ba9fc99e5c559490658a3863f" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id oXRQ9-qb-KhpZGToR27Jp2uaML4ZRwfalyb1qNoj5IagnN2c5cc-jQ==
GET H2	200	33.ae4de0a0.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	36 KB 10 KB	47ms 38ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/33.ae4de0a0.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:00:24 GMT x-amz-version-id HixqumxK82A.kHDuHBPfmn6VAN6aPH4h content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 2822828 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 14 Oct 2022 14:29:30 GMT server nginx etag W/"db0cd5b66c52523e10b87a0c8a2db182" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id -nUwBGykKRDckiQKT84bbUAzCVTrbwQObIPt-0g_QngFwPYGwa9lNQ==
GET H2	200	23.60057654.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	32 KB 11 KB	48ms 39ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/23.60057654.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 489eb2769765657c9325f65117f5c7b87ffc4eab547622608c12c8f6fd60df1b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:00:24 GMT x-amz-version-id A.jwRfFHKkUyhAxHnaTtscpVGcKmzGah content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 2822828 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 14 Oct 2022 14:29:29 GMT server nginx etag W/"0e963aeeee70e63f5078955e6db860f3" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id AXQ8dcvUh6uKudKyxwvjpeX0iDIdllN-yM1J9CzWKc443eZW72Ti0Q==
GET H2	200	18.2ab31195.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	17 KB 5 KB	48ms 40ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/18.2ab31195.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash a0da3cdc4c400e5e5030c733b68bff8fddc8c4c82c2432330fa8cb858b16bd85 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 29 Oct 2022 01:24:42 GMT x-amz-version-id j4jJT.0DNiEfhPFz6.1hx2AtFTUpNBZz content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1575770 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 28 Oct 2022 15:57:20 GMT server nginx etag W/"09e4a870348ecb960c5807c49bbf0c16" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id qKt2XgZVflkMbpxdCZUjm1ETwbLFbJqRcQ_DE5IlE7khyxuNzLIzfw==
GET H2	200	40.5fa801cd.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	25 KB 8 KB	49ms 41ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/40.5fa801cd.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 759a08226cc8d5a5a89c64b7f814457ee6191384f30e4dc9cd123aaf279003fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sun, 30 Oct 2022 00:24:39 GMT x-amz-version-id ZGtJfEWa_xLDh.3_Sm0.6L8ahZc2GhtT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1492973 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 28 Oct 2022 15:57:21 GMT server nginx etag W/"e7d37d5ffc01767c10d8677c65ead60b" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Wcbju05NaqE7KxmiY3yF5wXJ_2lT5LWAtFUbwDG7a6BzPY67uqfdeQ==
GET H2	200	20.8c21ea18.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	74 KB 23 KB	49ms 41ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 06 Jul 2022 11:53:35 GMT x-amz-version-id DvU1VknvadEMM0li2kjSs2rGEgsC.2zC content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 11474037 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 01 Jul 2022 20:20:56 GMT server nginx etag W/"6d77a76055d81227033363af2f18caf8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id s18RW134EPF3_tWUqkAi44TpTDcy-jlOiL_Vra9XSBkGTuRCVhkn9A==
GET H2	200	25.8f107198.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	59 KB 19 KB	50ms 42ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/25.8f107198.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 27 Jun 2022 07:26:46 GMT x-amz-version-id eI68DKvvjxiDbX_K1dX4xe2PNV6BS0F2 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 12267646 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 17 Jun 2022 14:39:27 GMT server nginx etag W/"e2511c69e5bdc03467952abaccdb5383" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id e7thsUDLsge1vNhJfyh_mGkvh5XSaeF5FSar0HeZ8G6NeLSRElZInw==
GET H2	200	13.3e86f1f6.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	91 KB 28 KB	51ms 43ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 27 Jun 2022 07:26:46 GMT x-amz-version-id 2rH9Vw5zwyFjPSSMs.YwDeMiE5sBqg4r content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 12267646 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 17 Jun 2022 14:39:26 GMT server nginx etag W/"fdee1a560ca08e3d3702e14d8f1f0b82" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id JUHSep0a9mbP8wFUhlLPdPnavleAj_QeqV5uYN1ZryKW3UvHJQbTMA==
GET H2	200	11.639238ba.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	23 KB 7 KB	53ms 46ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/11.639238ba.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sun, 18 Sep 2022 01:32:02 GMT x-amz-version-id 41Rj_7QKP59w2WnODlMWAa6QFTo_5uBY content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 5117730 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 16 Sep 2022 16:12:57 GMT server nginx etag W/"4049f38c00add1738dc4806148ff8829" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id whmqXHy2nEE4IAZVgWwRopJVCbu4AR81AkDoOHWP-8oI3aNgcxuZ8g==
GET H2	200	16.fde6fa28.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	62 KB 20 KB	54ms 47ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 30 Aug 2022 01:42:02 GMT x-amz-version-id 4419YFPoRA1JyzCepHPPe9MgW2odb2j5 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 6758729 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 25 Aug 2022 21:13:15 GMT server nginx etag W/"90795af8c950a50300cf801b300db7ab" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id r713PtvCeLowl-LmcWjg7kkhc2FYjUHaRxyBe1HpvN5Uysx2XslcBQ==
GET H2	200	47.9d4808ed.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	105 KB 34 KB	56ms 50ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/47.9d4808ed.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 20997bd3984886e845f5a5e0d036f9808a5e30051f219705ef4e6ef1ef1b0f55 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 01 Nov 2022 03:29:14 GMT x-amz-version-id 5.qlQZugXZmIeUzMQ5iuiZuCWncn2USj content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1309098 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 31 Oct 2022 16:19:37 GMT server nginx etag W/"dfc66008c702c40fea0587f735010013" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id KNKg3STpasd3FJww9ZC9yesx9naujyUqAALo6AdEsRPP9ywyRZXfLQ==
GET H2	200	38.5941b51c.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	12 KB 4 KB	58ms 51ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/38.5941b51c.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 62eb2106959f57e67d6a5209dc51af437b7b61a4256fd93b1a822e4d606ef9ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 02:07:00 GMT x-amz-version-id d8TIPZmWDWO9Yh1PxV831Dnon8d0661F content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1054832 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 04 Nov 2022 00:27:55 GMT server nginx etag W/"aa24724b97a516c589a05bc577d15db9" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id qZHhFPXg2D7OEhtoEhtB9IwLvdlPngZyXIkvhe_NOWUQ7JoPuxHVaQ==
GET H2	200	28.190877b8.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	13 KB 6 KB	58ms 52ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/28.190877b8.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 01:21:41 GMT x-amz-version-id XNe27IyH0CuVErKbmWDfSMo019HBMs8f content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1057551 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 04 Nov 2022 00:27:54 GMT server nginx etag W/"94c7e7cb2f40e10abeee8e28c0f68eb7" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id L2_y0oVIPo2FwfchReilrzmb-z1cdH1hqeXKYsd5umybs5CJVB7pgQ==
GET H2	200	21.b8c41db9.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	17 KB 7 KB	59ms 53ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 27 Oct 2022 05:08:55 GMT x-amz-version-id EYZ7uhLGB_IusLdu9MjAoVbxz3x8SiAp content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1735117 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 26 Oct 2022 23:22:49 GMT server nginx etag W/"65e5c965272e021ae33ff8bc39565ef5" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id iIw_MObI8lrXXrMVBpzfJIenKzHdylVsmDMWwN7sR4Q5AgjezIeHKA==
GET H2	200	9.7980313a.chunk.css js.driftt.com/core/assets/css/ Frame 373D	14 KB 3 KB	41ms 36ms	Stylesheet text/css	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/9.7980313a.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 146b085fcb240a04c301d265173b47e2794d3fd86c26ccb986ca01095fe8f847 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 30 Sep 2022 08:00:43 GMT x-amz-version-id pYz13ynN1RmHsYVNLJx0AFxc0UfReNe_ content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 4057609 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 29 Sep 2022 20:45:23 GMT server nginx etag W/"97ab5d7bf24ef1c4f1e14801b9a510ed" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 9GB3Lda0Ex0OsOKmdA7oQ9ulylUo6_mHNMULp2Da0G5Jh7XDqYQI9w==
GET H2	200	9.cc859315.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	78 KB 25 KB	59ms 53ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/9.cc859315.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash d8bda1b0af6b698fff3f612170c79a39e2fb3ed9c4d5acd8edb34c24b746d4d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 20:02:03 GMT x-amz-version-id DbHa5NGznlWoo7NhUiJ3GTlZi3VjXZvj content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 126329 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 14 Nov 2022 19:29:21 GMT server nginx etag W/"eae19071cebafe967627e045c973da82" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id GCQMCjRM7V2wn33pbbemYKYg0cOnlfemyJLonH5tb_5NedspWa3jrA==
GET H2	200	15.22abfce0.chunk.css js.driftt.com/core/assets/css/ Frame 373D	24 B 667 B	42ms 36ms	Stylesheet text/css	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 03 Oct 2022 11:02:35 GMT x-amz-version-id 4HaliywZLTbWidTr9jxerhwMhVKcNAWE via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA56-P5 age 3787497 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 24 last-modified Wed, 08 Jun 2022 17:19:34 GMT server nginx etag "0c5dad92482d9a7c7c253510f5082465" access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id eaV9wCEmsL16AXjWktmEXlddnAafXZfUfgugV8YyeD3dsgy8idCFXQ==
GET H2	200	15.6bdacb6c.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	82 KB 21 KB	59ms 54ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/15.6bdacb6c.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash e062929f824821658cccc9ed57ad5fa184d4bd35691565be09d8701530046d24 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 20:02:03 GMT x-amz-version-id 4ECyK_L7Yd8JnonguQEgB1Ucy9o2b9KG content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 126329 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 14 Nov 2022 19:29:18 GMT server nginx etag W/"8c943a6c9d92434fdbe5ee9bfc2d54a5" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id MaMdPUBPslZvPazrKLIo6bxsY0t5AORygNXL8dPbgUoc5UV_s928EQ==
GET H2	200	24.721cb0e2.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	49 KB 13 KB	60ms 55ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/24.721cb0e2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 9b3b61d4115b7a54323c83d2d497c5466be0909a1e2a4c622a3d35abcdf3856f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 15 Nov 2022 00:04:39 GMT x-amz-version-id ySWwCx0JAWr7Wl_PQ6L7IyfnwyO51sYy content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 111773 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 14 Nov 2022 23:58:32 GMT server nginx etag W/"a86e306b6edb57764e822dd45f47d3df" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id lloySCEUD2BGfDv8g-LEYAcuuNLZ5FOBZTYVn-AS0jekqHfn0_OwXw==
GET H2	200	17.80feaecc.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	39 KB 13 KB	61ms 57ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/17.80feaecc.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 61b285d0e2b54949a3d3ec58d59459431bac7e12b528f8e8de8377f64a2928ad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 15 Nov 2022 00:04:39 GMT x-amz-version-id cCM_h1WNyn5AwdQIdMhIR5fkx9LDVl7j content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 111773 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 14 Nov 2022 23:58:32 GMT server nginx etag W/"946116ade8bfdb5c1112455ac5df6a98" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Mc6Dveci4GovjU01vVHfoDG2Kco7VcO0nc2eC8us3HYSD0BAyz5MSg==
GET H2	200	35.11d2b6a7.chunk.css js.driftt.com/core/assets/css/ Frame 6FDD	3 KB 1 KB	8ms 8ms	Stylesheet text/css	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/35.11d2b6a7.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 03 Nov 2022 01:01:28 GMT x-amz-version-id qsoPY7qY.tFlw1iANXIl3P5I7WdRk.n7 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1145164 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 01 Nov 2022 17:39:35 GMT server nginx etag W/"87532c4db85f1429fa6d759bc3332f36" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id JGRC5ualJcWqHUxXsRKWNmrIF2Cmw2qZNK8sPd07PME0aqgnfD-F8w==
GET H2	200	35.438351b2.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	3 KB 2 KB	9ms 9ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/35.438351b2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash d3c4b1d1abee7af1529758460c464a8721f281dfc899159dc36f521534d53fc6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sun, 30 Oct 2022 00:39:09 GMT x-amz-version-id xVEA6.mBYLNccsk04bE2Abd9MjoHoh38 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1492103 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 28 Oct 2022 15:57:21 GMT server nginx etag W/"6d42b26d199471df6876d34dd3714424" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id ZObLmM-ksyUwcQLeaH7hmrOifBayzNMUINb-tfxUX6qpI4hD5u157A==
GET H2	200	0.0b2ebd4a.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	9 KB 3 KB	9ms 7ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 06 Sep 2022 00:41:02 GMT x-amz-version-id E.Le1HHD6dXp1z9JLSdA8U2RMDD.dyV2 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 6157590 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 01 Sep 2022 13:18:43 GMT server nginx etag W/"c5efcdc9e465604f32cf24af10fd6c13" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Kly9FWdBA0oOek9H6G4x1X0XQbvsTGgpBaVuj0YslvDq09zrcO0Jqg==
GET H2	200	26.2d4cdbd1.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	34 KB 10 KB	9ms 7ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/26.2d4cdbd1.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 10 Oct 2022 09:56:45 GMT x-amz-version-id JuVNKY1uQxqC7oXb2J_bVtt2v4y2Pl_2 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 3186647 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 07 Oct 2022 18:34:45 GMT server nginx etag W/"c55d27c90bd5affbf7c7047151ac3b6a" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id FnzMVjuxKF-Wk8Glm09WFb2A95z0etzRu6AGUp3e0KUH84ACR7rSrA==
GET H2	200	27.9bf46b67.chunk.css js.driftt.com/core/assets/css/ Frame 373D	8 KB 2 KB	9ms 7ms	Stylesheet text/css	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/27.9bf46b67.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 30 Aug 2022 01:42:04 GMT x-amz-version-id o6Mn8iWshgmcy2o5f_hocRiRC01jfiMI content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 6758728 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 25 Aug 2022 21:13:13 GMT server nginx etag W/"4f21faf2ba450e5fcdf7eda90813e185" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id B05hYQOYtuOsTxV794GQ6dbsLuq9jMZ7oO2s1UUdXMYsc8dDESMIhw==
GET H2	200	27.7659dd6f.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	14 KB 6 KB	10ms 9ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/27.7659dd6f.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 08d58eea55ad5fe4d16a05e54bf4d5a6c7039ded3276585ed2c8d0d6e4e3118a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 15:39:10 GMT x-amz-version-id K9i7o4s1sMuY5Mge2dc4_5UfBKvGpyZH content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1006102 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 04 Nov 2022 15:28:39 GMT server nginx etag W/"d7b61d1b01a22d82018c40d322ce7053" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id yGve8Pj85ptM_bm1Utoeyl95QKQy-OLMTS9wjkLFYdDl55Oy4AQ1fg==
GET H2	200	19.c695453b.chunk.css js.driftt.com/core/assets/css/ Frame 373D	365 B 1007 B	9ms 8ms	Stylesheet text/css	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/19.c695453b.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 01 Nov 2022 03:29:14 GMT x-amz-version-id y7iWOn0R1U7aQ4DsTKf7rZV8hg.t2xRd via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA56-P5 age 1309098 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 365 last-modified Mon, 31 Oct 2022 16:19:34 GMT server nginx etag "06b2963b029c0824382815165bfea73e" access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id AYnghVxVe6fYMpYwaHaNzt6Cy_ITfsAfZ5XDwEGcezcRd89C360mwQ==
GET H2	200	19.390436cb.chunk.js Show response js.driftt.com/core/assets/js/ Frame 373D	91 KB 26 KB	10ms 9ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/19.390436cb.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 14b1387a04f18b3807a637d7b856207b0a7188e9fff311474dd2b8ce486a28c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=iu3bua46tv44&eId=iu3bua46tv44&region=US&forceShow=false&skipCampaigns=false&sessionId=3bc62809-426a-4955-b6bb-a35ea8d28f1c&sessionStarted=1668582451.988&campaignRefreshToken=d87bee97-8439-401c-baed-0e0e8e3dbc31&hideController=false&pageLoadStartTime=1668582449552&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 20:02:04 GMT x-amz-version-id pi85TMGSx5c201S__pgE17eXzrOfbC7T content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 126328 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 14 Nov 2022 19:29:19 GMT server nginx etag W/"e769e6a1f3a8bd1b184c977ffa6e3e9a" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id zvhqYLxKS51L-yBFnci6SIzLzKC3l4UJ0ZRxhGnGnwwhNw2IDyWILg==
GET H2	200	0.0b2ebd4a.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	9 KB 3 KB	14ms 10ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 06 Sep 2022 00:41:02 GMT x-amz-version-id E.Le1HHD6dXp1z9JLSdA8U2RMDD.dyV2 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 6157590 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 01 Sep 2022 13:18:43 GMT server nginx etag W/"c5efcdc9e465604f32cf24af10fd6c13" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id _4pmr4FkczI3DctsYlTFTfHmDmV5FJlcG8zEZWPEmWn9MbfXGSAs6Q==
GET H2	200	3.07aa08a5.chunk.css js.driftt.com/core/assets/css/ Frame 6FDD	7 KB 2 KB	11ms 7ms	Stylesheet text/css	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 18 Oct 2022 08:31:03 GMT x-amz-version-id xMSMnV9tWwYbYK5vcAWtWMQdbuElelpe content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 2500589 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 17 Oct 2022 19:19:17 GMT server nginx etag W/"189aeffd571884559dababa22c66d75a" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Myq-_hvPwMyiiMwtH2yTUZqyfSHX5mg10cjmDuWO8mXRvfeq-vf9SA==
GET H2	200	3.f50b964b.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	54 KB 15 KB	14ms 11ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 27 Oct 2022 01:16:23 GMT x-amz-version-id k62GB09BT0igkSmfE6Ijm4pRrmboxEaf content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1749069 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 26 Oct 2022 23:22:49 GMT server nginx etag W/"1ac37bf2b93050f29058b66a9ad43e10" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id dtw2q5glkTp98sQOjqlPaXaPzhYVGJGr3lkKjQ753FfbMyYUKkIQZA==
GET H2	200	1.fbdab3a3.chunk.css js.driftt.com/core/assets/css/ Frame 6FDD	43 KB 7 KB	10ms 8ms	Stylesheet text/css	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/1.fbdab3a3.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash b22a1ebdf9aecea6f73860db0e9d184d96d28d85196efd42cfae5d8d0f103571 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 17:43:15 GMT x-amz-version-id 9uUmxdQgGw3P_n0CkITQMBgU8ZLNWJXU content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 998657 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 04 Nov 2022 15:44:30 GMT server nginx etag W/"6eae9d8917505f7858dc56cf0731728a" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id klX385FPyRg-1CfZzmjGmSxdfPmi8E7Er-sRAXfOtrLOsRttkxNQUQ==
GET H2	200	1.850e66da.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	73 KB 25 KB	13ms 12ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/1.850e66da.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 721c262f4a94e7285dc57669e73dfcc1da0b33608e9d4815f4a061ae3dd98754 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 15:39:10 GMT x-amz-version-id Y3ZhhRYltwWjTI8W3oU7gUPsiebH8sGz content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1006102 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 04 Nov 2022 15:28:38 GMT server nginx etag W/"3598824ae2c8be769415b4f4aeaa0a4a" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id VosyJZ3uGTFQkFEh42UEaT2Y-u973A6sCq2vAKHHCTjs6fZAJ9GGTw==
GET H2	200	32.a3318c5e.chunk.css js.driftt.com/core/assets/css/ Frame 6FDD	14 KB 3 KB	11ms 9ms	Stylesheet text/css	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/32.a3318c5e.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 21 Sep 2022 13:41:58 GMT x-amz-version-id Tq0yzJUum5RyM1Vf648gx8d4gVPONjH2 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 4814733 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 21 Sep 2022 13:23:51 GMT server nginx etag W/"b06e02b360914b25e58305b1b9b954dc" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id TL672wQGUqZ78_k_w2X4XNppik36cId4ABpG5WYO5sFamShDiWqWiw==
GET H2	200	32.02c90ef9.chunk.js Show response js.driftt.com/core/assets/js/ Frame 6FDD	12 KB 5 KB	14ms 12ms	Script application/javascript	18.66.112.39
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/32.02c90ef9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.2b2e8dac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.39 , United States, ASN (), Reverse DNS server-18-66-112-39.fra56.r.cloudfront.net Software nginx / Resource Hash 968aa77906b12777060a2d8c5794c27a2642ae106bda2363c9a868749d83bc6f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1668582449552 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 20:02:04 GMT x-amz-version-id vskaoU6oW1dARdkYPWcbY4P9fXvvzxt_ content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 126328 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 14 Nov 2022 19:29:19 GMT server nginx etag W/"6e002280f8027b708a93eadf26041ce7" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id VMB0-4J5h-4mHk2ih93NlkPdWDzG298_xgJcqnn1VbI5pmiIlXRFyg==
POST H2	200	ping Show response bootstrap.api.drift.com/widget_bootstrap/ Frame 373D	147 B 245 B	97ms 97ms	XHR application/json	50.16.7.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bootstrap.api.drift.com/widget_bootstrap/ping Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-7-188.compute-1.amazonaws.com Software istio-envoy / Resource Hash d00c7f38c7dceaf454fadd16d59fd550808cbea824993d87a6407ba16e28cf1d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type application/json Response headers date Wed, 16 Nov 2022 07:07:32 GMT strict-transport-security max-age=31536000; includeSubDomains server istio-envoy requestid 89a87865bac5dfd2 access-control-max-age 1209600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info vary Accept-Encoding access-control-allow-credentials true x-envoy-upstream-service-time 3 access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 147
OPTIONS H2	200	ping bootstrap.api.drift.com/widget_bootstrap/ Frame	0 0	319ms 96ms	Preflight text/plain	50.16.7.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bootstrap.api.drift.com/widget_bootstrap/ping Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-7-188.compute-1.amazonaws.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://js.driftt.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info access-control-max-age 1209600 allow POST,OPTIONS content-length 13 content-type text/plain date Wed, 16 Nov 2022 07:07:32 GMT requestid drift44fd6114573938b53d1f32dc68d server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-envoy-upstream-service-time 1
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 494 B	187ms 186ms	Image image/gif	96.16.137.162 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4f8940777f901846f0ca8e9c86cb925a&svisitor=null&visitor=880387f9-f05d-40bf-813a-873f6e3df620&session=5aade652-351f-45c7-81d7-3e17f39b1e36&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2016%20Nov%202022%2007%3A07%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2016%20Nov%202022%2007%3A07%3A30%20GMT%22%2C%22timeSpent%22%3A%222365%22%2C%22totalTimeSpent%22%3A%222365%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Gigamon%22%7D&cb=&r=http%3A%2F%2Fmkto-m0027.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware&pageViewId=53cd2058-0197-4b31-87bf-65ba3b21930c&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-137-162.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:32 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu) etag "60bb2e15-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	186ms 186ms	Image image/gif	96.16.137.162 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4f8940777f901846f0ca8e9c86cb925a&svisitor=null&visitor=880387f9-f05d-40bf-813a-873f6e3df620&session=5aade652-351f-45c7-81d7-3e17f39b1e36&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2016%20Nov%202022%2007%3A07%3A33%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2016%20Nov%202022%2007%3A07%3A32%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%223370%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Gigamon%22%7D&cb=&r=http%3A%2F%2Fmkto-m0027.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware&pageViewId=53cd2058-0197-4b31-87bf-65ba3b21930c&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-137-162.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:33 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	187ms 187ms	Image image/gif	96.16.137.162 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4f8940777f901846f0ca8e9c86cb925a&svisitor=null&visitor=880387f9-f05d-40bf-813a-873f6e3df620&session=5aade652-351f-45c7-81d7-3e17f39b1e36&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2016%20Nov%202022%2007%3A07%3A34%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2016%20Nov%202022%2007%3A07%3A33%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%224373%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Gigamon%22%7D&cb=&r=http%3A%2F%2Fmkto-m0027.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware&pageViewId=53cd2058-0197-4b31-87bf-65ba3b21930c&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-137-162.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:34 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
POST H2	200	bulk Show response metrics.api.drift.com/monitoring/metrics/event2/ Frame 373D	25 B 112 B	106ms 106ms	XHR application/json	50.16.7.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/event2/bulk Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-7-188.compute-1.amazonaws.com Software istio-envoy / Resource Hash f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ accept-language de-DE,de;q=0.9 Authorization User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type application/json Response headers date Wed, 16 Nov 2022 07:07:35 GMT strict-transport-security max-age=31536000; includeSubDomains server istio-envoy requestid 1071cb765293304a access-control-max-age 1209600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info vary Accept-Encoding access-control-allow-credentials true x-envoy-upstream-service-time 11 access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 25
OPTIONS H2	200	bulk metrics.api.drift.com/monitoring/metrics/event2/ Frame	0 0	94ms 93ms	Preflight text/plain	50.16.7.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/event2/bulk Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-7-188.compute-1.amazonaws.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://js.driftt.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info access-control-max-age 1209600 allow POST,OPTIONS content-length 13 content-type text/plain date Wed, 16 Nov 2022 07:07:34 GMT requestid driftdf3b08140c781e3b9aa45588edc server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-envoy-upstream-service-time 1
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	186ms 186ms	Image image/gif	96.16.137.162 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=4f8940777f901846f0ca8e9c86cb925a&svisitor=null&visitor=880387f9-f05d-40bf-813a-873f6e3df620&session=5aade652-351f-45c7-81d7-3e17f39b1e36&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2016%20Nov%202022%2007%3A07%3A35%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2016%20Nov%202022%2007%3A07%3A34%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225374%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Gigamon%22%7D&cb=&r=http%3A%2F%2Fmkto-m0027.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgo.gigamon.com%2Fpreference-center.html%3Futm_source%3DRansomware%26utm_medium%3Demail%26utm_campaign%3DRansomware4%26utm_content%3DNurture%26utm_term%3DRansomware&pageViewId=53cd2058-0197-4b31-87bf-65ba3b21930c&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-137-162.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.gigamon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 07:07:35 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.gigamon.com

URL

http://www.gigamon.com/marketo/js/stateCountryPlusAustralia.js